2019-05-31 11:09:56 +03:00
|
|
|
// SPDX-License-Identifier: GPL-2.0-only
|
2006-01-16 19:50:04 +03:00
|
|
|
/*
|
|
|
|
* Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
|
2007-12-12 03:49:21 +03:00
|
|
|
* Copyright (C) 2004-2007 Red Hat, Inc. All rights reserved.
|
2006-01-16 19:50:04 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/sched.h>
|
|
|
|
#include <linux/slab.h>
|
|
|
|
#include <linux/spinlock.h>
|
|
|
|
#include <linux/completion.h>
|
|
|
|
#include <linux/buffer_head.h>
|
2006-02-28 01:23:27 +03:00
|
|
|
#include <linux/gfs2_ondisk.h>
|
2006-03-28 23:14:04 +04:00
|
|
|
#include <linux/crc32.h>
|
2018-01-17 02:01:33 +03:00
|
|
|
#include <linux/crc32c.h>
|
2006-11-23 19:06:35 +03:00
|
|
|
#include <linux/delay.h>
|
2007-11-09 13:01:41 +03:00
|
|
|
#include <linux/kthread.h>
|
|
|
|
#include <linux/freezer.h>
|
2008-09-26 13:23:22 +04:00
|
|
|
#include <linux/bio.h>
|
2014-02-03 13:57:29 +04:00
|
|
|
#include <linux/blkdev.h>
|
2011-04-18 17:18:09 +04:00
|
|
|
#include <linux/writeback.h>
|
2012-02-14 23:49:57 +04:00
|
|
|
#include <linux/list_sort.h>
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
#include "gfs2.h"
|
2006-02-28 01:23:27 +03:00
|
|
|
#include "incore.h"
|
2006-01-16 19:50:04 +03:00
|
|
|
#include "bmap.h"
|
|
|
|
#include "glock.h"
|
|
|
|
#include "log.h"
|
|
|
|
#include "lops.h"
|
|
|
|
#include "meta_io.h"
|
2006-02-28 01:23:27 +03:00
|
|
|
#include "util.h"
|
2006-03-28 23:14:04 +04:00
|
|
|
#include "dir.h"
|
2009-06-12 11:49:20 +04:00
|
|
|
#include "trace_gfs2.h"
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2019-11-14 17:48:26 +03:00
|
|
|
static void gfs2_log_shutdown(struct gfs2_sbd *sdp);
|
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
/**
|
|
|
|
* gfs2_struct2blk - compute stuff
|
|
|
|
* @sdp: the filesystem
|
|
|
|
* @nstruct: the number of structures
|
|
|
|
*
|
|
|
|
* Compute the number of log descriptor blocks needed to hold a certain number
|
|
|
|
* of structures of a certain size.
|
|
|
|
*
|
|
|
|
* Returns: the number of blocks needed (minimum is always 1)
|
|
|
|
*/
|
|
|
|
|
2019-12-13 17:10:51 +03:00
|
|
|
unsigned int gfs2_struct2blk(struct gfs2_sbd *sdp, unsigned int nstruct)
|
2006-01-16 19:50:04 +03:00
|
|
|
{
|
|
|
|
unsigned int blks;
|
|
|
|
unsigned int first, second;
|
|
|
|
|
|
|
|
blks = 1;
|
2019-12-13 17:10:51 +03:00
|
|
|
first = sdp->sd_ldptrs;
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
if (nstruct > first) {
|
2019-12-13 17:10:51 +03:00
|
|
|
second = sdp->sd_inptrs;
|
2006-02-28 01:23:27 +03:00
|
|
|
blks += DIV_ROUND_UP(nstruct - first, second);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return blks;
|
|
|
|
}
|
|
|
|
|
2007-08-27 12:45:26 +04:00
|
|
|
/**
|
|
|
|
* gfs2_remove_from_ail - Remove an entry from the ail lists, updating counters
|
|
|
|
* @mapping: The associated mapping (maybe NULL)
|
|
|
|
* @bd: The gfs2_bufdata to remove
|
|
|
|
*
|
2011-03-14 15:40:29 +03:00
|
|
|
* The ail lock _must_ be held when calling this function
|
2007-08-27 12:45:26 +04:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2018-03-02 16:59:44 +03:00
|
|
|
static void gfs2_remove_from_ail(struct gfs2_bufdata *bd)
|
2007-08-27 12:45:26 +04:00
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
bd->bd_tr = NULL;
|
2007-09-03 14:01:33 +04:00
|
|
|
list_del_init(&bd->bd_ail_st_list);
|
|
|
|
list_del_init(&bd->bd_ail_gl_list);
|
2007-08-27 12:45:26 +04:00
|
|
|
atomic_dec(&bd->bd_gl->gl_ail_count);
|
|
|
|
brelse(bd->bd_bh);
|
|
|
|
}
|
|
|
|
|
2006-10-03 19:10:41 +04:00
|
|
|
/**
|
|
|
|
* gfs2_ail1_start_one - Start I/O on a part of the AIL
|
|
|
|
* @sdp: the filesystem
|
2011-04-18 17:18:09 +04:00
|
|
|
* @wbc: The writeback control structure
|
|
|
|
* @ai: The ail structure
|
2006-10-03 19:10:41 +04:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2011-04-26 13:23:56 +04:00
|
|
|
static int gfs2_ail1_start_one(struct gfs2_sbd *sdp,
|
|
|
|
struct writeback_control *wbc,
|
2019-02-12 23:43:55 +03:00
|
|
|
struct gfs2_trans *tr)
|
2011-03-11 14:52:25 +03:00
|
|
|
__releases(&sdp->sd_ail_lock)
|
|
|
|
__acquires(&sdp->sd_ail_lock)
|
2006-10-03 19:10:41 +04:00
|
|
|
{
|
2011-03-30 19:25:51 +04:00
|
|
|
struct gfs2_glock *gl = NULL;
|
2011-04-18 17:18:09 +04:00
|
|
|
struct address_space *mapping;
|
2006-10-03 19:10:41 +04:00
|
|
|
struct gfs2_bufdata *bd, *s;
|
|
|
|
struct buffer_head *bh;
|
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_for_each_entry_safe_reverse(bd, s, &tr->tr_ail1_list, bd_ail_st_list) {
|
2011-04-18 17:18:09 +04:00
|
|
|
bh = bd->bd_bh;
|
2006-10-03 19:10:41 +04:00
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
gfs2_assert(sdp, bd->bd_tr == tr);
|
2006-10-03 19:10:41 +04:00
|
|
|
|
2011-04-18 17:18:09 +04:00
|
|
|
if (!buffer_busy(bh)) {
|
2019-11-13 20:47:09 +03:00
|
|
|
if (buffer_uptodate(bh)) {
|
|
|
|
list_move(&bd->bd_ail_st_list,
|
|
|
|
&tr->tr_ail2_list);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (!test_and_set_bit(SDF_AIL1_IO_ERROR,
|
2018-10-04 18:21:07 +03:00
|
|
|
&sdp->sd_flags)) {
|
2011-04-18 17:18:09 +04:00
|
|
|
gfs2_io_error_bh(sdp, bh);
|
2019-02-12 23:43:55 +03:00
|
|
|
gfs2_withdraw_delayed(sdp);
|
2018-06-07 13:56:46 +03:00
|
|
|
}
|
2011-04-18 17:18:09 +04:00
|
|
|
}
|
|
|
|
|
2019-11-13 20:47:09 +03:00
|
|
|
if (gfs2_withdrawn(sdp)) {
|
|
|
|
gfs2_remove_from_ail(bd);
|
|
|
|
continue;
|
|
|
|
}
|
2011-04-18 17:18:09 +04:00
|
|
|
if (!buffer_dirty(bh))
|
|
|
|
continue;
|
|
|
|
if (gl == bd->bd_gl)
|
|
|
|
continue;
|
|
|
|
gl = bd->bd_gl;
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_move(&bd->bd_ail_st_list, &tr->tr_ail1_list);
|
2011-04-18 17:18:09 +04:00
|
|
|
mapping = bh->b_page->mapping;
|
2011-04-26 13:23:56 +04:00
|
|
|
if (!mapping)
|
|
|
|
continue;
|
2011-04-18 17:18:09 +04:00
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
|
|
|
generic_writepages(mapping, wbc);
|
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
|
|
|
if (wbc->nr_to_write <= 0)
|
|
|
|
break;
|
2011-04-26 13:23:56 +04:00
|
|
|
return 1;
|
2011-04-18 17:18:09 +04:00
|
|
|
}
|
2011-04-26 13:23:56 +04:00
|
|
|
|
|
|
|
return 0;
|
2011-04-18 17:18:09 +04:00
|
|
|
}
|
2006-10-03 19:10:41 +04:00
|
|
|
|
|
|
|
|
2011-04-18 17:18:09 +04:00
|
|
|
/**
|
|
|
|
* gfs2_ail1_flush - start writeback of some ail1 entries
|
|
|
|
* @sdp: The super block
|
|
|
|
* @wbc: The writeback control structure
|
|
|
|
*
|
|
|
|
* Writes back some ail1 entries, according to the limits in the
|
|
|
|
* writeback control structure
|
|
|
|
*/
|
2006-10-03 19:10:41 +04:00
|
|
|
|
2011-04-18 17:18:09 +04:00
|
|
|
void gfs2_ail1_flush(struct gfs2_sbd *sdp, struct writeback_control *wbc)
|
|
|
|
{
|
|
|
|
struct list_head *head = &sdp->sd_ail1_list;
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct gfs2_trans *tr;
|
2014-02-03 13:57:29 +04:00
|
|
|
struct blk_plug plug;
|
2006-10-03 19:10:41 +04:00
|
|
|
|
2011-04-18 17:18:38 +04:00
|
|
|
trace_gfs2_ail_flush(sdp, wbc, 1);
|
2014-02-03 13:57:29 +04:00
|
|
|
blk_start_plug(&plug);
|
2011-04-18 17:18:09 +04:00
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
2011-04-26 13:23:56 +04:00
|
|
|
restart:
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_for_each_entry_reverse(tr, head, tr_list) {
|
2011-04-18 17:18:09 +04:00
|
|
|
if (wbc->nr_to_write <= 0)
|
2006-10-03 19:10:41 +04:00
|
|
|
break;
|
2019-02-12 23:43:55 +03:00
|
|
|
