git.baikalelectronics.ru Git - kernel.git/commit

author	Filipe Manana <fdmanana@suse.com>
	Tue, 10 Jan 2023 14:56:37 +0000 (14:56 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 24 Jan 2023 06:24:36 +0000 (07:24 +0100)
commit	1e65dea3f090a6236d70357fb90a55d01a12b57f
tree	c9841cbb462b0f87ba153ed0d0010d400fff2535	tree \| snapshot
parent	52eaf6f3b5f715e9ffbb9949e0eab79f702f62ae	commit \| diff

btrfs: do not abort transaction on failure to write log tree when syncing log

commit 16199ad9eb6db60a6b10794a09fc1ac6d09312ff upstream.

When syncing the log, if we fail to write log tree extent buffers, we mark
the log for a full commit and abort the transaction. However we don't need
to abort the transaction, all we really need to do is to make sure no one
can commit a superblock pointing to new log tree roots. Just because we
got a failure writing extent buffers for a log tree, it does not mean we
will also fail to do a transaction commit.

One particular case is if due to a bug somewhere, when writing log tree
extent buffers, the tree checker detects some corruption and the writeout
fails because of that. Aborting the transaction can be very disruptive for
a user, specially if the issue happened on a root filesystem. One example
is the scenario in the Link tag below, where an isolated corruption on log
tree leaves was causing transaction aborts when syncing the log.

Link: https://lore.kernel.org/linux-btrfs/ae169fc6-f504-28f0-a098-6fa6a4dfb612@leemhuis.info/
CC: stable@vger.kernel.org # 5.15+
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/btrfs/disk-io.c		diff \| blob \| history
fs/btrfs/tree-log.c		diff \| blob \| history