2011-03-08 21:14:00 +08:00
|
|
|
/*
|
2012-11-02 23:44:58 +08:00
|
|
|
* Copyright (C) 2011, 2012 STRATO. All rights reserved.
|
2011-03-08 21:14:00 +08:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public
|
|
|
|
* License v2 as published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public
|
|
|
|
* License along with this program; if not, write to the
|
|
|
|
* Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
|
|
* Boston, MA 021110-1307, USA.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/blkdev.h>
|
2011-06-14 01:59:12 +08:00
|
|
|
#include <linux/ratelimit.h>
|
2017-06-01 01:21:38 +08:00
|
|
|
#include <linux/sched/mm.h>
|
2011-03-08 21:14:00 +08:00
|
|
|
#include "ctree.h"
|
|
|
|
#include "volumes.h"
|
|
|
|
#include "disk-io.h"
|
|
|
|
#include "ordered-data.h"
|
2011-06-14 02:04:15 +08:00
|
|
|
#include "transaction.h"
|
2011-06-14 01:59:12 +08:00
|
|
|
#include "backref.h"
|
2011-08-05 00:11:04 +08:00
|
|
|
#include "extent_io.h"
|
2012-11-06 18:43:11 +08:00
|
|
|
#include "dev-replace.h"
|
2011-11-09 20:44:05 +08:00
|
|
|
#include "check-integrity.h"
|
2012-06-05 02:03:51 +08:00
|
|
|
#include "rcu-string.h"
|
2013-01-30 07:40:14 +08:00
|
|
|
#include "raid56.h"
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* This is only the first step towards a full-features scrub. It reads all
|
|
|
|
* extent and super block and verifies the checksums. In case a bad checksum
|
|
|
|
* is found or the extent cannot be read, good data will be written back if
|
|
|
|
* any can be found.
|
|
|
|
*
|
|
|
|
* Future enhancements:
|
|
|
|
* - In case an unrepairable extent is encountered, track which files are
|
|
|
|
* affected and report them
|
|
|
|
* - track and record media errors, throw out bad devices
|
|
|
|
* - add a mode to also read unallocated space
|
|
|
|
*/
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
struct scrub_block;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
/*
|
|
|
|
* the following three values only influence the performance.
|
|
|
|
* The last one configures the number of parallel and outstanding I/O
|
|
|
|
* operations. The first two values configure an upper limit for the number
|
|
|
|
* of (dynamically allocated) pages that are added to a bio.
|
|
|
|
*/
|
|
|
|
#define SCRUB_PAGES_PER_RD_BIO 32 /* 128k per bio */
|
|
|
|
#define SCRUB_PAGES_PER_WR_BIO 32 /* 128k per bio */
|
|
|
|
#define SCRUB_BIOS_PER_SCTX 64 /* 8MB per device in flight */
|
2012-11-02 21:58:04 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* the following value times PAGE_SIZE needs to be large enough to match the
|
|
|
|
* largest node/leaf/sector size that shall be supported.
|
|
|
|
* Values larger than BTRFS_STRIPE_LEN are not supported.
|
|
|
|
*/
|
2012-03-28 02:21:27 +08:00
|
|
|
#define SCRUB_MAX_PAGES_PER_BLOCK 16 /* 64k per node/leaf/sector */
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2014-10-23 14:42:50 +08:00
|
|
|
struct scrub_recover {
|
2017-03-03 16:55:21 +08:00
|
|
|
refcount_t refs;
|
2014-10-23 14:42:50 +08:00
|
|
|
struct btrfs_bio *bbio;
|
|
|
|
u64 map_length;
|
|
|
|
};
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
struct scrub_page {
|
2012-03-28 02:21:27 +08:00
|
|
|
struct scrub_block *sblock;
|
|
|
|
struct page *page;
|
2012-05-25 22:06:08 +08:00
|
|
|
struct btrfs_device *dev;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct list_head list;
|
2011-03-08 21:14:00 +08:00
|
|
|
u64 flags; /* extent flags */
|
|
|
|
u64 generation;
|
2012-03-28 02:21:27 +08:00
|
|
|
u64 logical;
|
|
|
|
u64 physical;
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 physical_for_dev_replace;
|
2015-01-20 15:11:45 +08:00
|
|
|
atomic_t refs;
|
2012-03-28 02:21:27 +08:00
|
|
|
struct {
|
|
|
|
unsigned int mirror_num:8;
|
|
|
|
unsigned int have_csum:1;
|
|
|
|
unsigned int io_error:1;
|
|
|
|
};
|
2011-03-08 21:14:00 +08:00
|
|
|
u8 csum[BTRFS_CSUM_SIZE];
|
2014-10-23 14:42:50 +08:00
|
|
|
|
|
|
|
struct scrub_recover *recover;
|
2011-03-08 21:14:00 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
struct scrub_bio {
|
|
|
|
int index;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
2012-11-02 20:26:57 +08:00
|
|
|
struct btrfs_device *dev;
|
2011-03-08 21:14:00 +08:00
|
|
|
struct bio *bio;
|
2017-06-03 15:38:06 +08:00
|
|
|
blk_status_t status;
|
2011-03-08 21:14:00 +08:00
|
|
|
u64 logical;
|
|
|
|
u64 physical;
|
2012-11-06 18:43:11 +08:00
|
|
|
#if SCRUB_PAGES_PER_WR_BIO >= SCRUB_PAGES_PER_RD_BIO
|
|
|
|
struct scrub_page *pagev[SCRUB_PAGES_PER_WR_BIO];
|
|
|
|
#else
|
|
|
|
struct scrub_page *pagev[SCRUB_PAGES_PER_RD_BIO];
|
|
|
|
#endif
|
2012-03-28 02:21:27 +08:00
|
|
|
int page_count;
|
2011-03-08 21:14:00 +08:00
|
|
|
int next_free;
|
|
|
|
struct btrfs_work work;
|
|
|
|
};
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
struct scrub_block {
|
2012-11-02 21:58:04 +08:00
|
|
|
struct scrub_page *pagev[SCRUB_MAX_PAGES_PER_BLOCK];
|
2012-03-28 02:21:27 +08:00
|
|
|
int page_count;
|
|
|
|
atomic_t outstanding_pages;
|
2017-03-03 16:55:23 +08:00
|
|
|
refcount_t refs; /* free mem on transition to zero */
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct scrub_parity *sparity;
|
2012-03-28 02:21:27 +08:00
|
|
|
struct {
|
|
|
|
unsigned int header_error:1;
|
|
|
|
unsigned int checksum_error:1;
|
|
|
|
unsigned int no_io_error_seen:1;
|
2012-05-25 22:06:08 +08:00
|
|
|
unsigned int generation_error:1; /* also sets header_error */
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
/* The following is for the data used to check parity */
|
|
|
|
/* It is for the data with checksum */
|
|
|
|
