www.infradead.org Git - users/dwmw2/linux.git/commit

author	Darrick J. Wong <djwong@kernel.org>
	Fri, 29 Jul 2022 16:16:05 +0000 (18:16 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 3 Aug 2022 10:00:51 +0000 (12:00 +0200)
commit	d8f5bb0a09b7fbb8604c945d4a1444bcd769cf51
tree	77ff19b6315f3d8026e2e1d80c015bdde7023403	tree
parent	eccacbcbfd709c201b2ab56309de1d4a51f36c43	commit \| diff

xfs: force the log offline when log intent item recovery fails

commit 4e6b8270c820c8c57a73f869799a0af2b56eff3e upstream.

If any part of log intent item recovery fails, we should shut down the
log immediately to stop the log from writing a clean unmount record to
disk, because the metadata is not consistent. The inability to cancel a
dirty transaction catches most of these cases, but there are a few
things that have slipped through the cracks, such as ENOSPC from a
transaction allocation, or runtime errors that result in cancellation of
a non-dirty transaction.

This solves some weird behaviors reported by customers where a system
goes down, the first mount fails, the second succeeds, but then the fs
goes down later because of inconsistent metadata.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Acked-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/xfs/xfs_log.c		diff \| blob \| history
fs/xfs/xfs_log_recover.c		diff \| blob \| history