jbd: ordered data integrity fix
authorHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
Sun, 19 Oct 2008 03:27:58 +0000 (20:27 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Mon, 20 Oct 2008 15:52:37 +0000 (08:52 -0700)
In ordered mode, if a file data buffer being dirtied exists in the
committing transaction, we write the buffer to the disk, move it from the
committing transaction to the running transaction, then dirty it.  But we
don't have to remove the buffer from the committing transaction when the
buffer couldn't be written out, otherwise it would miss the error and the
committing transaction would not abort.

This patch adds an error check before removing the buffer from the
committing transaction.

Signed-off-by: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
Acked-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/jbd/transaction.c

index 0540ca27a4464060e9c230095f664cd9937b21a1..d15cd6e7251ee03347f25f14f53e371ff7936d09 100644 (file)
@@ -954,9 +954,10 @@ int journal_dirty_data(handle_t *handle, struct buffer_head *bh)
        journal_t *journal = handle->h_transaction->t_journal;
        int need_brelse = 0;
        struct journal_head *jh;
+       int ret = 0;
 
        if (is_handle_aborted(handle))
-               return 0;
+               return ret;
 
        jh = journal_add_journal_head(bh);
        JBUFFER_TRACE(jh, "entry");
@@ -1067,7 +1068,16 @@ int journal_dirty_data(handle_t *handle, struct buffer_head *bh)
                                   time if it is redirtied */
                        }
 
-                       /* journal_clean_data_list() may have got there first */
+                       /*
+                        * We cannot remove the buffer with io error from the
+                        * committing transaction, because otherwise it would
+                        * miss the error and the commit would not abort.
+                        */
+                       if (unlikely(!buffer_uptodate(bh))) {
+                               ret = -EIO;
+                               goto no_journal;
+                       }
+
                        if (jh->b_transaction != NULL) {
                                JBUFFER_TRACE(jh, "unfile from commit");
                                __journal_temp_unlink_buffer(jh);
@@ -1108,7 +1118,7 @@ no_journal:
        }
        JBUFFER_TRACE(jh, "exit");
        journal_put_journal_head(jh);
-       return 0;
+       return ret;
 }
 
 /**