unsigned int data_corrected:1;
|
2012-03-28 02:21:27 +08:00
|
|
|
};
|
2015-06-20 02:52:51 +08:00
|
|
|
struct btrfs_work work;
|
2012-03-28 02:21:27 +08:00
|
|
|
};
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
/* Used for the chunks with parity stripe such RAID5/6 */
|
|
|
|
struct scrub_parity {
|
|
|
|
struct scrub_ctx *sctx;
|
|
|
|
|
|
|
|
struct btrfs_device *scrub_dev;
|
|
|
|
|
|
|
|
u64 logic_start;
|
|
|
|
|
|
|
|
u64 logic_end;
|
|
|
|
|
|
|
|
int nsectors;
|
|
|
|
|
2017-04-04 04:45:33 +08:00
|
|
|
u64 stripe_len;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
2017-03-03 16:55:24 +08:00
|
|
|
refcount_t refs;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
struct list_head spages;
|
|
|
|
|
|
|
|
/* Work of parity check and repair */
|
|
|
|
struct btrfs_work work;
|
|
|
|
|
|
|
|
/* Mark the parity blocks which have data */
|
|
|
|
unsigned long *dbitmap;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark the parity blocks which have data, but errors happen when
|
|
|
|
* read data or check data
|
|
|
|
*/
|
|
|
|
unsigned long *ebitmap;
|
|
|
|
|
|
|
|
unsigned long bitmap[0];
|
|
|
|
};
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx {
|
2012-11-06 18:43:11 +08:00
|
|
|
struct scrub_bio *bios[SCRUB_BIOS_PER_SCTX];
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info;
|
2011-03-08 21:14:00 +08:00
|
|
|
int first_free;
|
|
|
|
int curr;
|
2012-11-02 23:44:58 +08:00
|
|
|
atomic_t bios_in_flight;
|
|
|
|
atomic_t workers_pending;
|
2011-03-08 21:14:00 +08:00
|
|
|
spinlock_t list_lock;
|
|
|
|
wait_queue_head_t list_wait;
|
|
|
|
u16 csum_size;
|
|
|
|
struct list_head csum_list;
|
|
|
|
atomic_t cancel_req;
|
2011-03-23 23:34:19 +08:00
|
|
|
int readonly;
|
2012-11-06 18:43:11 +08:00
|
|
|
int pages_per_rd_bio;
|
2012-11-06 01:29:28 +08:00
|
|
|
|
|
|
|
int is_dev_replace;
|
2017-05-17 01:10:32 +08:00
|
|
|
|
|
|
|
struct scrub_bio *wr_curr_bio;
|
|
|
|
struct mutex wr_lock;
|
|
|
|
int pages_per_wr_bio; /* <= SCRUB_PAGES_PER_WR_BIO */
|
|
|
|
struct btrfs_device *wr_tgtdev;
|
2017-03-31 23:12:51 +08:00
|
|
|
bool flush_all_writes;
|
2012-11-06 01:29:28 +08:00
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
/*
|
|
|
|
* statistics
|
|
|
|
*/
|
|
|
|
struct btrfs_scrub_progress stat;
|
|
|
|
spinlock_t stat_lock;
|
2015-02-10 05:14:24 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Use a ref counter to avoid use-after-free issues. Scrub workers
|
|
|
|
* decrement bios_in_flight and workers_pending and then do a wakeup
|
|
|
|
* on the list_wait wait queue. We must ensure the main scrub task
|
|
|
|
* doesn't free the scrub context before or while the workers are
|
|
|
|
* doing the wakeup() call.
|
|
|
|
*/
|
2017-03-03 16:55:25 +08:00
|
|
|
refcount_t refs;
|
2011-03-08 21:14:00 +08:00
|
|
|
};
|
|
|
|
|
2011-06-14 02:04:15 +08:00
|
|
|
struct scrub_fixup_nodatasum {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
2012-11-02 20:26:57 +08:00
|
|
|
struct btrfs_device *dev;
|
2011-06-14 02:04:15 +08:00
|
|
|
u64 logical;
|
|
|
|
struct btrfs_root *root;
|
|
|
|
struct btrfs_work work;
|
|
|
|
int mirror_num;
|
|
|
|
};
|
|
|
|
|
2013-09-13 04:58:28 +08:00
|
|
|
struct scrub_nocow_inode {
|
|
|
|
u64 inum;
|
|
|
|
u64 offset;
|
|
|
|
u64 root;
|
|
|
|
struct list_head list;
|
|
|
|
};
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
struct scrub_copy_nocow_ctx {
|
|
|
|
struct scrub_ctx *sctx;
|
|
|
|
u64 logical;
|
|
|
|
u64 len;
|
|
|
|
int mirror_num;
|
|
|
|
u64 physical_for_dev_replace;
|
2013-09-13 04:58:28 +08:00
|
|
|
struct list_head inodes;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_work work;
|
|
|
|
};
|
|
|
|
|
2011-06-14 01:59:12 +08:00
|
|
|
struct scrub_warning {
|
|
|
|
struct btrfs_path *path;
|
|
|
|
u64 extent_item_size;
|
|
|
|
const char *errstr;
|
2017-10-04 23:07:07 +08:00
|
|
|
u64 physical;
|
2011-06-14 01:59:12 +08:00
|
|
|
u64 logical;
|
|
|
|
struct btrfs_device *dev;
|
|
|
|
};
|
|
|
|
|
2017-04-14 08:35:54 +08:00
|
|
|
struct full_stripe_lock {
|
|
|
|
struct rb_node node;
|
|
|
|
u64 logical;
|
|
|
|
u64 refs;
|
|
|
|
struct mutex mutex;
|
|
|
|
};
|
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
static void scrub_pending_bio_inc(struct scrub_ctx *sctx);
|
|
|
|
static void scrub_pending_bio_dec(struct scrub_ctx *sctx);
|
|
|
|
static void scrub_pending_trans_workers_inc(struct scrub_ctx *sctx);
|
|
|
|
static void scrub_pending_trans_workers_dec(struct scrub_ctx *sctx);
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_handle_errored_block(struct scrub_block *sblock_to_check);
|
2015-01-20 15:11:42 +08:00
|
|
|
static int scrub_setup_recheck_block(struct scrub_block *original_sblock,
|
2012-11-06 18:43:11 +08:00
|
|
|
struct scrub_block *sblocks_for_recheck);
|
2012-11-02 23:16:26 +08:00
|
|
|
static void scrub_recheck_block(struct btrfs_fs_info *fs_info,
|
2015-08-24 21:32:06 +08:00
|
|
|
struct scrub_block *sblock,
|
|
|
|
int retry_failed_mirror);
|
2015-08-24 21:18:02 +08:00
|
|
|
static void scrub_recheck_block_checksum(struct scrub_block *sblock);
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_repair_block_from_good_copy(struct scrub_block *sblock_bad,
|
2015-01-20 15:11:36 +08:00
|
|
|
struct scrub_block *sblock_good);
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_repair_page_from_good_copy(struct scrub_block *sblock_bad,
|
|
|
|
struct scrub_block *sblock_good,
|
|
|
|
int page_num, int force_write);
|
2012-11-06 18:43:11 +08:00
|
|
|
static void scrub_write_block_to_dev_replace(struct scrub_block *sblock);
|
|
|
|
static int scrub_write_page_to_dev_replace(struct scrub_block *sblock,