if (gfs2_ail1_start_one(sdp, wbc, tr) && !gfs2_withdrawn(sdp))
|
2011-04-26 13:23:56 +04:00
|
|
|
goto restart;
|
2011-04-18 17:18:09 +04:00
|
|
|
}
|
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
2014-02-03 13:57:29 +04:00
|
|
|
blk_finish_plug(&plug);
|
2019-02-12 23:43:55 +03:00
|
|
|
if (test_bit(SDF_WITHDRAWING, &sdp->sd_flags))
|
2020-01-23 20:41:00 +03:00
|
|
|
gfs2_withdraw(sdp);
|
2011-04-18 17:18:38 +04:00
|
|
|
trace_gfs2_ail_flush(sdp, wbc, 0);
|
2011-04-18 17:18:09 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* gfs2_ail1_start - start writeback of all ail1 entries
|
|
|
|
* @sdp: The superblock
|
|
|
|
*/
|
|
|
|
|
|
|
|
static void gfs2_ail1_start(struct gfs2_sbd *sdp)
|
|
|
|
{
|
|
|
|
struct writeback_control wbc = {
|
|
|
|
.sync_mode = WB_SYNC_NONE,
|
|
|
|
.nr_to_write = LONG_MAX,
|
|
|
|
.range_start = 0,
|
|
|
|
.range_end = LLONG_MAX,
|
|
|
|
};
|
|
|
|
|
|
|
|
return gfs2_ail1_flush(sdp, &wbc);
|
2006-10-03 19:10:41 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* gfs2_ail1_empty_one - Check whether or not a trans in the AIL has been synced
|
|
|
|
* @sdp: the filesystem
|
|
|
|
* @ai: the AIL entry
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2019-02-12 23:43:55 +03:00
|
|
|
static void gfs2_ail1_empty_one(struct gfs2_sbd *sdp, struct gfs2_trans *tr)
|
2006-10-03 19:10:41 +04:00
|
|
|
{
|
|
|
|
struct gfs2_bufdata *bd, *s;
|
|
|
|
struct buffer_head *bh;
|
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_for_each_entry_safe_reverse(bd, s, &tr->tr_ail1_list,
|
2006-10-03 19:10:41 +04:00
|
|
|
bd_ail_st_list) {
|
|
|
|
bh = bd->bd_bh;
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
gfs2_assert(sdp, bd->bd_tr == tr);
|
2011-04-18 17:18:09 +04:00
|
|
|
if (buffer_busy(bh))
|
|
|
|
continue;
|
2018-10-04 18:21:07 +03:00
|
|
|
if (!buffer_uptodate(bh) &&
|
|
|
|
!test_and_set_bit(SDF_AIL1_IO_ERROR, &sdp->sd_flags)) {
|
2006-10-03 19:10:41 +04:00
|
|
|
gfs2_io_error_bh(sdp, bh);
|
2019-02-12 23:43:55 +03:00
|
|
|
gfs2_withdraw_delayed(sdp);
|
2018-06-07 13:56:46 +03:00
|
|
|
}
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_move(&bd->bd_ail_st_list, &tr->tr_ail2_list);
|
2006-10-03 19:10:41 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-04-18 17:18:09 +04:00
|
|
|
/**
|
|
|
|
* gfs2_ail1_empty - Try to empty the ail1 lists
|
|
|
|
* @sdp: The superblock
|
|
|
|
*
|
|
|
|
* Tries to empty the ail1 lists, starting with the oldest first
|
|
|
|
*/
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2011-04-18 17:18:09 +04:00
|
|
|
static int gfs2_ail1_empty(struct gfs2_sbd *sdp)
|
2006-01-16 19:50:04 +03:00
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct gfs2_trans *tr, *s;
|
2013-06-14 20:38:29 +04:00
|
|
|
int oldest_tr = 1;
|
2006-01-16 19:50:04 +03:00
|
|
|
int ret;
|
|
|
|
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_for_each_entry_safe_reverse(tr, s, &sdp->sd_ail1_list, tr_list) {
|
2019-02-12 23:43:55 +03:00
|
|
|
gfs2_ail1_empty_one(sdp, tr);
|
2013-06-14 20:38:29 +04:00
|
|
|
if (list_empty(&tr->tr_ail1_list) && oldest_tr)
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_move(&tr->tr_list, &sdp->sd_ail2_list);
|
2011-04-18 17:18:09 +04:00
|
|
|
else
|
2013-06-14 20:38:29 +04:00
|
|
|
oldest_tr = 0;
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
ret = list_empty(&sdp->sd_ail1_list);
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2019-02-12 23:43:55 +03:00
|
|
|
if (test_bit(SDF_WITHDRAWING, &sdp->sd_flags)) {
|
2020-01-23 20:41:00 +03:00
|
|
|
gfs2_lm(sdp, "fatal: I/O error(s)\n");
|
|
|
|
gfs2_withdraw(sdp);
|
|
|
|
}
|
2018-06-07 13:56:46 +03:00
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2011-05-21 22:21:07 +04:00
|
|
|
static void gfs2_ail1_wait(struct gfs2_sbd *sdp)
|
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct gfs2_trans *tr;
|
2011-05-21 22:21:07 +04:00
|
|
|
struct gfs2_bufdata *bd;
|
|
|
|
struct buffer_head *bh;
|
|
|
|
|
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_for_each_entry_reverse(tr, &sdp->sd_ail1_list, tr_list) {
|
|
|
|
list_for_each_entry(bd, &tr->tr_ail1_list, bd_ail_st_list) {
|
2011-05-21 22:21:07 +04:00
|
|
|
bh = bd->bd_bh;
|
|
|
|
if (!buffer_locked(bh))
|
|
|
|
continue;
|
|
|
|
get_bh(bh);
|
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
|
|
|
wait_on_buffer(bh);
|
|
|
|
brelse(bh);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
|
|
|
}
|
2006-10-03 19:10:41 +04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* gfs2_ail2_empty_one - Check whether or not a trans in the AIL has been synced
|
|
|
|
* @sdp: the filesystem
|
|
|
|
* @ai: the AIL entry
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
static void gfs2_ail2_empty_one(struct gfs2_sbd *sdp, struct gfs2_trans *tr)
|
2006-10-03 19:10:41 +04:00
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct list_head *head = &tr->tr_ail2_list;
|
2006-10-03 19:10:41 +04:00
|
|
|
struct gfs2_bufdata *bd;
|
|
|
|
|
|
|
|
while (!list_empty(head)) {
|
|
|
|
bd = list_entry(head->prev, struct gfs2_bufdata,
|
|
|
|
bd_ail_st_list);
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
gfs2_assert(sdp, bd->bd_tr == tr);
|
2007-10-15 19:29:05 +04:00
|
|
|
gfs2_remove_from_ail(bd);
|
2006-10-03 19:10:41 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
static void ail2_empty(struct gfs2_sbd *sdp, unsigned int new_tail)
|
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct gfs2_trans *tr, *safe;
|
2006-01-16 19:50:04 +03:00
|
|
|
unsigned int old_tail = sdp->sd_log_tail;
|
|
|
|
int wrap = (new_tail < old_tail);
|
|
|
|
int a, b, rm;
|
|
|
|
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
list_for_each_entry_safe(tr, safe, &sdp->sd_ail2_list, tr_list) {
|
|
|
|
a = (old_tail <= tr->tr_first);
|
|
|
|
b = (tr->tr_first < new_tail);
|
2006-01-16 19:50:04 +03:00
|
|
|
rm = (wrap) ? (a || b) : (a && b);
|
|
|
|
if (!rm)
|
|
|
|
continue;
|
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
gfs2_ail2_empty_one(sdp, tr);
|
|
|
|
list_del(&tr->tr_list);
|
|
|
|
gfs2_assert_warn(sdp, list_empty(&tr->tr_ail1_list));
|
|
|
|
gfs2_assert_warn(sdp, list_empty(&tr->tr_ail2_list));
|
|
|
|
kfree(tr);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
/**
|
|
|
|
* gfs2_log_release - Release a given number of log blocks
|
|
|
|
* @sdp: The GFS2 superblock
|
|
|
|
* @blks: The number of blocks
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
void gfs2_log_release(struct gfs2_sbd *sdp, unsigned int blks)
|
|
|
|
{
|
|
|
|
|
|
|
|
atomic_add(blks, &sdp->sd_log_blks_free);
|
|
|
|
trace_gfs2_log_blocks(sdp, blks);
|
|
|
|
gfs2_assert_withdraw(sdp, atomic_read(&sdp->sd_log_blks_free) <=
|
|
|
|
sdp->sd_jdesc->jd_blocks);
|
|
|
|
up_read(&sdp->sd_log_flush_lock);
|
|
|
|
}
|
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
/**
|
|
|
|
* gfs2_log_reserve - Make a log reservation
|
|
|
|
* @sdp: The GFS2 superblock
|
|
|
|
* @blks: The number of blocks to reserve
|
|
|
|
*
|
2007-06-01 18:19:33 +04:00
|
|
|
* Note that we never give out the last few blocks of the journal. Thats
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
* due to the fact that there is a small number of header blocks
|
2006-11-23 18:51:34 +03:00
|
|
|
* associated with each log flush. The exact number can't be known until
|
|
|
|
* flush time, so we ensure that we have just enough free blocks at all
|
|
|
|
* times to avoid running out during a log flush.
