1 // SPDX-License-Identifier: GPL-2.0
2
3 #include "fs.h"
4 #include "messages.h"
5 #include "discard.h"
6 #include "super.h"
7
8 #ifdef CONFIG_PRINTK
9
10 #define STATE_STRING_PREFACE " state "
11 #define STATE_STRING_BUF_LEN (sizeof(STATE_STRING_PREFACE) + BTRFS_FS_STATE_COUNT + 1)
12
13 /*
14 * Characters to print to indicate error conditions or uncommon filesystem state.
15 * RO is not an error.
16 */
17 static const char fs_state_chars[] = {
18 [BTRFS_FS_STATE_REMOUNTING] = 'M',
19 [BTRFS_FS_STATE_RO] = 0,
20 [BTRFS_FS_STATE_TRANS_ABORTED] = 'A',
21 [BTRFS_FS_STATE_LOG_REPLAY_ABORTED] = 'O',
22 [BTRFS_FS_STATE_DEV_REPLACING] = 'R',
23 [BTRFS_FS_STATE_DUMMY_FS_INFO] = 0,
24 [BTRFS_FS_STATE_NO_DATA_CSUMS] = 'C',
25 [BTRFS_FS_STATE_SKIP_META_CSUMS] = 'S',
26 [BTRFS_FS_STATE_LOG_CLEANUP_ERROR] = 'L',
27 [BTRFS_FS_STATE_EMERGENCY_SHUTDOWN] = 'E',
28 };
29
btrfs_state_to_string(const struct btrfs_fs_info * info,char * buf)30 static void btrfs_state_to_string(const struct btrfs_fs_info *info, char *buf)
31 {
32 unsigned int bit;
33 bool states_printed = false;
34 unsigned long fs_state = READ_ONCE(info->fs_state);
35 char *curr = buf;
36
37 memcpy(curr, STATE_STRING_PREFACE, sizeof(STATE_STRING_PREFACE));
38 curr += sizeof(STATE_STRING_PREFACE) - 1;
39
40 if (BTRFS_FS_ERROR(info)) {
41 *curr++ = 'E';
42 states_printed = true;
43 }
44
45 for_each_set_bit(bit, &fs_state, sizeof(fs_state)) {
46 WARN_ON_ONCE(bit >= BTRFS_FS_STATE_COUNT);
47 if ((bit < BTRFS_FS_STATE_COUNT) && fs_state_chars[bit]) {
48 *curr++ = fs_state_chars[bit];
49 states_printed = true;
50 }
51 }
52
53 /* If no states were printed, reset the buffer */
54 if (!states_printed)
55 curr = buf;
56
57 *curr++ = 0;
58 }
59 #endif
60
61 /*
62 * Generally the error codes correspond to their respective errors, but there
63 * are a few special cases.
64 *
65 * EUCLEAN: Any sort of corruption that we encounter. The tree-checker for
66 * instance will return EUCLEAN if any of the blocks are corrupted in
67 * a way that is problematic. We want to reserve EUCLEAN for these
68 * sort of corruptions.
69 *
70 * EROFS: If we check BTRFS_FS_STATE_ERROR and fail out with a return error, we
71 * need to use EROFS for this case. We will have no idea of the
72 * original failure, that will have been reported at the time we tripped
73 * over the error. Each subsequent error that doesn't have any context
74 * of the original error should use EROFS when handling BTRFS_FS_STATE_ERROR.
75 */
btrfs_decode_error(int error)76 const char * __attribute_const__ btrfs_decode_error(int error)
77 {
78 char *errstr = "unknown";
79
80 switch (error) {
81 case -ENOENT: /* -2 */
82 errstr = "No such entry";
83 break;
84 case -EIO: /* -5 */
85 errstr = "IO failure";
86 break;
87 case -ENOMEM: /* -12*/
88 errstr = "Out of memory";
89 break;
90 case -EEXIST: /* -17 */
91 errstr = "Object already exists";
92 break;
93 case -ENOSPC: /* -28 */
94 errstr = "No space left";
95 break;
96 case -EROFS: /* -30 */
97 errstr = "Readonly filesystem";
98 break;
99 case -EOPNOTSUPP: /* -95 */
100 errstr = "Operation not supported";
101 break;
102 case -EUCLEAN: /* -117 */
103 errstr = "Filesystem corrupted";
104 break;
105 case -EDQUOT: /* -122 */
106 errstr = "Quota exceeded";
107 break;
108 }
109
110 return errstr;
111 }
112
113 /*
114 * Decodes expected errors from the caller and invokes the appropriate error
115 * response.