|
|
|
|
int page_num);
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_checksum_data(struct scrub_block *sblock);
|
|
|
|
static int scrub_checksum_tree_block(struct scrub_block *sblock);
|
|
|
|
static int scrub_checksum_super(struct scrub_block *sblock);
|
|
|
|
static void scrub_block_get(struct scrub_block *sblock);
|
|
|
|
static void scrub_block_put(struct scrub_block *sblock);
|
2012-11-02 21:58:04 +08:00
|
|
|
static void scrub_page_get(struct scrub_page *spage);
|
|
|
|
static void scrub_page_put(struct scrub_page *spage);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
static void scrub_parity_get(struct scrub_parity *sparity);
|
|
|
|
static void scrub_parity_put(struct scrub_parity *sparity);
|
2012-11-06 18:43:11 +08:00
|
|
|
static int scrub_add_page_to_rd_bio(struct scrub_ctx *sctx,
|
|
|
|
struct scrub_page *spage);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static int scrub_pages(struct scrub_ctx *sctx, u64 logical, u64 len,
|
2012-11-02 20:26:57 +08:00
|
|
|
u64 physical, struct btrfs_device *dev, u64 flags,
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 gen, int mirror_num, u8 *csum, int force,
|
|
|
|
u64 physical_for_dev_replace);
|
2015-07-20 21:29:37 +08:00
|
|
|
static void scrub_bio_end_io(struct bio *bio);
|
2012-03-28 02:21:27 +08:00
|
|
|
static void scrub_bio_end_io_worker(struct btrfs_work *work);
|
|
|
|
static void scrub_block_complete(struct scrub_block *sblock);
|
2012-11-06 18:43:11 +08:00
|
|
|
static void scrub_remap_extent(struct btrfs_fs_info *fs_info,
|
|
|
|
u64 extent_logical, u64 extent_len,
|
|
|
|
u64 *extent_physical,
|
|
|
|
struct btrfs_device **extent_dev,
|
|
|
|
int *extent_mirror_num);
|
|
|
|
static int scrub_add_page_to_wr_bio(struct scrub_ctx *sctx,
|
|
|
|
struct scrub_page *spage);
|
|
|
|
static void scrub_wr_submit(struct scrub_ctx *sctx);
|
2015-07-20 21:29:37 +08:00
|
|
|
static void scrub_wr_bio_end_io(struct bio *bio);
|
2012-11-06 18:43:11 +08:00
|
|
|
static void scrub_wr_bio_end_io_worker(struct btrfs_work *work);
|
|
|
|
static int write_page_nocow(struct scrub_ctx *sctx,
|
|
|
|
u64 physical_for_dev_replace, struct page *page);
|
|
|
|
static int copy_nocow_pages_for_inode(u64 inum, u64 offset, u64 root,
|
2013-09-13 04:58:28 +08:00
|
|
|
struct scrub_copy_nocow_ctx *ctx);
|
2012-11-06 18:43:11 +08:00
|
|
|
static int copy_nocow_pages(struct scrub_ctx *sctx, u64 logical, u64 len,
|
|
|
|
int mirror_num, u64 physical_for_dev_replace);
|
|
|
|
static void copy_nocow_pages_worker(struct btrfs_work *work);
|
2013-12-04 21:16:53 +08:00
|
|
|
static void __scrub_blocked_if_needed(struct btrfs_fs_info *fs_info);
|
2013-12-04 21:15:19 +08:00
|
|
|
static void scrub_blocked_if_needed(struct btrfs_fs_info *fs_info);
|
2015-02-10 05:14:24 +08:00
|
|
|
static void scrub_put_ctx(struct scrub_ctx *sctx);
|
2012-03-28 02:21:26 +08:00
|
|
|
|
Btrfs: fix scrub to repair raid6 corruption
The raid6 corruption is that,
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content.
We've fixed normal reads to rebuild raid6 correctly with more retries
in Patch "Btrfs: make raid6 rebuild retry more"[1], this is to fix
scrub to do the exactly same rebuild process.
[1]: https://patchwork.kernel.org/patch/10091755/
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2018-01-03 04:36:42 +08:00
|
|
|
static inline int scrub_is_page_on_raid56(struct scrub_page *page)
|
|
|
|
{
|
|
|
|
return page->recover &&
|
|
|
|
(page->recover->bbio->map_type & BTRFS_BLOCK_GROUP_RAID56_MASK);
|
|
|
|
}
|
2012-03-28 02:21:26 +08:00
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
static void scrub_pending_bio_inc(struct scrub_ctx *sctx)
|
|
|
|
{
|
2017-03-03 16:55:25 +08:00
|
|
|
refcount_inc(&sctx->refs);
|
2012-11-02 23:44:58 +08:00
|
|
|
atomic_inc(&sctx->bios_in_flight);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_pending_bio_dec(struct scrub_ctx *sctx)
|
|
|
|
{
|
|
|
|
atomic_dec(&sctx->bios_in_flight);
|
|
|
|
wake_up(&sctx->list_wait);
|
2015-02-10 05:14:24 +08:00
|
|
|
scrub_put_ctx(sctx);
|
2012-11-02 23:44:58 +08:00
|
|
|
}
|
|
|
|
|
2013-12-04 21:16:53 +08:00
|
|
|
static void __scrub_blocked_if_needed(struct btrfs_fs_info *fs_info)
|
2013-12-04 21:15:19 +08:00
|
|
|
{
|
|
|
|
while (atomic_read(&fs_info->scrub_pause_req)) {
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
wait_event(fs_info->scrub_pause_wait,
|
|
|
|
atomic_read(&fs_info->scrub_pause_req) == 0);
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-08-05 16:43:28 +08:00
|
|
|
static void scrub_pause_on(struct btrfs_fs_info *fs_info)
|
2013-12-04 21:16:53 +08:00
|
|
|
{
|
|
|
|
atomic_inc(&fs_info->scrubs_paused);
|
|
|
|
wake_up(&fs_info->scrub_pause_wait);
|
2015-08-05 16:43:28 +08:00
|
|
|
}
|
2013-12-04 21:16:53 +08:00
|
|
|
|
2015-08-05 16:43:28 +08:00
|
|
|
static void scrub_pause_off(struct btrfs_fs_info *fs_info)
|
|
|
|
{
|
2013-12-04 21:16:53 +08:00
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
__scrub_blocked_if_needed(fs_info);
|
|
|
|
atomic_dec(&fs_info->scrubs_paused);
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
|
|
|
|
wake_up(&fs_info->scrub_pause_wait);
|
|
|
|
}
|
|
|
|
|
2015-08-05 16:43:28 +08:00
|
|
|
static void scrub_blocked_if_needed(struct btrfs_fs_info *fs_info)
|
|
|
|
{
|
|
|
|
scrub_pause_on(fs_info);
|
|
|
|
scrub_pause_off(fs_info);
|
|
|
|
}
|
|
|
|
|
2017-04-14 08:35:54 +08:00
|
|
|
/*
|
|
|
|
* Insert new full stripe lock into full stripe locks tree
|
|
|
|
*
|
|
|
|
* Return pointer to existing or newly inserted full_stripe_lock structure if
|
|
|
|
* everything works well.