|
|
|
|
*
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
* We no longer flush the log here, instead we wake up logd to do that
|
|
|
|
* for us. To avoid the thundering herd and to ensure that we deal fairly
|
|
|
|
* with queued waiters, we use an exclusive wait. This means that when we
|
|
|
|
* get woken with enough journal space to get our reservation, we need to
|
|
|
|
* wake the next waiter on the list.
|
|
|
|
*
|
2006-01-16 19:50:04 +03:00
|
|
|
* Returns: errno
|
|
|
|
*/
|
|
|
|
|
|
|
|
int gfs2_log_reserve(struct gfs2_sbd *sdp, unsigned int blks)
|
|
|
|
{
|
2014-11-14 05:42:04 +03:00
|
|
|
int ret = 0;
|
2013-06-14 20:38:29 +04:00
|
|
|
unsigned reserved_blks = 7 * (4096 / sdp->sd_vfs->s_blocksize);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
unsigned wanted = blks + reserved_blks;
|
|
|
|
DEFINE_WAIT(wait);
|
|
|
|
int did_wait = 0;
|
|
|
|
unsigned int free_blocks;
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
if (gfs2_assert_warn(sdp, blks) ||
|
|
|
|
gfs2_assert_warn(sdp, blks <= sdp->sd_jdesc->jd_blocks))
|
|
|
|
return -EINVAL;
|
2017-01-06 00:01:45 +03:00
|
|
|
atomic_add(blks, &sdp->sd_log_blks_needed);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
retry:
|
|
|
|
free_blocks = atomic_read(&sdp->sd_log_blks_free);
|
|
|
|
if (unlikely(free_blocks <= wanted)) {
|
|
|
|
do {
|
|
|
|
prepare_to_wait_exclusive(&sdp->sd_log_waitq, &wait,
|
|
|
|
TASK_UNINTERRUPTIBLE);
|
|
|
|
wake_up(&sdp->sd_logd_waitq);
|
|
|
|
did_wait = 1;
|
|
|
|
if (atomic_read(&sdp->sd_log_blks_free) <= wanted)
|
|
|
|
io_schedule();
|
|
|
|
free_blocks = atomic_read(&sdp->sd_log_blks_free);
|
|
|
|
} while(free_blocks <= wanted);
|
|
|
|
finish_wait(&sdp->sd_log_waitq, &wait);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
2014-11-14 05:42:04 +03:00
|
|
|
atomic_inc(&sdp->sd_reserving_log);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
if (atomic_cmpxchg(&sdp->sd_log_blks_free, free_blocks,
|
2014-11-14 05:42:04 +03:00
|
|
|
free_blocks - blks) != free_blocks) {
|
|
|
|
if (atomic_dec_and_test(&sdp->sd_reserving_log))
|
|
|
|
wake_up(&sdp->sd_reserving_log_wait);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
goto retry;
|
2014-11-14 05:42:04 +03:00
|
|
|
}
|
2017-01-06 00:01:45 +03:00
|
|
|
atomic_sub(blks, &sdp->sd_log_blks_needed);
|
2009-06-12 11:49:20 +04:00
|
|
|
trace_gfs2_log_blocks(sdp, -blks);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If we waited, then so might others, wake them up _after_ we get
|
|
|
|
* our share of the log.
|
|
|
|
*/
|
|
|
|
if (unlikely(did_wait))
|
|
|
|
wake_up(&sdp->sd_log_waitq);
|
2006-03-29 18:12:12 +04:00
|
|
|
|
|
|
|
down_read(&sdp->sd_log_flush_lock);
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
if (unlikely(!test_bit(SDF_JOURNAL_LIVE, &sdp->sd_flags))) {
|
|
|
|
gfs2_log_release(sdp, blks);
|
2014-11-14 05:42:04 +03:00
|
|
|
ret = -EROFS;
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
}
|
2014-11-14 05:42:04 +03:00
|
|
|
if (atomic_dec_and_test(&sdp->sd_reserving_log))
|
|
|
|
wake_up(&sdp->sd_reserving_log_wait);
|
|
|
|
return ret;
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* log_distance - Compute distance between two journal blocks
|
|
|
|
* @sdp: The GFS2 superblock
|
|
|
|
* @newer: The most recent journal block of the pair
|
|
|
|
* @older: The older journal block of the pair
|
|
|
|
*
|
|
|
|
* Compute the distance (in the journal direction) between two
|
|
|
|
* blocks in the journal
|
|
|
|
*
|
|
|
|
* Returns: the distance in blocks
|
|
|
|
*/
|
|
|
|
|
2006-09-13 19:13:27 +04:00
|
|
|
static inline unsigned int log_distance(struct gfs2_sbd *sdp, unsigned int newer,
|
2006-01-16 19:50:04 +03:00
|
|
|
unsigned int older)
|
|
|
|
{
|
|
|
|
int dist;
|
|
|
|
|
|
|
|
dist = newer - older;
|
|
|
|
if (dist < 0)
|
|
|
|
dist += sdp->sd_jdesc->jd_blocks;
|
|
|
|
|
|
|
|
return dist;
|
|
|
|
}
|
|
|
|
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
/**
|
|
|
|
* calc_reserved - Calculate the number of blocks to reserve when
|
|
|
|
* refunding a transaction's unused buffers.
|
|
|
|
* @sdp: The GFS2 superblock
|
|
|
|
*
|
|
|
|
* This is complex. We need to reserve room for all our currently used
|
|
|
|
* metadata buffers (e.g. normal file I/O rewriting file time stamps) and
|
|
|
|
* all our journaled data buffers for journaled files (e.g. files in the
|
|
|
|
* meta_fs like rindex, or files for which chattr +j was done.)
|
|
|
|
* If we don't reserve enough space, gfs2_log_refund and gfs2_log_flush
|
|
|
|
* will count it as free space (sd_log_blks_free) and corruption will follow.
|
|
|
|
*
|
|
|
|
* We can have metadata bufs and jdata bufs in the same journal. So each
|
|
|
|
* type gets its own log header, for which we need to reserve a block.
|
|
|
|
* In fact, each type has the potential for needing more than one header
|
|
|
|
* in cases where we have more buffers than will fit on a journal page.
|
|
|
|
* Metadata journal entries take up half the space of journaled buffer entries.
|
|
|
|
* Thus, metadata entries have buf_limit (502) and journaled buffers have
|
|
|
|
* databuf_limit (251) before they cause a wrap around.
|
|
|
|
*
|
|
|
|
* Also, we need to reserve blocks for revoke journal entries and one for an
|
|
|
|
* overall header for the lot.
|
|
|
|
*
|
|
|
|
* Returns: the number of blocks reserved
|
|
|
|
*/
|
|
|
|
static unsigned int calc_reserved(struct gfs2_sbd *sdp)
|
|
|
|
{
|
|
|
|
unsigned int reserved = 0;
|
2014-02-22 01:55:33 +04:00
|
|
|
unsigned int mbuf;
|
|
|
|
unsigned int dbuf;
|
|
|
|
struct gfs2_trans *tr = sdp->sd_log_tr;
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
|
2014-02-22 01:55:33 +04:00
|
|
|
if (tr) {
|
|
|
|
mbuf = tr->tr_num_buf_new - tr->tr_num_buf_rm;
|
|
|
|
dbuf = tr->tr_num_databuf_new - tr->tr_num_databuf_rm;
|
|
|
|
reserved = mbuf + dbuf;
|
|
|
|
/* Account for header blocks */
|
|
|
|
reserved += DIV_ROUND_UP(mbuf, buf_limit(sdp));
|
|
|
|
reserved += DIV_ROUND_UP(dbuf, databuf_limit(sdp));
|
|
|
|
}
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
|
2020-01-09 15:54:36 +03:00
|
|
|
if (sdp->sd_log_committed_revoke > 0)
|
|
|
|
reserved += gfs2_struct2blk(sdp, sdp->sd_log_committed_revoke);
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
/* One for the overall header */
|
|
|
|
if (reserved)
|
|
|
|
reserved++;
|
|
|
|
return reserved;
|
|
|
|
}
|
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
static unsigned int current_tail(struct gfs2_sbd *sdp)
|
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct gfs2_trans *tr;
|
2006-01-16 19:50:04 +03:00
|
|
|
unsigned int tail;
|
|
|
|
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2006-09-13 19:13:27 +04:00
|
|
|
if (list_empty(&sdp->sd_ail1_list)) {
|
2006-01-16 19:50:04 +03:00
|
|
|
tail = sdp->sd_log_head;
|
2006-09-13 19:13:27 +04:00
|
|
|
} else {
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
tr = list_entry(sdp->sd_ail1_list.prev, struct gfs2_trans,
|
|
|
|
tr_list);
|
|
|
|
tail = tr->tr_first;
