Re: [PATCH 05/12] xfs: make xfs_buf_read_map return an error code

Dave Chinner <david@xxxxxxxxxxxxx> · Fri, 24 Jan 2020 12:31:52 +1100

On Wed, Jan 22, 2020 at 11:42:22PM -0800, Darrick J. Wong wrote:
> From: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
> 
> Convert xfs_buf_read_map() to return numeric error codes like most
> everywhere else in xfs.  This involves moving the open-coded logic that
> reports metadata IO read / corruption errors and stales the buffer into
> xfs_buf_read_map so that the logic is all in one place.
> 
> Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
.....

> diff --git a/fs/xfs/xfs_trans_buf.c b/fs/xfs/xfs_trans_buf.c
> index b5b3a78ef31c..56e7f8126cd7 100644
> --- a/fs/xfs/xfs_trans_buf.c
> +++ b/fs/xfs/xfs_trans_buf.c
> @@ -298,36 +298,17 @@ xfs_trans_read_buf_map(
>  		return 0;
>  	}
>  
> -	bp = xfs_buf_read_map(target, map, nmaps, flags, ops);
> -	if (!bp) {
> -		if (!(flags & XBF_TRYLOCK))
> -			return -ENOMEM;
> -		return tp ? 0 : -EAGAIN;
> -	}
> -
> -	/*
> -	 * If we've had a read error, then the contents of the buffer are
> -	 * invalid and should not be used. To ensure that a followup read tries
> -	 * to pull the buffer from disk again, we clear the XBF_DONE flag and
> -	 * mark the buffer stale. This ensures that anyone who has a current
> -	 * reference to the buffer will interpret it's contents correctly and
> -	 * future cache lookups will also treat it as an empty, uninitialised
> -	 * buffer.
> -	 */
> -	if (bp->b_error) {
> -		error = bp->b_error;
> -		if (!XFS_FORCED_SHUTDOWN(mp))
> -			xfs_buf_ioerror_alert(bp, __func__);
> -		bp->b_flags &= ~XBF_DONE;
> -		xfs_buf_stale(bp);
> -
> +	error = xfs_buf_read_map(target, map, nmaps, flags, &bp, ops);
> +	switch (error) {
> +	case 0:
> +		break;
> +	case -EFSCORRUPTED:
> +	case -EIO:
>  		if (tp && (tp->t_flags & XFS_TRANS_DIRTY))
> -			xfs_force_shutdown(tp->t_mountp, SHUTDOWN_META_IO_ERROR);
> -		xfs_buf_relse(bp);
> -
> -		/* bad CRC means corrupted metadata */
> -		if (error == -EFSBADCRC)
> -			error = -EFSCORRUPTED;
> +			xfs_force_shutdown(tp->t_mountp,
> +					SHUTDOWN_META_IO_ERROR);
> +		/* fall through */
> +	default:
>  		return error;
>  	}

Same question as Christoph - we're only trying to avoid ENOMEM and
EAGAIN errors from shutting down the filesystem here, right?
Every other type of IO error that could end up on bp->b_error would
result in a shutdown, so perhaps this should be the other way
around:

	switch (error) {
	case 0:
		break;
	default:
		/* shutdown stuff */
		/* fall through */
	case -ENOMEM:
	case -EAGAIN:
		return error;
	}

Cheers,

Dave.
-- 
Dave Chinner
david@xxxxxxxxxxxxx