|
|
|
|
* Return ERR_PTR(-ENOMEM) if we failed to allocate memory
|
|
|
|
*
|
|
|
|
* NOTE: caller must hold full_stripe_locks_root->lock before calling this
|
|
|
|
* function
|
|
|
|
*/
|
|
|
|
static struct full_stripe_lock *insert_full_stripe_lock(
|
|
|
|
struct btrfs_full_stripe_locks_tree *locks_root,
|
|
|
|
u64 fstripe_logical)
|
|
|
|
{
|
|
|
|
struct rb_node **p;
|
|
|
|
struct rb_node *parent = NULL;
|
|
|
|
struct full_stripe_lock *entry;
|
|
|
|
struct full_stripe_lock *ret;
|
|
|
|
|
|
|
|
WARN_ON(!mutex_is_locked(&locks_root->lock));
|
|
|
|
|
|
|
|
p = &locks_root->root.rb_node;
|
|
|
|
while (*p) {
|
|
|
|
parent = *p;
|
|
|
|
entry = rb_entry(parent, struct full_stripe_lock, node);
|
|
|
|
if (fstripe_logical < entry->logical) {
|
|
|
|
p = &(*p)->rb_left;
|
|
|
|
} else if (fstripe_logical > entry->logical) {
|
|
|
|
p = &(*p)->rb_right;
|
|
|
|
} else {
|
|
|
|
entry->refs++;
|
|
|
|
return entry;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Insert new lock */
|
|
|
|
ret = kmalloc(sizeof(*ret), GFP_KERNEL);
|
|
|
|
if (!ret)
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
ret->logical = fstripe_logical;
|
|
|
|
ret->refs = 1;
|
|
|
|
mutex_init(&ret->mutex);
|
|
|
|
|
|
|
|
rb_link_node(&ret->node, parent, p);
|
|
|
|
rb_insert_color(&ret->node, &locks_root->root);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Search for a full stripe lock of a block group
|
|
|
|
*
|
|
|
|
* Return pointer to existing full stripe lock if found
|
|
|
|
* Return NULL if not found
|
|
|
|
*/
|
|
|
|
static struct full_stripe_lock *search_full_stripe_lock(
|
|
|
|
struct btrfs_full_stripe_locks_tree *locks_root,
|
|
|
|
u64 fstripe_logical)
|
|
|
|
{
|
|
|
|
struct rb_node *node;
|
|
|
|
struct full_stripe_lock *entry;
|
|
|
|
|
|
|
|
WARN_ON(!mutex_is_locked(&locks_root->lock));
|
|
|
|
|
|
|
|
node = locks_root->root.rb_node;
|
|
|
|
while (node) {
|
|
|
|
entry = rb_entry(node, struct full_stripe_lock, node);
|
|
|
|
if (fstripe_logical < entry->logical)
|
|
|
|
node = node->rb_left;
|
|
|
|
else if (fstripe_logical > entry->logical)
|
|
|
|
node = node->rb_right;
|
|
|
|
else
|
|
|
|
return entry;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Helper to get full stripe logical from a normal bytenr.
|
|
|
|
*
|
|
|
|
* Caller must ensure @cache is a RAID56 block group.
|
|
|
|
*/
|
|
|
|
static u64 get_full_stripe_logical(struct btrfs_block_group_cache *cache,
|
|
|
|
u64 bytenr)
|
|
|
|
{
|
|
|
|
u64 ret;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Due to chunk item size limit, full stripe length should not be
|
|
|
|
* larger than U32_MAX. Just a sanity check here.
|
|
|
|
*/
|
|
|
|
WARN_ON_ONCE(cache->full_stripe_len >= U32_MAX);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* round_down() can only handle power of 2, while RAID56 full
|
|
|
|
* stripe length can be 64KiB * n, so we need to manually round down.
|
|
|
|
*/
|
|
|
|
ret = div64_u64(bytenr - cache->key.objectid, cache->full_stripe_len) *
|
|
|
|
cache->full_stripe_len + cache->key.objectid;
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Lock a full stripe to avoid concurrency of recovery and read
|
|
|
|
*
|
|
|
|
* It's only used for profiles with parities (RAID5/6), for other profiles it
|
|
|
|
* does nothing.
|
|
|
|
*
|
|
|
|
* Return 0 if we locked full stripe covering @bytenr, with a mutex held.
|
|
|
|
* So caller must call unlock_full_stripe() at the same context.
|
|
|
|
*
|
|
|
|
* Return <0 if encounters error.
|
|
|
|
*/
|
|
|
|
static int lock_full_stripe(struct btrfs_fs_info *fs_info, u64 bytenr,
|
|
|
|
bool *locked_ret)
|
|
|
|
{
|
|
|
|
struct btrfs_block_group_cache *bg_cache;
|
|
|
|
struct btrfs_full_stripe_locks_tree *locks_root;
|
|
|
|
struct full_stripe_lock *existing;
|
|
|
|
u64 fstripe_start;
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
*locked_ret = false;
|
|
|
|
bg_cache = btrfs_lookup_block_group(fs_info, bytenr);
|
|
|
|
if (!bg_cache) {
|
|
|
|
ASSERT(0);
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Profiles not based on parity don't need full stripe lock */
|
|
|
|
if (!(bg_cache->flags & BTRFS_BLOCK_GROUP_RAID56_MASK))
|
|
|
|
goto out;
|
|
|
|
locks_root = &bg_cache->full_stripe_locks_root;
|
|
|
|
|
|
|
|
fstripe_start = get_full_stripe_logical(bg_cache, bytenr);
|
|
|
|
|
|
|
|
/* Now insert the full stripe lock */
|
|
|
|
mutex_lock(&locks_root->lock);
|
|
|
|
existing = insert_full_stripe_lock(locks_root, fstripe_start);
|
|
|
|
mutex_unlock(&locks_root->lock);
|
|
|
|
if (IS_ERR(existing)) {
|
|
|
|
ret = PTR_ERR(existing);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
mutex_lock(&existing->mutex);
|
|
|
|
*locked_ret = true;
|
|
|
|
out:
|
|
|
|
btrfs_put_block_group(bg_cache);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Unlock a full stripe.
|
|
|
|
*
|
|
|
|
* NOTE: Caller must ensure it's the same context calling corresponding
|
|
|
|
* lock_full_stripe().
|
|
|
|
*
|
|
|
|
* Return 0 if we unlock full stripe without problem.
|
|
|
|
* Return <0 for error
|
|
|
|
*/
|
|
|
|
static int unlock_full_stripe(struct btrfs_fs_info *fs_info, u64 bytenr,
|
|
|
|
bool locked)
|
|
|
|
{
|
|
|
|
struct btrfs_block_group_cache *bg_cache;
|
|
|
|
struct btrfs_full_stripe_locks_tree *locks_root;
|
|
|
|
struct full_stripe_lock *fstripe_lock;
|
|
|
|
u64 fstripe_start;
|
|
|
|
bool freeit = false;
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
/* If we didn't acquire full stripe lock, no need to continue */
|
|
|
|
if (!locked)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
bg_cache = btrfs_lookup_block_group(fs_info, bytenr);
|
|
|
|
if (!bg_cache) {
|
|
|
|
ASSERT(0);
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
if (!(bg_cache->flags & BTRFS_BLOCK_GROUP_RAID56_MASK))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
locks_root = &bg_cache->full_stripe_locks_root;
|
|
|
|
fstripe_start = get_full_stripe_logical(bg_cache, bytenr);
|
|
|
|
|
|
|
|
mutex_lock(&locks_root->lock);
|
|
|
|
fstripe_lock = search_full_stripe_lock(locks_root, fstripe_start);
|
|
|
|
/* Unpaired unlock_full_stripe() detected */
|
|
|
|
if (!fstripe_lock) {
|
|
|
|
WARN_ON(1);
|
|
|
|
ret = -ENOENT;
|
|
|
|
mutex_unlock(&locks_root->lock);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (fstripe_lock->refs == 0) {
|
|
|
|
WARN_ON(1);
|
|
|
|
btrfs_warn(fs_info, "full stripe lock at %llu refcount underflow",
|
|
|
|
fstripe_lock->logical);
|
|
|
|
} else {
|
|
|
|
fstripe_lock->refs--;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (fstripe_lock->refs == 0) {
|
|
|
|
rb_erase(&fstripe_lock->node, &locks_root->root);
|
|
|
|
freeit = true;
|
|
|
|
}
|
|
|
|
mutex_unlock(&locks_root->lock);
|
|
|
|
|
|
|
|
mutex_unlock(&fstripe_lock->mutex);
|
|
|
|
if (freeit)
|
|
|
|
kfree(fstripe_lock);
|
|
|
|
out:
|
|
|
|
btrfs_put_block_group(bg_cache);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
/*
|
|
|
|
* used for workers that require transaction commits (i.e., for the
|
|
|
|
* NOCOW case)
|
|
|
|
*/
|
|
|
|
static void scrub_pending_trans_workers_inc(struct scrub_ctx *sctx)
|
|
|
|
{
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2012-11-02 23:44:58 +08:00
|
|
|
|
2017-03-03 16:55:25 +08:00
|
|
|
refcount_inc(&sctx->refs);
|
2012-11-02 23:44:58 +08:00
|
|
|
/*
|
|
|
|
* increment scrubs_running to prevent cancel requests from
|
|
|
|
* completing as long as a worker is running. we must also
|
|
|
|
* increment scrubs_paused to prevent deadlocking on pause
|
|
|
|
* requests used for transactions commits (as the worker uses a
|
|
|
|
* transaction context). it is safe to regard the worker
|
|
|
|
* as paused for all matters practical. effectively, we only
|
|
|
|
* avoid cancellation requests from completing.