116 */
117 __cold
__btrfs_handle_fs_error(struct btrfs_fs_info * fs_info,const char * function,unsigned int line,int error,const char * fmt,...)118 void __btrfs_handle_fs_error(struct btrfs_fs_info *fs_info, const char *function,
119 unsigned int line, int error, const char *fmt, ...)
120 {
121 struct super_block *sb = fs_info->sb;
122 #ifdef CONFIG_PRINTK
123 char statestr[STATE_STRING_BUF_LEN];
124 const char *errstr;
125 #endif
126
127 #ifdef CONFIG_PRINTK_INDEX
128 printk_index_subsys_emit(
129 "BTRFS: error (device %s%s) in %s:%d: errno=%d %s", KERN_CRIT, fmt);
130 #endif
131
132 /*
133 * Special case: if the error is EROFS, and we're already under
134 * SB_RDONLY, then it is safe here.
135 */
136 if (error == -EROFS && sb_rdonly(sb))
137 return;
138
139 #ifdef CONFIG_PRINTK
140 errstr = btrfs_decode_error(error);
141 btrfs_state_to_string(fs_info, statestr);
142 if (fmt) {
143 struct va_format vaf;
144 va_list args;
145
146 va_start(args, fmt);
147 vaf.fmt = fmt;
148 vaf.va = &args;
149
150 pr_crit("BTRFS: error (device %s%s) in %s:%d: errno=%d %s (%pV)\n",
151 sb->s_id, statestr, function, line, error, errstr, &vaf);
152 va_end(args);
153 } else {
154 pr_crit("BTRFS: error (device %s%s) in %s:%d: errno=%d %s\n",
155 sb->s_id, statestr, function, line, error, errstr);
156 }
157 #endif
158
159 /*
160 * Today we only save the error info to memory. Long term we'll also
161 * send it down to the disk.
162 */
163 WRITE_ONCE(fs_info->fs_error, error);
164
165 /* Don't go through full error handling during mount. */
166 if (!(sb->s_flags & SB_BORN))
167 return;
168
169 if (sb_rdonly(sb))
170 return;
171
172 btrfs_discard_stop(fs_info);
173
174 /* Handle error by forcing the filesystem readonly. */
175 btrfs_set_sb_rdonly(sb);
176 btrfs_info(fs_info, "forced readonly");
177 /*
178 * Note that a running device replace operation is not canceled here
179 * although there is no way to update the progress. It would add the
180 * risk of a deadlock, therefore the canceling is omitted. The only
181 * penalty is that some I/O remains active until the procedure
182 * completes. The next time when the filesystem is mounted writable
183 * again, the device replace operation continues.
184 */
185 }
186
187 #ifdef CONFIG_PRINTK
188 static const char * const logtypes[] = {
189 "emergency",
190 "alert",
191 "critical",
192 "error",
193 "warning",
194 "notice",
195 "info",
196 "debug",
197 };
198
199 /*
200 * Use one ratelimit state per log level so that a flood of less important
201 * messages doesn't cause more important ones to be dropped.
202 */
203 static struct ratelimit_state printk_limits[] = {
204 RATELIMIT_STATE_INIT(printk_limits[0], DEFAULT_RATELIMIT_INTERVAL, 100),
205 RATELIMIT_STATE_INIT(printk_limits[1], DEFAULT_RATELIMIT_INTERVAL, 100),
206 RATELIMIT_STATE_INIT(printk_limits[2], DEFAULT_RATELIMIT_INTERVAL, 100),
207 RATELIMIT_STATE_INIT(printk_limits[3], DEFAULT_RATELIMIT_INTERVAL, 100),
208 RATELIMIT_STATE_INIT(printk_limits[4], DEFAULT_RATELIMIT_INTERVAL, 100),
209 RATELIMIT_STATE_INIT(printk_limits[5], DEFAULT_RATELIMIT_INTERVAL, 100),
210 RATELIMIT_STATE_INIT(printk_limits[6], DEFAULT_RATELIMIT_INTERVAL, 100),
211 RATELIMIT_STATE_INIT(printk_limits[7], DEFAULT_RATELIMIT_INTERVAL, 100),
212 };
213
214 __printf(3, 4) __cold
_btrfs_printk(const struct btrfs_fs_info * fs_info,unsigned int level,const char * fmt,...)215 void _btrfs_printk(const struct btrfs_fs_info *fs_info, unsigned int level, const char *fmt, ...)