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
return tail;
|
|
|
|
}
|
|
|
|
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
static void log_pull_tail(struct gfs2_sbd *sdp, unsigned int new_tail)
|
2006-01-16 19:50:04 +03:00
|
|
|
{
|
|
|
|
unsigned int dist = log_distance(sdp, new_tail, sdp->sd_log_tail);
|
|
|
|
|
|
|
|
ail2_empty(sdp, new_tail);
|
|
|
|
|
2007-11-08 17:55:03 +03:00
|
|
|
atomic_add(dist, &sdp->sd_log_blks_free);
|
2009-06-12 11:49:20 +04:00
|
|
|
trace_gfs2_log_blocks(sdp, dist);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
gfs2_assert_withdraw(sdp, atomic_read(&sdp->sd_log_blks_free) <=
|
|
|
|
sdp->sd_jdesc->jd_blocks);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
sdp->sd_log_tail = new_tail;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2012-03-09 14:45:56 +04:00
|
|
|
static void log_flush_wait(struct gfs2_sbd *sdp)
|
2006-01-16 19:50:04 +03:00
|
|
|
{
|
2007-09-17 13:59:52 +04:00
|
|
|
DEFINE_WAIT(wait);
|
|
|
|
|
|
|
|
if (atomic_read(&sdp->sd_log_in_flight)) {
|
|
|
|
do {
|
|
|
|
prepare_to_wait(&sdp->sd_log_flush_wait, &wait,
|
|
|
|
TASK_UNINTERRUPTIBLE);
|
|
|
|
if (atomic_read(&sdp->sd_log_in_flight))
|
|
|
|
io_schedule();
|
|
|
|
} while(atomic_read(&sdp->sd_log_in_flight));
|
|
|
|
finish_wait(&sdp->sd_log_flush_wait, &wait);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-01-28 13:30:07 +04:00
|
|
|
static int ip_cmp(void *priv, struct list_head *a, struct list_head *b)
|
2012-02-14 23:49:57 +04:00
|
|
|
{
|
2013-01-28 13:30:07 +04:00
|
|
|
struct gfs2_inode *ipa, *ipb;
|
2012-02-14 23:49:57 +04:00
|
|
|
|
2013-01-28 13:30:07 +04:00
|
|
|
ipa = list_entry(a, struct gfs2_inode, i_ordered);
|
|
|
|
ipb = list_entry(b, struct gfs2_inode, i_ordered);
|
2012-02-14 23:49:57 +04:00
|
|
|
|
2013-01-28 13:30:07 +04:00
|
|
|
if (ipa->i_no_addr < ipb->i_no_addr)
|
2012-02-14 23:49:57 +04:00
|
|
|
return -1;
|
2013-01-28 13:30:07 +04:00
|
|
|
if (ipa->i_no_addr > ipb->i_no_addr)
|
2012-02-14 23:49:57 +04:00
|
|
|
return 1;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-09-02 13:48:13 +04:00
|
|
|
static void gfs2_ordered_write(struct gfs2_sbd *sdp)
|
|
|
|
{
|
2013-01-28 13:30:07 +04:00
|
|
|
struct gfs2_inode *ip;
|
2007-09-02 13:48:13 +04:00
|
|
|
LIST_HEAD(written);
|
|
|
|
|
2013-01-28 13:30:07 +04:00
|
|
|
spin_lock(&sdp->sd_ordered_lock);
|
2019-04-05 14:16:14 +03:00
|
|
|
list_sort(NULL, &sdp->sd_log_ordered, &ip_cmp);
|
|
|
|
while (!list_empty(&sdp->sd_log_ordered)) {
|
|
|
|
ip = list_entry(sdp->sd_log_ordered.next, struct gfs2_inode, i_ordered);
|
2017-12-22 16:55:31 +03:00
|
|
|
if (ip->i_inode.i_mapping->nrpages == 0) {
|
|
|
|
test_and_clear_bit(GIF_ORDERED, &ip->i_flags);
|
|
|
|
list_del(&ip->i_ordered);
|
2007-09-02 13:48:13 +04:00
|
|
|
continue;
|
2017-12-22 16:55:31 +03:00
|
|
|
}
|
|
|
|
list_move(&ip->i_ordered, &written);
|
2013-01-28 13:30:07 +04:00
|
|
|
spin_unlock(&sdp->sd_ordered_lock);
|
|
|
|
filemap_fdatawrite(ip->i_inode.i_mapping);
|
|
|
|
spin_lock(&sdp->sd_ordered_lock);
|
2007-09-02 13:48:13 +04:00
|
|
|
}
|
2019-04-05 14:16:14 +03:00
|
|
|
list_splice(&written, &sdp->sd_log_ordered);
|
2013-01-28 13:30:07 +04:00
|
|
|
spin_unlock(&sdp->sd_ordered_lock);
|
2007-09-02 13:48:13 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static void gfs2_ordered_wait(struct gfs2_sbd *sdp)
|
|
|
|
{
|
2013-01-28 13:30:07 +04:00
|
|
|
struct gfs2_inode *ip;
|
2007-09-02 13:48:13 +04:00
|
|
|
|
2013-01-28 13:30:07 +04:00
|
|
|
spin_lock(&sdp->sd_ordered_lock);
|
2019-04-05 14:16:14 +03:00
|
|
|
while (!list_empty(&sdp->sd_log_ordered)) {
|
|
|
|
ip = list_entry(sdp->sd_log_ordered.next, struct gfs2_inode, i_ordered);
|
2013-01-28 13:30:07 +04:00
|
|
|
list_del(&ip->i_ordered);
|
|
|
|
WARN_ON(!test_and_clear_bit(GIF_ORDERED, &ip->i_flags));
|
|
|
|
if (ip->i_inode.i_mapping->nrpages == 0)
|
2007-09-02 13:48:13 +04:00
|
|
|
continue;
|
2013-01-28 13:30:07 +04:00
|
|
|
spin_unlock(&sdp->sd_ordered_lock);
|
|
|
|
filemap_fdatawait(ip->i_inode.i_mapping);
|
|
|
|
spin_lock(&sdp->sd_ordered_lock);
|
2007-09-02 13:48:13 +04:00
|
|
|
}
|
2013-01-28 13:30:07 +04:00
|
|
|
spin_unlock(&sdp->sd_ordered_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
void gfs2_ordered_del_inode(struct gfs2_inode *ip)
|
|
|
|
{
|
|
|
|
struct gfs2_sbd *sdp = GFS2_SB(&ip->i_inode);
|
|
|
|
|
|
|
|
spin_lock(&sdp->sd_ordered_lock);
|
|
|
|
if (test_and_clear_bit(GIF_ORDERED, &ip->i_flags))
|
|
|
|
list_del(&ip->i_ordered);
|
|
|
|
spin_unlock(&sdp->sd_ordered_lock);
|
2007-09-02 13:48:13 +04:00
|
|
|
}
|
|
|
|
|
2013-06-14 20:38:29 +04:00
|
|
|
void gfs2_add_revoke(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd)
|
|
|
|
{
|
|
|
|
struct buffer_head *bh = bd->bd_bh;
|
|
|
|
struct gfs2_glock *gl = bd->bd_gl;
|
|
|
|
|
|
|
|
bh->b_private = NULL;
|
|
|
|
bd->bd_blkno = bh->b_blocknr;
|
2013-12-10 21:06:35 +04:00
|
|
|
gfs2_remove_from_ail(bd); /* drops ref on bh */
|
|
|
|
bd->bd_bh = NULL;
|
2013-06-14 20:38:29 +04:00
|
|
|
sdp->sd_log_num_revoke++;
|
2019-06-06 15:33:38 +03:00
|
|
|
if (atomic_inc_return(&gl->gl_revokes) == 1)
|
gfs2: Fix occasional glock use-after-free
This patch has to do with the life cycle of glocks and buffers. When
gfs2 metadata or journaled data is queued to be written, a gfs2_bufdata
object is assigned to track the buffer, and that is queued to various
lists, including the glock's gl_ail_list to indicate it's on the active
items list. Once the page associated with the buffer has been written,
it is removed from the ail list, but its life isn't over until a revoke
has been successfully written.
So after the block is written, its bufdata object is moved from the
glock's gl_ail_list to a file-system-wide list of pending revokes,
sd_log_le_revoke. At that point the glock still needs to track how many
revokes it contributed to that list (in gl_revokes) so that things like
glock go_sync can ensure all the metadata has been not only written, but
also revoked before the glock is granted to a different node. This is
to guarantee journal replay doesn't replay the block once the glock has
been granted to another node.
Ross Lagerwall recently discovered a race in which an inode could be
evicted, and its glock freed after its ail list had been synced, but
while it still had unwritten revokes on the sd_log_le_revoke list. The
evict decremented the glock reference count to zero, which allowed the
glock to be freed. After the revoke was written, function
revoke_lo_after_commit tried to adjust the glock's gl_revokes counter
and clear its GLF_LFLUSH flag, at which time it referenced the freed
glock.
This patch fixes the problem by incrementing the glock reference count
in gfs2_add_revoke when the glock's first bufdata object is moved from
the glock to the global revokes list. Later, when the glock's last such
bufdata object is freed, the reference count is decremented. This
guarantees that whichever process finishes last (the revoke writing or
the evict) will properly free the glock, and neither will reference the
glock after it has been freed.