|
|
|
|
*/
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
atomic_inc(&fs_info->scrubs_running);
|
|
|
|
atomic_inc(&fs_info->scrubs_paused);
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
2014-02-19 19:24:19 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* check if @scrubs_running=@scrubs_paused condition
|
|
|
|
* inside wait_event() is not an atomic operation.
|
|
|
|
* which means we may inc/dec @scrub_running/paused
|
|
|
|
* at any time. Let's wake up @scrub_pause_wait as
|
|
|
|
* much as we can to let commit transaction blocked less.
|
|
|
|
*/
|
|
|
|
wake_up(&fs_info->scrub_pause_wait);
|
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
atomic_inc(&sctx->workers_pending);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* used for workers that require transaction commits */
|
|
|
|
static void scrub_pending_trans_workers_dec(struct scrub_ctx *sctx)
|
|
|
|
{
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2012-11-02 23:44:58 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* see scrub_pending_trans_workers_inc() why we're pretending
|
|
|
|
* to be paused in the scrub counters
|
|
|
|
*/
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
atomic_dec(&fs_info->scrubs_running);
|
|
|
|
atomic_dec(&fs_info->scrubs_paused);
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
atomic_dec(&sctx->workers_pending);
|
|
|
|
wake_up(&fs_info->scrub_pause_wait);
|
|
|
|
wake_up(&sctx->list_wait);
|
2015-02-10 05:14:24 +08:00
|
|
|
scrub_put_ctx(sctx);
|
2012-11-02 23:44:58 +08:00
|
|
|
}
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static void scrub_free_csums(struct scrub_ctx *sctx)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
while (!list_empty(&sctx->csum_list)) {
|
2011-03-08 21:14:00 +08:00
|
|
|
struct btrfs_ordered_sum *sum;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sum = list_first_entry(&sctx->csum_list,
|
2011-03-08 21:14:00 +08:00
|
|
|
struct btrfs_ordered_sum, list);
|
|
|
|
list_del(&sum->list);
|
|
|
|
kfree(sum);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static noinline_for_stack void scrub_free_ctx(struct scrub_ctx *sctx)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (!sctx)
|
2011-03-08 21:14:00 +08:00
|
|
|
return;
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/* this can happen when scrub is cancelled */
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (sctx->curr != -1) {
|
|
|
|
struct scrub_bio *sbio = sctx->bios[sctx->curr];
|
2012-03-28 02:21:27 +08:00
|
|
|
|
|
|
|
for (i = 0; i < sbio->page_count; i++) {
|
2012-11-06 18:43:11 +08:00
|
|
|
WARN_ON(!sbio->pagev[i]->page);
|
2012-03-28 02:21:27 +08:00
|
|
|
scrub_block_put(sbio->pagev[i]->sblock);
|
|
|
|
}
|
|
|
|
bio_put(sbio->bio);
|
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
for (i = 0; i < SCRUB_BIOS_PER_SCTX; ++i) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_bio *sbio = sctx->bios[i];
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
if (!sbio)
|
|
|
|
break;
|
|
|
|
kfree(sbio);
|
|
|
|
}
|
|
|
|
|
2017-05-17 01:10:32 +08:00
|
|
|
kfree(sctx->wr_curr_bio);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_free_csums(sctx);
|
|
|
|
kfree(sctx);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2015-02-10 05:14:24 +08:00
|
|
|
static void scrub_put_ctx(struct scrub_ctx *sctx)
|
|
|
|
{
|
2017-03-03 16:55:25 +08:00
|
|
|
if (refcount_dec_and_test(&sctx->refs))
|
2015-02-10 05:14:24 +08:00
|
|
|
scrub_free_ctx(sctx);
|
|
|
|
}
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
static noinline_for_stack
|
2012-11-06 01:29:28 +08:00
|
|
|
struct scrub_ctx *scrub_setup_ctx(struct btrfs_device *dev, int is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
int i;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = dev->fs_info;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2016-02-11 17:49:42 +08:00
|
|
|
sctx = kzalloc(sizeof(*sctx), GFP_KERNEL);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (!sctx)
|
2011-03-08 21:14:00 +08:00
|
|
|
goto nomem;
|
2017-03-03 16:55:25 +08:00
|
|
|
refcount_set(&sctx->refs, 1);
|
2012-11-06 01:29:28 +08:00
|
|
|
sctx->is_dev_replace = is_dev_replace;
|
2015-05-19 20:31:01 +08:00
|
|
|
sctx->pages_per_rd_bio = SCRUB_PAGES_PER_RD_BIO;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sctx->curr = -1;
|
2016-06-23 06:54:56 +08:00
|
|
|
sctx->fs_info = dev->fs_info;
|
2012-11-06 18:43:11 +08:00
|
|
|
for (i = 0; i < SCRUB_BIOS_PER_SCTX; ++i) {
|
2011-03-08 21:14:00 +08:00
|
|
|
struct scrub_bio *sbio;
|
|
|
|
|
2016-02-11 17:49:42 +08:00
|
|
|
sbio = kzalloc(sizeof(*sbio), GFP_KERNEL);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (!sbio)
|
|
|
|
goto nomem;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sctx->bios[i] = sbio;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
sbio->index = i;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sbio->sctx = sctx;
|
2012-03-28 02:21:27 +08:00
|
|
|
sbio->page_count = 0;
|
Btrfs: fix task hang under heavy compressed write
This has been reported and discussed for a long time, and this hang occurs in
both 3.15 and 3.16.
Btrfs now migrates to use kernel workqueue, but it introduces this hang problem.