216 {
217 struct va_format vaf;
218 va_list args;
219 const char *type = logtypes[level];
220 struct ratelimit_state *ratelimit = &printk_limits[level];
221
222 #ifdef CONFIG_PRINTK_INDEX
223 printk_index_subsys_emit("%sBTRFS %s (device %s): ", NULL, fmt);
224 #endif
225
226 va_start(args, fmt);
227 vaf.fmt = fmt;
228 vaf.va = &args;
229
230 /* Do not ratelimit if CONFIG_BTRFS_DEBUG is enabled. */
231 if (IS_ENABLED(CONFIG_BTRFS_DEBUG) || __ratelimit(ratelimit)) {
232 if (fs_info) {
233 char statestr[STATE_STRING_BUF_LEN];
234
235 btrfs_state_to_string(fs_info, statestr);
236 _printk(KERN_SOH "%dBTRFS %s (device %s%s): %pV\n", level, type,
237 fs_info->sb->s_id, statestr, &vaf);
238 } else {
239 _printk(KERN_SOH "%dBTRFS %s: %pV\n", level, type, &vaf);
240 }
241 }
242
243 va_end(args);
244 }
245 #endif
246
247 #if BITS_PER_LONG == 32
btrfs_warn_32bit_limit(struct btrfs_fs_info * fs_info)248 void __cold btrfs_warn_32bit_limit(struct btrfs_fs_info *fs_info)
249 {
250 if (!test_and_set_bit(BTRFS_FS_32BIT_WARN, &fs_info->flags)) {
251 btrfs_warn(fs_info, "reaching 32bit limit for logical addresses");
252 btrfs_warn(fs_info,
253 "due to page cache limit on 32bit systems, btrfs can't access metadata at or beyond %lluT",
254 BTRFS_32BIT_MAX_FILE_SIZE >> 40);
255 btrfs_warn(fs_info,
256 "please consider upgrading to 64bit kernel/hardware");
257 }
258 }
259
btrfs_err_32bit_limit(struct btrfs_fs_info * fs_info)260 void __cold btrfs_err_32bit_limit(struct btrfs_fs_info *fs_info)
261 {
262 if (!test_and_set_bit(BTRFS_FS_32BIT_ERROR, &fs_info->flags)) {
263 btrfs_err(fs_info, "reached 32bit limit for logical addresses");
264 btrfs_err(fs_info,
265 "due to page cache limit on 32bit systems, metadata beyond %lluT can't be accessed",
266 BTRFS_32BIT_MAX_FILE_SIZE >> 40);
267 btrfs_err(fs_info,
268 "please consider upgrading to 64bit kernel/hardware");
269 }
270 }
271 #endif
272
273 /*
274 * Decode unexpected, fatal errors from the caller, issue an alert, and either
275 * panic or BUGs, depending on mount options.
276 */
277 __cold
__btrfs_panic(const struct btrfs_fs_info * fs_info,const char * function,unsigned int line,int error,const char * fmt,...)278 void __btrfs_panic(const struct btrfs_fs_info *fs_info, const char *function,
279 unsigned int line, int error, const char *fmt, ...)
280 {
281 char *s_id = "<unknown>";
282 const char *errstr;
283 struct va_format vaf = { .fmt = fmt };
284 va_list args;
285
286 if (fs_info)
287 s_id = fs_info->sb->s_id;
288
289 va_start(args, fmt);
290 vaf.va = &args;
291
292 errstr = btrfs_decode_error(error);
293 if (fs_info && (btrfs_test_opt(fs_info, PANIC_ON_FATAL_ERROR)))
294 panic(KERN_CRIT "BTRFS panic (device %s) in %s:%d: %pV (errno=%d %s)\n",
295 s_id, function, line, &vaf, error, errstr);
296
297 btrfs_crit(fs_info, "panic in %s:%d: %pV (errno=%d %s)",
298 function, line, &vaf, error, errstr);
299 va_end(args);
300 /* Caller calls BUG() */
301 }
302