Reported-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
2019-04-04 23:11:11 +03:00
|
|
|
gfs2_glock_hold(gl);
|
2013-06-14 20:38:29 +04:00
|
|
|
set_bit(GLF_LFLUSH, &gl->gl_flags);
|
2019-04-05 14:16:14 +03:00
|
|
|
list_add(&bd->bd_list, &sdp->sd_log_revokes);
|
2013-06-14 20:38:29 +04:00
|
|
|
}
|
|
|
|
|
2019-11-14 17:49:11 +03:00
|
|
|
void gfs2_glock_remove_revoke(struct gfs2_glock *gl)
|
|
|
|
{
|
|
|
|
if (atomic_dec_return(&gl->gl_revokes) == 0) {
|
|
|
|
clear_bit(GLF_LFLUSH, &gl->gl_flags);
|
|
|
|
gfs2_glock_queue_put(gl);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-06-14 20:38:29 +04:00
|
|
|
void gfs2_write_revokes(struct gfs2_sbd *sdp)
|
|
|
|
{
|
|
|
|
struct gfs2_trans *tr;
|
|
|
|
struct gfs2_bufdata *bd, *tmp;
|
|
|
|
int have_revokes = 0;
|
|
|
|
int max_revokes = (sdp->sd_sb.sb_bsize - sizeof(struct gfs2_log_descriptor)) / sizeof(u64);
|
|
|
|
|
|
|
|
gfs2_ail1_empty(sdp);
|
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
2018-10-15 20:17:30 +03:00
|
|
|
list_for_each_entry_reverse(tr, &sdp->sd_ail1_list, tr_list) {
|
2013-06-14 20:38:29 +04:00
|
|
|
list_for_each_entry(bd, &tr->tr_ail2_list, bd_ail_st_list) {
|
|
|
|
if (list_empty(&bd->bd_list)) {
|
|
|
|
have_revokes = 1;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
done:
|
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
|
|
|
if (have_revokes == 0)
|
|
|
|
return;
|
|
|
|
while (sdp->sd_log_num_revoke > max_revokes)
|
|
|
|
max_revokes += (sdp->sd_sb.sb_bsize - sizeof(struct gfs2_meta_header)) / sizeof(u64);
|
|
|
|
max_revokes -= sdp->sd_log_num_revoke;
|
|
|
|
if (!sdp->sd_log_num_revoke) {
|
|
|
|
atomic_dec(&sdp->sd_log_blks_free);
|
|
|
|
/* If no blocks have been reserved, we need to also
|
|
|
|
* reserve a block for the header */
|
|
|
|
if (!sdp->sd_log_blks_reserved)
|
|
|
|
atomic_dec(&sdp->sd_log_blks_free);
|
|
|
|
}
|
|
|
|
gfs2_log_lock(sdp);
|
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
2018-10-15 20:17:30 +03:00
|
|
|
list_for_each_entry_reverse(tr, &sdp->sd_ail1_list, tr_list) {
|
2013-06-14 20:38:29 +04:00
|
|
|
list_for_each_entry_safe(bd, tmp, &tr->tr_ail2_list, bd_ail_st_list) {
|
|
|
|
if (max_revokes == 0)
|
|
|
|
goto out_of_blocks;
|
|
|
|
if (!list_empty(&bd->bd_list))
|
|
|
|
continue;
|
|
|
|
gfs2_add_revoke(sdp, bd);
|
|
|
|
max_revokes--;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
out_of_blocks:
|
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
|
|
|
gfs2_log_unlock(sdp);
|
|
|
|
|
|
|
|
if (!sdp->sd_log_num_revoke) {
|
|
|
|
atomic_inc(&sdp->sd_log_blks_free);
|
|
|
|
if (!sdp->sd_log_blks_reserved)
|
|
|
|
atomic_inc(&sdp->sd_log_blks_free);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-03-09 14:45:56 +04:00
|
|
|
/**
|
2019-03-25 18:34:19 +03:00
|
|
|
* gfs2_write_log_header - Write a journal log header buffer at lblock
|
2012-03-09 14:45:56 +04:00
|
|
|
* @sdp: The GFS2 superblock
|
2018-01-17 02:01:33 +03:00
|
|
|
* @jd: journal descriptor of the journal to which we are writing
|
2017-12-18 21:48:29 +03:00
|
|
|
* @seq: sequence number
|
|
|
|
* @tail: tail of the log
|
2019-03-25 18:34:19 +03:00
|
|
|
* @lblock: value for lh_blkno (block number relative to start of journal)
|
2018-01-17 02:01:33 +03:00
|
|
|
* @flags: log header flags GFS2_LOG_HEAD_*
|
2017-12-18 21:48:29 +03:00
|
|
|
* @op_flags: flags to pass to the bio
|
2012-03-09 14:45:56 +04:00
|
|
|
*
|
|
|
|
* Returns: the initialized log buffer descriptor
|
|
|
|
*/
|
|
|
|
|
2018-01-17 02:01:33 +03:00
|
|
|
void gfs2_write_log_header(struct gfs2_sbd *sdp, struct gfs2_jdesc *jd,
|
2019-03-25 18:34:19 +03:00
|
|
|
u64 seq, u32 tail, u32 lblock, u32 flags,
|
|
|
|
int op_flags)
|
2012-03-09 14:45:56 +04:00
|
|
|
{
|
|
|
|
struct gfs2_log_header *lh;
|
2018-01-17 02:01:33 +03:00
|
|
|
u32 hash, crc;
|
2019-11-20 16:53:14 +03:00
|
|
|
struct page *page;
|
2018-01-17 02:01:33 +03:00
|
|
|
struct gfs2_statfs_change_host *l_sc = &sdp->sd_statfs_local;
|
|
|
|
struct timespec64 tv;
|
|
|
|
struct super_block *sb = sdp->sd_vfs;
|
2019-03-25 18:34:19 +03:00
|
|
|
u64 dblock;
|
2017-12-18 21:48:29 +03:00
|
|
|
|
2019-11-20 16:53:14 +03:00
|
|
|
if (gfs2_withdrawn(sdp))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
page = mempool_alloc(gfs2_page_pool, GFP_NOIO);
|
2012-04-16 12:28:31 +04:00
|
|
|
lh = page_address(page);
|
|
|
|
clear_page(lh);
|
2012-03-09 14:45:56 +04:00
|
|
|
|
|
|
|
lh->lh_header.mh_magic = cpu_to_be32(GFS2_MAGIC);
|
|
|
|
lh->lh_header.mh_type = cpu_to_be32(GFS2_METATYPE_LH);
|
|
|
|
lh->lh_header.__pad0 = cpu_to_be64(0);
|
|
|
|
lh->lh_header.mh_format = cpu_to_be32(GFS2_FORMAT_LH);
|
|
|
|
lh->lh_header.mh_jid = cpu_to_be32(sdp->sd_jdesc->jd_jid);
|
2017-12-18 21:48:29 +03:00
|
|
|
lh->lh_sequence = cpu_to_be64(seq);
|
2012-03-09 14:45:56 +04:00
|
|
|
lh->lh_flags = cpu_to_be32(flags);
|
|
|
|
lh->lh_tail = cpu_to_be32(tail);
|
2019-03-25 18:34:19 +03:00
|
|
|
lh->lh_blkno = cpu_to_be32(lblock);
|
2018-01-17 02:01:33 +03:00
|
|
|
hash = ~crc32(~0, lh, LH_V1_SIZE);
|
2012-03-09 14:45:56 +04:00
|
|
|
lh->lh_hash = cpu_to_be32(hash);
|
|
|
|
|
2018-06-20 23:15:24 +03:00
|
|
|
ktime_get_coarse_real_ts64(&tv);
|
2018-01-17 02:01:33 +03:00
|
|
|
lh->lh_nsec = cpu_to_be32(tv.tv_nsec);
|
|
|
|
lh->lh_sec = cpu_to_be64(tv.tv_sec);
|
2019-03-25 18:34:19 +03:00
|
|
|
if (!list_empty(&jd->extent_list))
|
2019-08-28 23:21:34 +03:00
|
|
|
dblock = gfs2_log_bmap(jd, lblock);
|
2019-03-25 18:34:19 +03:00
|
|
|
else {
|
|
|
|
int ret = gfs2_lblk_to_dblk(jd->jd_inode, lblock, &dblock);
|
|
|
|
if (gfs2_assert_withdraw(sdp, ret == 0))
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
lh->lh_addr = cpu_to_be64(dblock);
|
2018-01-17 02:01:33 +03:00
|
|
|
lh->lh_jinode = cpu_to_be64(GFS2_I(jd->jd_inode)->i_no_addr);
|
|
|
|
|
|
|
|
/* We may only write local statfs, quota, etc., when writing to our
|
|
|
|
own journal. The values are left 0 when recovering a journal
|
|
|
|
different from our own. */
|
|
|
|
if (!(flags & GFS2_LOG_HEAD_RECOVERY)) {
|
|
|
|
lh->lh_statfs_addr =
|
|
|
|
cpu_to_be64(GFS2_I(sdp->sd_sc_inode)->i_no_addr);
|
|
|
|
lh->lh_quota_addr =
|
|
|
|
cpu_to_be64(GFS2_I(sdp->sd_qc_inode)->i_no_addr);
|
|
|
|
|
|
|
|
spin_lock(&sdp->sd_statfs_spin);
|
|
|
|
lh->lh_local_total = cpu_to_be64(l_sc->sc_total);
|
|
|
|
lh->lh_local_free = cpu_to_be64(l_sc->sc_free);
|
|
|
|
lh->lh_local_dinodes = cpu_to_be64(l_sc->sc_dinodes);
|
|
|
|
spin_unlock(&sdp->sd_statfs_spin);
|
|
|
|
}
|
|
|
|
|
|
|
|
BUILD_BUG_ON(offsetof(struct gfs2_log_header, lh_crc) != LH_V1_SIZE);
|
|
|
|
|
|
|
|
crc = crc32c(~0, (void *)lh + LH_V1_SIZE + 4,
|
|
|
|
sb->s_blocksize - LH_V1_SIZE - 4);
|
|
|
|
lh->lh_crc = cpu_to_be32(crc);
|
|
|
|
|
2019-03-25 18:34:19 +03:00
|
|
|
gfs2_log_write(sdp, page, sb->s_blocksize, 0, dblock);
|
2019-05-02 22:17:40 +03:00
|
|
|
gfs2_log_submit_bio(&sdp->sd_log_bio, REQ_OP_WRITE | op_flags);
|
2019-11-20 16:53:14 +03:00
|
|
|
out:
|
2017-12-18 21:48:29 +03:00
|
|
|
log_flush_wait(sdp);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* log_write_header - Get and initialize a journal header buffer
|
|
|
|
* @sdp: The GFS2 superblock
|
2018-01-17 02:01:33 +03:00
|
|
|
* @flags: The log header flags, including log header origin
|
2017-12-18 21:48:29 +03:00
|
|
|
*
|
|
|
|
* Returns: the initialized log buffer descriptor
|
|
|
|
*/
|
|
|
|
|
|
|
|
static void log_write_header(struct gfs2_sbd *sdp, u32 flags)
|
|
|
|
{
|
|
|
|
unsigned int tail;
|
|
|
|
int op_flags = REQ_PREFLUSH | REQ_FUA | REQ_META | REQ_SYNC;
|
|
|
|
enum gfs2_freeze_state state = atomic_read(&sdp->sd_freeze_state);
|
|
|
|
|
|
|
|
gfs2_assert_withdraw(sdp, (state != SFS_FROZEN));
|
|
|
|
tail = current_tail(sdp);
|
|
|
|
|
2012-03-09 14:45:56 +04:00
|
|
|