Btrfs has a kind of work queued as an ordered way, which means that its
ordered_func() must be processed in the way of FIFO, so it usually looks like --
normal_work_helper(arg)
work = container_of(arg, struct btrfs_work, normal_work);
work->func() <---- (we name it work X)
for ordered_work in wq->ordered_list
ordered_work->ordered_func()
ordered_work->ordered_free()
The hang is a rare case, first when we find free space, we get an uncached block
group, then we go to read its free space cache inode for free space information,
so it will
file a readahead request
btrfs_readpages()
for page that is not in page cache
__do_readpage()
submit_extent_page()
btrfs_submit_bio_hook()
btrfs_bio_wq_end_io()
submit_bio()
end_workqueue_bio() <--(ret by the 1st endio)
queue a work(named work Y) for the 2nd
also the real endio()
So the hang occurs when work Y's work_struct and work X's work_struct happens
to share the same address.
A bit more explanation,
A,B,C -- struct btrfs_work
arg -- struct work_struct
kthread:
worker_thread()
pick up a work_struct from @worklist
process_one_work(arg)
worker->current_work = arg; <-- arg is A->normal_work
worker->current_func(arg)
normal_work_helper(arg)
A = container_of(arg, struct btrfs_work, normal_work);
A->func()
A->ordered_func()
A->ordered_free() <-- A gets freed
B->ordered_func()
submit_compressed_extents()
find_free_extent()
load_free_space_inode()
... <-- (the above readhead stack)
end_workqueue_bio()
btrfs_queue_work(work C)
B->ordered_free()
As if work A has a high priority in wq->ordered_list and there are more ordered
works queued after it, such as B->ordered_func(), its memory could have been
freed before normal_work_helper() returns, which means that kernel workqueue
code worker_thread() still has worker->current_work pointer to be work
A->normal_work's, ie. arg's address.
Meanwhile, work C is allocated after work A is freed, work C->normal_work
and work A->normal_work are likely to share the same address(I confirmed this
with ftrace output, so I'm not just guessing, it's rare though).
When another kthread picks up work C->normal_work to process, and finds our
kthread is processing it(see find_worker_executing_work()), it'll think
work C as a collision and skip then, which ends up nobody processing work C.
So the situation is that our kthread is waiting forever on work C.
Besides, there're other cases that can lead to deadlock, but the real problem
is that all btrfs workqueue shares one work->func, -- normal_work_helper,
so this makes each workqueue to have its own helper function, but only a
wraper pf normal_work_helper.
With this patch, I no long hit the above hang.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Chris Mason <clm@fb.com>
2014-08-15 23:36:53 +08:00
|
|
|
btrfs_init_work(&sbio->work, btrfs_scrub_helper,
|
|
|
|
scrub_bio_end_io_worker, NULL, NULL);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
if (i != SCRUB_BIOS_PER_SCTX - 1)
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sctx->bios[i]->next_free = i + 1;
|
2011-06-14 02:04:15 +08:00
|
|
|
else
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sctx->bios[i]->next_free = -1;
|
|
|
|
}
|
|
|
|
sctx->first_free = 0;
|
2012-11-02 23:44:58 +08:00
|
|
|
atomic_set(&sctx->bios_in_flight, 0);
|
|
|
|
atomic_set(&sctx->workers_pending, 0);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
atomic_set(&sctx->cancel_req, 0);
|
|
|
|
sctx->csum_size = btrfs_super_csum_size(fs_info->super_copy);
|
|
|
|
INIT_LIST_HEAD(&sctx->csum_list);
|
|
|
|
|
|
|
|
spin_lock_init(&sctx->list_lock);
|
|
|
|
spin_lock_init(&sctx->stat_lock);
|
|
|
|
init_waitqueue_head(&sctx->list_wait);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
2017-05-17 01:10:32 +08:00
|
|
|
WARN_ON(sctx->wr_curr_bio != NULL);
|
|
|
|
mutex_init(&sctx->wr_lock);
|
|
|
|
sctx->wr_curr_bio = NULL;
|
2017-05-17 01:10:23 +08:00
|
|
|
if (is_dev_replace) {
|
2017-06-26 21:19:00 +08:00
|
|
|
WARN_ON(!fs_info->dev_replace.tgtdev);
|
2017-05-17 01:10:32 +08:00
|
|
|
sctx->pages_per_wr_bio = SCRUB_PAGES_PER_WR_BIO;
|
2017-06-26 21:19:00 +08:00
|
|
|
sctx->wr_tgtdev = fs_info->dev_replace.tgtdev;
|
2017-03-31 23:12:51 +08:00
|
|
|
sctx->flush_all_writes = false;
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
2017-05-17 01:10:23 +08:00
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
return sctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
nomem:
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_free_ctx(sctx);
|
2011-03-08 21:14:00 +08:00
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
static int scrub_print_warning_inode(u64 inum, u64 offset, u64 root,
|
|
|
|
void *warn_ctx)
|
2011-06-14 01:59:12 +08:00
|
|
|
{
|
|
|
|
u64 isize;
|
|
|
|
u32 nlink;
|
|
|
|
int ret;
|
|
|
|
int i;
|
2017-06-01 01:21:38 +08:00
|
|
|
unsigned nofs_flag;
|
2011-06-14 01:59:12 +08:00
|
|
|
struct extent_buffer *eb;
|
|
|
|
struct btrfs_inode_item *inode_item;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct scrub_warning *swarn = warn_ctx;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = swarn->dev->fs_info;
|
2011-06-14 01:59:12 +08:00
|
|
|
struct inode_fs_paths *ipath = NULL;
|
|
|
|
struct btrfs_root *local_root;
|
|
|
|
struct btrfs_key root_key;
|
2015-01-03 02:36:14 +08:00
|
|
|
struct btrfs_key key;
|
2011-06-14 01:59:12 +08:00
|
|
|
|
|
|
|
root_key.objectid = root;
|
|
|
|
root_key.type = BTRFS_ROOT_ITEM_KEY;
|
|
|
|
root_key.offset = (u64)-1;
|
|
|
|
local_root = btrfs_read_fs_root_no_name(fs_info, &root_key);
|
|
|
|
if (IS_ERR(local_root)) {
|
|
|
|
ret = PTR_ERR(local_root);
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
2015-01-03 01:55:46 +08:00
|
|
|
/*
|
|
|
|
* this makes the path point to (inum INODE_ITEM ioff)
|
|
|
|
*/
|
2015-01-03 02:36:14 +08:00
|
|
|
key.objectid = inum;
|
|
|
|
key.type = BTRFS_INODE_ITEM_KEY;
|
|
|
|
key.offset = 0;
|
|
|
|
|
|
|
|
ret = btrfs_search_slot(NULL, local_root, &key, swarn->path, 0, 0);
|
2011-06-14 01:59:12 +08:00
|
|
|
if (ret) {
|
|
|
|
btrfs_release_path(swarn->path);
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
eb = swarn->path->nodes[0];
|
|
|
|
inode_item = btrfs_item_ptr(eb, swarn->path->slots[0],
|
|
|
|
struct btrfs_inode_item);
|
|
|
|
isize = btrfs_inode_size(eb, inode_item);
|
|
|
|
nlink = btrfs_inode_nlink(eb, inode_item);
|
|
|
|
btrfs_release_path(swarn->path);
|
|
|
|
|
2017-06-01 01:21:38 +08:00
|
|
|
/*
|
|
|
|
* init_path might indirectly call vmalloc, or use GFP_KERNEL. Scrub
|
|
|
|
* uses GFP_NOFS in this context, so we keep it consistent but it does
|
|
|
|
* not seem to be strictly necessary.
|
|
|
|
*/
|
|
|
|
nofs_flag = memalloc_nofs_save();
|
2011-06-14 01:59:12 +08:00
|
|
|
ipath = init_ipath(4096, local_root, swarn->path);
|
2017-06-01 01:21:38 +08:00
|
|
|
memalloc_nofs_restore(nofs_flag);
|
2011-11-16 16:28:01 +08:00
|
|
|
if (IS_ERR(ipath)) {
|
|
|
|
ret = PTR_ERR(ipath);
|
|
|
|
ipath = NULL;
|
|
|
|
goto err;
|
|
|
|
}
|
2011-06-14 01:59:12 +08:00
|
|
|
ret = paths_from_inode(inum, ipath);
|
|
|
|
|
|
|
|
if (ret < 0)
|
|
|
|
goto err;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* we deliberately ignore the bit ipath might have been too small to
|
|
|
|
* hold all of the paths here
|
|
|
|
*/
|
|
|
|
for (i = 0; i < ipath->fspath->elem_cnt; ++i)
|
2016-09-20 22:05:00 +08:00
|
|
|
btrfs_warn_in_rcu(fs_info,
|
2017-10-04 23:07:07 +08:00
|
|
|
"%s at logical %llu on dev %s, physical %llu, root %llu, inode %llu, offset %llu, length %llu, links %u (path: %s)",
|
2016-09-20 22:05:00 +08:00
|
|
|
swarn->errstr, swarn->logical,
|
|
|
|
rcu_str_deref(swarn->dev->name),
|
2017-10-04 23:07:07 +08:00
|
|
|
swarn->physical,
|
2016-09-20 22:05:00 +08:00
|
|
|
root, inum, offset,
|
|
|
|
min(isize - offset, (u64)PAGE_SIZE), nlink,
|
|
|
|
(char *)(unsigned long)ipath->fspath->val[i]);
|
2011-06-14 01:59:12 +08:00
|
|
|
|
|
|
|
free_ipath(ipath);
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
err:
|
2016-09-20 22:05:00 +08:00
|
|
|
btrfs_warn_in_rcu(fs_info,
|
2017-10-04 23:07:07 +08:00
|
|
|
"%s at logical %llu on dev %s, physical %llu, root %llu, inode %llu, offset %llu: path resolving failed with ret=%d",
|
2016-09-20 22:05:00 +08:00
|
|
|
swarn->errstr, swarn->logical,
|
|
|
|
rcu_str_deref(swarn->dev->name),
|
2017-10-04 23:07:07 +08:00
|
|
|
swarn->physical,
|
2016-09-20 22:05:00 +08:00
|
|
|
root, inum, offset, ret);
|
2011-06-14 01:59:12 +08:00
|
|
|
|
|
|
|
free_ipath(ipath);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static void scrub_print_warning(const char *errstr, struct scrub_block *sblock)
|
2011-06-14 01:59:12 +08:00
|
|
|
{
|
2012-11-02 20:26:57 +08:00
|
|
|
struct btrfs_device *dev;
|
|
|
|
struct btrfs_fs_info *fs_info;
|
2011-06-14 01:59:12 +08:00
|
|
|
struct btrfs_path *path;
|
|
|
|
struct btrfs_key found_key;
|
|
|
|
struct extent_buffer *eb;
|
|
|
|
struct btrfs_extent_item *ei;
|
|
|
|
struct scrub_warning swarn;
|
2012-09-08 10:01:28 +08:00
|
|
|
unsigned long ptr = 0;
|
|
|
|
u64 extent_item_pos;
|
|
|
|
u64 flags = 0;
|
2011-06-14 01:59:12 +08:00
|
|
|
u64 ref_root;
|
2012-09-08 10:01:28 +08:00
|
|
|
u32 item_size;
|
2016-03-11 16:08:56 +08:00
|
|
|
u8 ref_level = 0;
|
2012-09-08 10:01:28 +08:00
|
|
|
int ret;
|
2011-06-14 01:59:12 +08:00
|
|
|
|
2012-11-02 20:26:57 +08:00
|
|
|
WARN_ON(sblock->page_count < 1);
|
2012-11-02 21:58:04 +08:00
|
|
|
dev = sblock->pagev[0]->dev;
|
2016-06-23 06:54:56 +08:00
|
|
|
fs_info = sblock->sctx->fs_info;
|
2012-11-02 20:26:57 +08:00
|
|
|
|
2011-06-14 01:59:12 +08:00
|
|
|
path = btrfs_alloc_path();
|
2014-07-30 07:25:30 +08:00
|
|
|
if (!path)
|
|
|
|
return;
|
2011-06-14 01:59:12 +08:00
|
|
|
|
2017-10-04 23:07:07 +08:00
|
|
|
swarn.physical = sblock->pagev[0]->physical;
|
2012-11-02 21:58:04 +08:00
|
|
|
swarn.logical = sblock->pagev[0]->logical;
|
2011-06-14 01:59:12 +08:00
|
|
|
swarn.errstr = errstr;
|
2012-11-02 20:26:57 +08:00
|
|
|
swarn.dev = NULL;
|
2011-06-14 01:59:12 +08:00
|
|
|
|
2012-09-08 10:01:28 +08:00
|
|
|
ret = extent_from_logical(fs_info, swarn.logical, path, &found_key,
|
|
|
|
&flags);
|
2011-06-14 01:59:12 +08:00
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
|
2011-12-02 21:56:41 +08:00
|
|
|
extent_item_pos = swarn.logical - found_key.objectid;
|
2011-06-14 01:59:12 +08:00
|
|
|
swarn.extent_item_size = found_key.offset;
|
|
|
|
|
|
|
|
eb = path->nodes[0];
|
|
|
|
ei = btrfs_item_ptr(eb, path->slots[0], struct btrfs_extent_item);
|
|
|
|
item_size = btrfs_item_size_nr(eb, path->slots[0]);
|
|
|
|
|
2012-09-08 10:01:28 +08:00
|
|
|
if (flags & BTRFS_EXTENT_FLAG_TREE_BLOCK) {
|
2011-06-14 01:59:12 +08:00
|
|
|
do {
|
2014-06-09 10:54:07 +08:00
|
|
|
ret = tree_backref_for_extent(&ptr, eb, &found_key, ei,
|
|
|
|
item_size, &ref_root,
|
|
|
|
&ref_level);
|
2015-10-08 15:01:03 +08:00
|
|
|
btrfs_warn_in_rcu(fs_info,
|
2017-10-04 23:07:07 +08:00
|
|
|
"%s at logical %llu on dev %s, physical %llu: metadata %s (level %d) in tree %llu",
|
2016-09-20 22:05:00 +08:00
|
|
|
errstr, swarn.logical,
|
2012-06-05 02:03:51 +08:00
|
|
|
rcu_str_deref(dev->name),
|
2017-10-04 23:07:07 +08:00
|
|
|
swarn.physical,
|
2011-06-14 01:59:12 +08:00
|
|
|
ref_level ? "node" : "leaf",
|
|
|
|
ret < 0 ? -1 : ref_level,
|
|
|
|
ret < 0 ? -1 : ref_root);
|
|
|
|
} while (ret != 1);
|
2013-03-29 22:09:34 +08:00
|
|
|
btrfs_release_path(path);
|
2011-06-14 01:59:12 +08:00
|
|
|
} else {
|
2013-03-29 22:09:34 +08:00
|
|
|
btrfs_release_path(path);
|
2011-06-14 01:59:12 +08:00
|
|
|
swarn.path = path;
|
2012-11-02 20:26:57 +08:00
|
|
|
swarn.dev = dev;
|
2012-03-24 00:32:28 +08:00
|
|
|
iterate_extent_inodes(fs_info, found_key.objectid,
|
|
|
|
extent_item_pos, 1,
|
btrfs: add a flag to iterate_inodes_from_logical to find all extent refs for uncompressed extents
The LOGICAL_INO ioctl provides a backward mapping from extent bytenr and
offset (encoded as a single logical address) to a list of extent refs.