if (test_bit(SDF_NOBARRIERS, &sdp->sd_flags)) {
|
|
|
|
gfs2_ordered_wait(sdp);
|
|
|
|
log_flush_wait(sdp);
|
2016-11-01 16:40:10 +03:00
|
|
|
op_flags = REQ_SYNC | REQ_META | REQ_PRIO;
|
2012-03-09 14:45:56 +04:00
|
|
|
}
|
2012-04-16 12:28:31 +04:00
|
|
|
sdp->sd_log_idle = (tail == sdp->sd_log_flush_head);
|
2018-01-17 02:01:33 +03:00
|
|
|
gfs2_write_log_header(sdp, sdp->sd_jdesc, sdp->sd_log_sequence++, tail,
|
2019-03-25 18:34:19 +03:00
|
|
|
sdp->sd_log_flush_head, flags, op_flags);
|
2019-08-28 23:21:34 +03:00
|
|
|
gfs2_log_incr_head(sdp);
|
2012-03-09 14:45:56 +04:00
|
|
|
|
|
|
|
if (sdp->sd_log_tail != tail)
|
|
|
|
log_pull_tail(sdp, tail);
|
|
|
|
}
|
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
/**
|
2006-04-07 19:17:32 +04:00
|
|
|
* gfs2_log_flush - flush incore transaction(s)
|
2006-01-16 19:50:04 +03:00
|
|
|
* @sdp: the filesystem
|
|
|
|
* @gl: The glock structure to flush. If NULL, flush the whole incore log
|
2018-01-08 18:34:17 +03:00
|
|
|
* @flags: The log header flags: GFS2_LOG_HEAD_FLUSH_* and debug flags
|
2006-01-16 19:50:04 +03:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2018-01-17 02:01:33 +03:00
|
|
|
void gfs2_log_flush(struct gfs2_sbd *sdp, struct gfs2_glock *gl, u32 flags)
|
2006-01-16 19:50:04 +03:00
|
|
|
{
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
struct gfs2_trans *tr;
|
2014-11-14 05:42:04 +03:00
|
|
|
enum gfs2_freeze_state state = atomic_read(&sdp->sd_freeze_state);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2006-03-29 18:12:12 +04:00
|
|
|
down_write(&sdp->sd_log_flush_lock);
|
2006-02-21 15:51:39 +03:00
|
|
|
|
2007-11-08 17:25:12 +03:00
|
|
|
/* Log might have been flushed while we waited for the flush lock */
|
|
|
|
if (gl && !test_bit(GLF_LFLUSH, &gl->gl_flags)) {
|
|
|
|
up_write(&sdp->sd_log_flush_lock);
|
|
|
|
return;
|
2006-02-21 15:51:39 +03:00
|
|
|
}
|
2018-01-08 18:34:17 +03:00
|
|
|
trace_gfs2_log_flush(sdp, 1, flags);
|
2006-02-21 15:51:39 +03:00
|
|
|
|
2018-01-17 02:01:33 +03:00
|
|
|
if (flags & GFS2_LOG_HEAD_FLUSH_SHUTDOWN)
|
2015-12-09 16:46:33 +03:00
|
|
|
clear_bit(SDF_JOURNAL_LIVE, &sdp->sd_flags);
|
|
|
|
|
2014-02-25 15:52:20 +04:00
|
|
|
sdp->sd_log_flush_head = sdp->sd_log_head;
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
tr = sdp->sd_log_tr;
|
|
|
|
if (tr) {
|
|
|
|
sdp->sd_log_tr = NULL;
|
|
|
|
INIT_LIST_HEAD(&tr->tr_ail1_list);
|
|
|
|
INIT_LIST_HEAD(&tr->tr_ail2_list);
|
2014-02-25 15:52:20 +04:00
|
|
|
tr->tr_first = sdp->sd_log_flush_head;
|
2014-11-14 05:42:04 +03:00
|
|
|
if (unlikely (state == SFS_FROZEN))
|
|
|
|
gfs2_assert_withdraw(sdp, !tr->tr_num_buf_new && !tr->tr_num_databuf_new);
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
}
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2014-11-14 05:42:04 +03:00
|
|
|
if (unlikely(state == SFS_FROZEN))
|
|
|
|
gfs2_assert_withdraw(sdp, !sdp->sd_log_num_revoke);
|
2006-01-16 19:50:04 +03:00
|
|
|
gfs2_assert_withdraw(sdp,
|
2020-01-09 15:54:36 +03:00
|
|
|
sdp->sd_log_num_revoke == sdp->sd_log_committed_revoke);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2007-09-02 13:48:13 +04:00
|
|
|
gfs2_ordered_write(sdp);
|
2014-02-21 19:22:35 +04:00
|
|
|
lops_before_commit(sdp, tr);
|
2019-05-02 22:17:40 +03:00
|
|
|
gfs2_log_submit_bio(&sdp->sd_log_bio, REQ_OP_WRITE);
|
2007-09-02 13:48:13 +04:00
|
|
|
|
2012-03-09 14:45:56 +04:00
|
|
|
if (sdp->sd_log_head != sdp->sd_log_flush_head) {
|
2014-03-12 18:34:16 +04:00
|
|
|
log_flush_wait(sdp);
|
2018-01-17 02:01:33 +03:00
|
|
|
log_write_header(sdp, flags);
|
2012-03-09 14:45:56 +04:00
|
|
|
} else if (sdp->sd_log_tail != current_tail(sdp) && !sdp->sd_log_idle){
|
2007-11-08 17:55:03 +03:00
|
|
|
atomic_dec(&sdp->sd_log_blks_free); /* Adjust for unreserved buffer */
|
2009-06-12 11:49:20 +04:00
|
|
|
trace_gfs2_log_blocks(sdp, -1);
|
2018-01-17 02:01:33 +03:00
|
|
|
log_write_header(sdp, flags);
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
}
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
lops_after_commit(sdp, tr);
|
2006-04-07 19:17:32 +04:00
|
|
|
|
2006-10-11 21:34:59 +04:00
|
|
|
gfs2_log_lock(sdp);
|
|
|
|
sdp->sd_log_head = sdp->sd_log_flush_head;
|
2006-09-13 19:13:27 +04:00
|
|
|
sdp->sd_log_blks_reserved = 0;
|
2020-01-09 15:54:36 +03:00
|
|
|
sdp->sd_log_committed_revoke = 0;
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_lock(&sdp->sd_ail_lock);
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
if (tr && !list_empty(&tr->tr_ail1_list)) {
|
|
|
|
list_add(&tr->tr_list, &sdp->sd_ail1_list);
|
|
|
|
tr = NULL;
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
2011-03-11 14:52:25 +03:00
|
|
|
spin_unlock(&sdp->sd_ail_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
gfs2_log_unlock(sdp);
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
|
2018-01-17 02:01:33 +03:00
|
|
|
if (!(flags & GFS2_LOG_HEAD_FLUSH_NORMAL)) {
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
if (!sdp->sd_log_idle) {
|
|
|
|
for (;;) {
|
|
|
|
gfs2_ail1_start(sdp);
|
|
|
|
gfs2_ail1_wait(sdp);
|
|
|
|
if (gfs2_ail1_empty(sdp))
|
|
|
|
break;
|
|
|
|
}
|
2019-11-13 20:47:09 +03:00
|
|
|
if (gfs2_withdrawn(sdp))
|
|
|
|
goto out;
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
atomic_dec(&sdp->sd_log_blks_free); /* Adjust for unreserved buffer */
|
|
|
|
trace_gfs2_log_blocks(sdp, -1);
|
2018-01-17 02:01:33 +03:00
|
|
|
log_write_header(sdp, flags);
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
sdp->sd_log_head = sdp->sd_log_flush_head;
|
|
|
|
}
|
2018-01-17 02:01:33 +03:00
|
|
|
if (flags & (GFS2_LOG_HEAD_FLUSH_SHUTDOWN |
|
|
|
|
GFS2_LOG_HEAD_FLUSH_FREEZE))
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
gfs2_log_shutdown(sdp);
|
2018-01-17 02:01:33 +03:00
|
|
|
if (flags & GFS2_LOG_HEAD_FLUSH_FREEZE)
|
2014-11-14 05:42:04 +03:00
|
|
|
atomic_set(&sdp->sd_freeze_state, SFS_FROZEN);
|
GFS2: remove transaction glock
GFS2 has a transaction glock, which must be grabbed for every
transaction, whose purpose is to deal with freezing the filesystem.
Aside from this involving a large amount of locking, it is very easy to
make the current fsfreeze code hang on unfreezing.
This patch rewrites how gfs2 handles freezing the filesystem. The
transaction glock is removed. In it's place is a freeze glock, which is
cached (but not held) in a shared state by every node in the cluster
when the filesystem is mounted. This lock only needs to be grabbed on
freezing, and actions which need to be safe from freezing, like
recovery.
When a node wants to freeze the filesystem, it grabs this glock
exclusively. When the freeze glock state changes on the nodes (either
from shared to unlocked, or shared to exclusive), the filesystem does a
special log flush. gfs2_log_flush() does all the work for flushing out
the and shutting down the incore log, and then it tries to grab the
freeze glock in a shared state again. Since the filesystem is stuck in
gfs2_log_flush, no new transaction can start, and nothing can be written
to disk. Unfreezing the filesytem simply involes dropping the freeze
glock, allowing gfs2_log_flush() to grab and then release the shared
lock, so it is cached for next time.
However, in order for the unfreezing ioctl to occur, gfs2 needs to get a
shared lock on the filesystem root directory inode to check permissions.
If that glock has already been grabbed exclusively, fsfreeze will be
unable to get the shared lock and unfreeze the filesystem.
In order to allow the unfreeze, this patch makes gfs2 grab a shared lock
on the filesystem root directory during the freeze, and hold it until it
unfreezes the filesystem. The functions which need to grab a shared
lock in order to allow the unfreeze ioctl to be issued now use the lock
grabbed by the freeze code instead.
The freeze and unfreeze code take care to make sure that this shared
lock will not be dropped while another process is using it.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2014-05-02 07:26:55 +04:00
|
|
|
}
|
|
|
|
|
2019-11-13 20:47:09 +03:00
|
|
|
out:
|
2018-01-08 18:34:17 +03:00
|
|
|
trace_gfs2_log_flush(sdp, 0, flags);
|
2006-03-29 18:12:12 +04:00
|
|
|
up_write(&sdp->sd_log_flush_lock);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
GFS2: replace gfs2_ail structure with gfs2_trans
In order to allow transactions and log flushes to happen at the same
time, gfs2 needs to move the transaction accounting and active items
list code into the gfs2_trans structure. As a first step toward this,
this patch removes the gfs2_ail structure, and handles the active items
list in the gfs_trans structure. This keeps gfs2 from allocating an ail
structure on log flushes, and gives us a struture that can later be used
to store the transaction accounting outside of the gfs2 superblock
structure.
With this patch, at the end of a transaction, gfs2 will add the
gfs2_trans structure to the superblock if there is not one already.
This structure now has the active items fields that were previously in
gfs2_ail. This is not necessary in the case where the transaction was
simply used to add revokes, since these are never written outside of the
journal, and thus, don't need an active items list.
Also, in order to make sure that the transaction structure is not
removed while it's still in use by gfs2_trans_end, unlocking the
sd_log_flush_lock has to happen slightly later in ending the
transaction.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-04-06 05:31:46 +04:00
|
|
|
kfree(tr);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
2014-02-21 19:22:35 +04:00
|
|
|
/**
|
|
|
|
* gfs2_merge_trans - Merge a new transaction into a cached transaction
|
|
|
|
* @old: Original transaction to be expanded
|
|
|
|
* @new: New transaction to be merged
|
|
|
|
*/
|
|
|
|
|
|
|
|
static void gfs2_merge_trans(struct gfs2_trans *old, struct gfs2_trans *new)
|
|
|
|
{
|
2017-01-25 20:50:47 +03:00
|
|
|
WARN_ON_ONCE(!test_bit(TR_ATTACHED, &old->tr_flags));
|
2014-02-21 19:22:35 +04:00
|
|
|
|
|
|
|
old->tr_num_buf_new += new->tr_num_buf_new;
|
|
|
|
old->tr_num_databuf_new += new->tr_num_databuf_new;
|
|
|
|
old->tr_num_buf_rm += new->tr_num_buf_rm;
|
|
|
|
old->tr_num_databuf_rm += new->tr_num_databuf_rm;
|
|
|
|
old->tr_num_revoke += new->tr_num_revoke;
|
2020-01-20 17:49:28 +03:00
|
|
|
old->tr_num_revoke_rm += new->tr_num_revoke_rm;
|
2014-02-21 19:22:35 +04:00
|
|
|
|
|
|
|
list_splice_tail_init(&new->tr_databuf, &old->tr_databuf);
|
|
|
|
list_splice_tail_init(&new->tr_buf, &old->tr_buf);
|
|
|
|
}
|
|
|
|
|
2006-01-16 19:50:04 +03:00
|
|
|
static void log_refund(struct gfs2_sbd *sdp, struct gfs2_trans *tr)
|
|
|
|
{
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
unsigned int reserved;
|
2008-01-10 17:49:43 +03:00
|
|
|
unsigned int unused;
|
2014-02-22 01:55:33 +04:00
|
|
|
unsigned int maxres;
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
gfs2_log_lock(sdp);
|
|
|
|
|
2014-02-22 01:55:33 +04:00
|
|
|
if (sdp->sd_log_tr) {
|
|
|
|
gfs2_merge_trans(sdp->sd_log_tr, tr);
|
|
|
|
} else if (tr->tr_num_buf_new || tr->tr_num_databuf_new) {
|
2017-01-25 20:50:47 +03:00
|
|
|
gfs2_assert_withdraw(sdp, test_bit(TR_ALLOCED, &tr->tr_flags));
|
2014-02-22 01:55:33 +04:00
|
|
|
sdp->sd_log_tr = tr;
|
2017-01-25 20:50:47 +03:00
|
|
|
set_bit(TR_ATTACHED, &tr->tr_flags);
|
2014-02-22 01:55:33 +04:00
|
|
|
}
|
|
|
|
|
2020-01-20 17:49:28 +03:00
|
|
|
sdp->sd_log_committed_revoke += tr->tr_num_revoke - tr->tr_num_revoke_rm;
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
reserved = calc_reserved(sdp);
|
2014-02-22 01:55:33 +04:00
|
|
|
maxres = sdp->sd_log_blks_reserved + tr->tr_reserved;
|
|
|
|
gfs2_assert_withdraw(sdp, maxres >= reserved);
|
|
|
|
unused = maxres - reserved;
|
2008-01-10 17:49:43 +03:00
|
|
|
atomic_add(unused, &sdp->sd_log_blks_free);
|
2009-06-12 11:49:20 +04:00
|
|
|
trace_gfs2_log_blocks(sdp, unused);
|
2007-11-08 17:55:03 +03:00
|
|
|
gfs2_assert_withdraw(sdp, atomic_read(&sdp->sd_log_blks_free) <=
|
[GFS2] assertion failure after writing to journaled file, umount
This patch passes all my nasty tests that were causing the code to
fail under one circumstance or another. Here is a complete summary
of all changes from today's git tree, in order of appearance:
1. There are now separate variables for metadata buffer accounting.
2. Variable sd_log_num_hdrs is no longer needed, since the header
accounting is taken care of by the reserve/refund sequence.
3. Fixed a tiny grammatical problem in a comment.
4. Added a new function "calc_reserved" to calculate the reserved
log space. This isn't entirely necessary, but it has two benefits:
First, it simplifies the gfs2_log_refund function greatly.
Second, it allows for easier debugging because I could sprinkle the
code with calls to this function to make sure the accounting is
proper (by adding asserts and printks) at strategic point of the code.
5. In log_pull_tail there apparently was a kludge to fix up the
accounting based on a "pull" parameter. The buffer accounting is
now done properly, so the kludge was removed.
6. File sync operations were making a call to gfs2_log_flush that
writes another journal header. Since that header was unplanned
for (reserved) by the reserve/refund sequence, the free space had
to be decremented so that when log_pull_tail gets called, the free
space is be adjusted properly. (Did I hear you call that a kludge?
well, maybe, but a lot more justifiable than the one I removed).
7. In the gfs2_log_shutdown code, it optionally syncs the log by
specifying the PULL parameter to log_write_header. I'm not sure
this is necessary anymore. It just seems to me there could be
cases where shutdown is called while there are outstanding log
buffers.
8. In the (data)buf_lo_before_commit functions, I changed some offset
values from being calculated on the fly to being constants. That
simplified some code and we might as well let the compiler do the
calculation once rather than redoing those cycles at run time.
9. This version has my rewritten databuf_lo_add function.
This version is much more like its predecessor, buf_lo_add, which
makes it easier to understand. Again, this might not be necessary,
but it seems as if this one works as well as the previous one,
maybe even better, so I decided to leave it in.
10. In databuf_lo_before_commit, a previous data corruption problem
was caused by going off the end of the buffer. The proper solution
is to have the proper limit in place, rather than stopping earlier.
(Thus my previous attempt to fix it is wrong).
If you don't wrap the buffer, you're stopping too early and that
causes more log buffer accounting problems.
11. In lops.h there are two new (previously mentioned) constants for
figuring out the data offset for the journal buffers.
12. There are also two new functions, buf_limit and databuf_limit to
calculate how many entries will fit in the buffer.
13. In function gfs2_meta_wipe, it needs to distinguish between pinned
metadata buffers and journaled data buffers for proper journal buffer
accounting. It can't use the JDATA gfs2_inode flag because it's
sometimes passed the "real" inode and sometimes the "metadata
inode" and the inode flags will be random bits in a metadata
gfs2_inode. It needs to base its decision on which was passed in.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2007-06-18 23:50:20 +04:00
|
|
|
sdp->sd_jdesc->jd_blocks);
|
2006-01-16 19:50:04 +03:00
|
|
|
sdp->sd_log_blks_reserved = reserved;
|
|
|
|
|
|
|
|
gfs2_log_unlock(sdp);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* gfs2_log_commit - Commit a transaction to the log
|
|
|
|
* @sdp: the filesystem
|
|
|
|
* @tr: the transaction
|
|
|
|
*
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
* We wake up gfs2_logd if the number of pinned blocks exceed thresh1
|
|
|
|
* or the total number of used blocks (pinned blocks plus AIL blocks)
|
|
|
|
* is greater than thresh2.
|
|
|
|
*
|
|
|
|
* At mount time thresh1 is 1/3rd of journal size, thresh2 is 2/3rd of
|
|
|
|
* journal size.
|
|
|
|
*
|
2006-01-16 19:50:04 +03:00
|
|
|
* Returns: errno
|
|
|
|
*/
|
|
|
|
|
|
|
|
void gfs2_log_commit(struct gfs2_sbd *sdp, struct gfs2_trans *tr)
|
|
|
|
{
|
|
|
|
log_refund(sdp, tr);
|
|
|
|
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
if (atomic_read(&sdp->sd_log_pinned) > atomic_read(&sdp->sd_log_thresh1) ||
|
|
|
|
((sdp->sd_jdesc->jd_blocks - atomic_read(&sdp->sd_log_blks_free)) >
|
|
|
|
atomic_read(&sdp->sd_log_thresh2)))
|
|
|
|
wake_up(&sdp->sd_logd_waitq);
|
2006-01-16 19:50:04 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* gfs2_log_shutdown - write a shutdown header into a journal
|
|
|
|
* @sdp: the filesystem
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2019-11-14 17:48:26 +03:00
|
|
|
static void gfs2_log_shutdown(struct gfs2_sbd *sdp)
|
2006-01-16 19:50:04 +03:00
|
|
|
{
|
|
|
|
gfs2_assert_withdraw(sdp, !sdp->sd_log_blks_reserved);
|
|
|
|
gfs2_assert_withdraw(sdp, !sdp->sd_log_num_revoke);
|
|
|
|
gfs2_assert_withdraw(sdp, list_empty(&sdp->sd_ail1_list));
|
|
|
|
|
|
|
|
sdp->sd_log_flush_head = sdp->sd_log_head;
|
|
|
|
|
2018-01-08 18:34:17 +03:00
|
|
|
log_write_header(sdp, GFS2_LOG_HEAD_UNMOUNT | GFS2_LFC_SHUTDOWN);
|
2006-01-16 19:50:04 +03:00
|
|
|
|
2006-04-21 23:10:46 +04:00
|
|
|
gfs2_assert_warn(sdp, sdp->sd_log_head == sdp->sd_log_tail);
|
|
|
|
gfs2_assert_warn(sdp, list_empty(&sdp->sd_ail2_list));
|
2006-01-16 19:50:04 +03:00
|
|
|
|
|
|
|
sdp->sd_log_head = sdp->sd_log_flush_head;
|
|
|
|
sdp->sd_log_tail = sdp->sd_log_head;
|
2006-11-23 19:06:35 +03:00
|
|
|
}
|
|
|
|
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
static inline int gfs2_jrnl_flush_reqd(struct gfs2_sbd *sdp)
|
|
|
|
{
|
2017-01-06 00:01:45 +03:00
|
|
|
return (atomic_read(&sdp->sd_log_pinned) +
|
|
|
|
atomic_read(&sdp->sd_log_blks_needed) >=
|
|
|
|
atomic_read(&sdp->sd_log_thresh1));
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline int gfs2_ail_flush_reqd(struct gfs2_sbd *sdp)
|
|
|
|
{
|
|
|
|
unsigned int used_blocks = sdp->sd_jdesc->jd_blocks - atomic_read(&sdp->sd_log_blks_free);
|
2017-08-04 20:15:32 +03:00
|
|
|
|
|
|
|
if (test_and_clear_bit(SDF_FORCE_AIL_FLUSH, &sdp->sd_flags))
|
|
|
|
return 1;
|
|
|
|
|
2017-01-06 00:01:45 +03:00
|
|
|
return used_blocks + atomic_read(&sdp->sd_log_blks_needed) >=
|
|
|
|
atomic_read(&sdp->sd_log_thresh2);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
}
|
2007-11-09 13:01:41 +03:00
|
|
|
|
|
|
|
/**
|
|
|
|
* gfs2_logd - Update log tail as Active Items get flushed to in-place blocks
|
|
|
|
* @sdp: Pointer to GFS2 superblock
|
|
|
|
*
|
|
|
|
* Also, periodically check to make sure that we're using the most recent
|
|
|
|
* journal index.
|
|
|
|
*/
|
|
|
|
|
|
|
|
int gfs2_logd(void *data)
|
|
|
|
{
|
|
|
|
struct gfs2_sbd *sdp = data;
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
unsigned long t = 1;
|
|
|
|
DEFINE_WAIT(wait);
|
2017-01-07 06:14:28 +03:00
|
|
|
bool did_flush;
|
2007-11-09 13:01:41 +03:00
|
|
|
|
|
|
|
while (!kthread_should_stop()) {
|
|
|
|
|
GFS2: Withdraw for IO errors writing to the journal or statfs
Before this patch, if GFS2 encountered IO errors while writing to
the journal, it would not report the problem, so they would go
unnoticed, sometimes for many hours. Sometimes this would only be
noticed later, when recovery tried to do journal replay and failed
due to invalid metadata at the blocks that resulted in IO errors.
This patch makes GFS2's log daemon check for IO errors. If it
encounters one, it withdraws from the file system and reports
why in dmesg. A similar action is taken when IO errors occur when
writing to the system statfs file.
These errors are also reported back to any callers of fsync, since
that requires the journal to be flushed. Therefore, any IO errors
that would previously go unnoticed are now noticed and the file
system is withdrawn as early as possible, thus preventing further
file system damage.
Also note that this reintroduces superblock variable sd_log_error,
which Christoph removed with commit f729b66fca.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
2017-08-16 19:30:06 +03:00
|
|
|
/* Check for errors writing to the journal */
|
|
|
|
if (sdp->sd_log_error) {
|
2020-01-23 20:41:00 +03:00
|
|
|
gfs2_lm(sdp,
|
|
|
|
"GFS2: fsid=%s: error %d: "
|
|
|
|
"withdrawing the file system to "
|
|
|
|
"prevent further damage.\n",
|
|
|
|
sdp->sd_fsname, sdp->sd_log_error);
|
|
|
|
gfs2_withdraw(sdp);
|
GFS2: Withdraw for IO errors writing to the journal or statfs
Before this patch, if GFS2 encountered IO errors while writing to
the journal, it would not report the problem, so they would go
unnoticed, sometimes for many hours. Sometimes this would only be
noticed later, when recovery tried to do journal replay and failed
due to invalid metadata at the blocks that resulted in IO errors.
This patch makes GFS2's log daemon check for IO errors. If it
encounters one, it withdraws from the file system and reports
why in dmesg. A similar action is taken when IO errors occur when
writing to the system statfs file.
These errors are also reported back to any callers of fsync, since
that requires the journal to be flushed. Therefore, any IO errors
that would previously go unnoticed are now noticed and the file
system is withdrawn as early as possible, thus preventing further
file system damage.
Also note that this reintroduces superblock variable sd_log_error,
which Christoph removed with commit f729b66fca.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
2017-08-16 19:30:06 +03:00
|
|
|
}
|
|
|
|
|
2017-01-07 06:14:28 +03:00
|
|
|
did_flush = false;
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
if (gfs2_jrnl_flush_reqd(sdp) || t == 0) {
|
2011-04-18 17:18:09 +04:00
|
|
|
gfs2_ail1_empty(sdp);
|
2018-01-08 18:34:17 +03:00
|
|
|
gfs2_log_flush(sdp, NULL, GFS2_LOG_HEAD_FLUSH_NORMAL |
|
|
|
|
GFS2_LFC_LOGD_JFLUSH_REQD);
|
2017-01-07 06:14:28 +03:00
|
|
|
did_flush = true;
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
}
|
2007-11-09 13:01:41 +03:00
|
|
|
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
if (gfs2_ail_flush_reqd(sdp)) {
|
|
|
|
gfs2_ail1_start(sdp);
|
2011-05-21 22:21:07 +04:00
|
|
|
gfs2_ail1_wait(sdp);
|
2011-04-18 17:18:09 +04:00
|
|
|
gfs2_ail1_empty(sdp);
|
2018-01-08 18:34:17 +03:00
|
|
|
gfs2_log_flush(sdp, NULL, GFS2_LOG_HEAD_FLUSH_NORMAL |
|
|
|
|
GFS2_LFC_LOGD_AIL_FLUSH_REQD);
|
2017-01-07 06:14:28 +03:00
|
|
|
did_flush = true;
|
2007-11-09 13:01:41 +03:00
|
|
|
}
|
|
|
|
|
2017-01-07 06:14:28 +03:00
|
|
|
if (!gfs2_ail_flush_reqd(sdp) || did_flush)
|
2011-05-21 22:21:07 +04:00
|
|
|
wake_up(&sdp->sd_log_waitq);
|
|
|
|
|
2007-11-09 13:01:41 +03:00
|
|
|
t = gfs2_tune_get(sdp, gt_logd_secs) * HZ;
|
2011-11-22 00:32:22 +04:00
|
|
|
|
|
|
|
try_to_freeze();
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
|
|
|
|
do {
|
|
|
|
prepare_to_wait(&sdp->sd_logd_waitq, &wait,
|
2010-09-09 17:45:00 +04:00
|
|
|
TASK_INTERRUPTIBLE);
|
GFS2: Various gfs2_logd improvements
This patch contains various tweaks to how log flushes and active item writeback
work. gfs2_logd is now managed by a waitqueue, and gfs2_log_reseve now waits
for gfs2_logd to do the log flushing. Multiple functions were rewritten to
remove the need to call gfs2_log_lock(). Instead of using one test to see if
gfs2_logd had work to do, there are now seperate tests to check if there
are two many buffers in the incore log or if there are two many items on the
active items list.
This patch is a port of a patch Steve Whitehouse wrote about a year ago, with
some minor changes. Since gfs2_ail1_start always submits all the active items,
it no longer needs to keep track of the first ai submitted, so this has been
removed. In gfs2_log_reserve(), the order of the calls to
prepare_to_wait_exclusive() and wake_up() when firing off the logd thread has
been switched. If it called wake_up first there was a small window for a race,
where logd could run and return before gfs2_log_reserve was ready to get woken
up. If gfs2_logd ran, but did not free up enough blocks, gfs2_log_reserve()
would be left waiting for gfs2_logd to eventualy run because it timed out.
Finally, gt_logd_secs, which controls how long to wait before gfs2_logd times
out, and flushes the log, can now be set on mount with ar_commit.
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-05-04 23:29:16 +04:00
|
|
|
if (!gfs2_ail_flush_reqd(sdp) &&
|
|
|
|
!gfs2_jrnl_flush_reqd(sdp) &&
|
|
|
|
!kthread_should_stop())
|
|
|
|
t = schedule_timeout(t);
|
|
|
|
} while(t && !gfs2_ail_flush_reqd(sdp) &&
|
|
|
|
!gfs2_jrnl_flush_reqd(sdp) &&
|
|
|
|
!kthread_should_stop());
|
|
|
|
finish_wait(&sdp->sd_logd_waitq, &wait);
|
2007-11-09 13:01:41 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|