LOGICAL_INO complements TREE_SEARCH, which provides the forward mapping
(extent ref -> extent bytenr and offset, or logical address). These are
useful capabilities for programs that manipulate extents and extent
references from userspace (e.g. dedup and defrag utilities).
When the extents are uncompressed (and not encrypted and not other),
check_extent_in_eb performs filtering of the extent refs to remove any
extent refs which do not contain the same extent offset as the 'logical'
parameter's extent offset. This prevents LOGICAL_INO from returning
references to more than a single block.
To find the set of extent references to an uncompressed extent from [a, b),
userspace has to run a loop like this pseudocode:
for (i = a; i < b; ++i)
extent_ref_set += LOGICAL_INO(i);
At each iteration of the loop (up to 32768 iterations for a 128M extent),
data we are interested in is collected in the kernel, then deleted by
the filter in check_extent_in_eb.
When the extents are compressed (or encrypted or other), the 'logical'
parameter must be an extent bytenr (the 'a' parameter in the loop).
No filtering by extent offset is done (or possible?) so the result is
the complete set of extent refs for the entire extent. This removes
the need for the loop, since we get all the extent refs in one call.
Add an 'ignore_offset' argument to iterate_inodes_from_logical,
[...several levels of function call graph...], and check_extent_in_eb, so
that we can disable the extent offset filtering for uncompressed extents.
This flag can be set by an improved version of the LOGICAL_INO ioctl to
get either behavior as desired.
There is no functional change in this patch. The new flag is always
false.
Signed-off-by: Zygo Blaxell <ce3g8jdj@umail.furryterror.org>
Reviewed-by: David Sterba <dsterba@suse.com>
[ minor coding style fixes ]
Signed-off-by: David Sterba <dsterba@suse.com>
2017-09-23 01:58:45 +08:00
|
|
|
scrub_print_warning_inode, &swarn, false);
|
2011-06-14 01:59:12 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
btrfs_free_path(path);
|
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
static int scrub_fixup_readpage(u64 inum, u64 offset, u64 root, void *fixup_ctx)
|
2011-06-14 02:04:15 +08:00
|
|
|
{
|
2011-08-05 00:11:04 +08:00
|
|
|
struct page *page = NULL;
|
2011-06-14 02:04:15 +08:00
|
|
|
unsigned long index;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct scrub_fixup_nodatasum *fixup = fixup_ctx;
|
2011-06-14 02:04:15 +08:00
|
|
|
int ret;
|
2011-08-05 00:11:04 +08:00
|
|
|
int corrected = 0;
|
2011-06-14 02:04:15 +08:00
|
|
|
struct btrfs_key key;
|
2011-08-05 00:11:04 +08:00
|
|
|
struct inode *inode = NULL;
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
struct btrfs_fs_info *fs_info;
|
2011-06-14 02:04:15 +08:00
|
|
|
u64 end = offset + PAGE_SIZE - 1;
|
|
|
|
struct btrfs_root *local_root;
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
int srcu_index;
|
2011-06-14 02:04:15 +08:00
|
|
|
|
|
|
|
key.objectid = root;
|
|
|
|
key.type = BTRFS_ROOT_ITEM_KEY;
|
|
|
|
key.offset = (u64)-1;
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
|
|
|
|
fs_info = fixup->root->fs_info;
|
|
|
|
srcu_index = srcu_read_lock(&fs_info->subvol_srcu);
|
|
|
|
|
|
|
|
local_root = btrfs_read_fs_root_no_name(fs_info, &key);
|
|
|
|
if (IS_ERR(local_root)) {
|
|
|
|
srcu_read_unlock(&fs_info->subvol_srcu, srcu_index);
|
2011-06-14 02:04:15 +08:00
|
|
|
return PTR_ERR(local_root);
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
}
|
2011-06-14 02:04:15 +08:00
|
|
|
|
|
|
|
key.type = BTRFS_INODE_ITEM_KEY;
|
|
|
|
key.objectid = inum;
|
|
|
|
key.offset = 0;
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
inode = btrfs_iget(fs_info->sb, &key, local_root, NULL);
|
|
|
|
srcu_read_unlock(&fs_info->subvol_srcu, srcu_index);
|
2011-06-14 02:04:15 +08:00
|
|
|
if (IS_ERR(inode))
|
|
|
|
return PTR_ERR(inode);
|
|
|
|
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
index = offset >> PAGE_SHIFT;
|
2011-06-14 02:04:15 +08:00
|
|
|
|
|
|
|
page = find_or_create_page(inode->i_mapping, index, GFP_NOFS);
|
2011-08-05 00:11:04 +08:00
|
|
|
if (!page) {
|
|
|
|
ret = -ENOMEM;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (PageUptodate(page)) {
|
|
|
|
if (PageDirty(page)) {
|
|
|
|
/*
|
|
|
|
* we need to write the data to the defect sector. the
|
|
|
|
* data that was in that sector is not in memory,
|
|
|
|
* because the page was modified. we must not write the
|
|
|
|
* modified page to that sector.
|
|
|
|
*
|
|
|
|
* TODO: what could be done here: wait for the delalloc
|
|
|
|
* runner to write out that page (might involve
|
|
|
|
* COW) and see whether the sector is still
|
|
|
|
* referenced afterwards.
|
|
|
|
*
|
|
|
|
* For the meantime, we'll treat this error
|
|
|
|
* incorrectable, although there is a chance that a
|
|
|
|
* later scrub will find the bad sector again and that
|
|
|
|
* there's no dirty page in memory, then.
|
|
|
|
*/
|
|
|
|
ret = -EIO;
|
|
|
|
goto out;
|
|
|
|
}
|
2017-05-05 23:57:14 +08:00
|
|
|
ret = repair_io_failure(fs_info, inum, offset, PAGE_SIZE,
|
2011-08-05 00:11:04 +08:00
|
|
|
fixup->logical, page,
|
2014-09-12 18:44:00 +08:00
|
|
|
offset - page_offset(page),
|
2011-08-05 00:11:04 +08:00
|
|
|
fixup->mirror_num);
|
|
|
|
unlock_page(page);
|
|
|
|
corrected = !ret;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* we need to get good data first. the general readpage path
|
|
|
|
* will call repair_io_failure for us, we just have to make
|
|
|
|
* sure we read the bad mirror.
|
|
|
|
*/
|
|
|
|
ret = set_extent_bits(&BTRFS_I(inode)->io_tree, offset, end,
|
2016-04-27 05:54:39 +08:00
|
|
|
EXTENT_DAMAGED);
|
2011-08-05 00:11:04 +08:00
|
|
|
if (ret) {
|
|
|
|
/* set_extent_bits should give proper error */
|
|
|
|
WARN_ON(ret > 0);
|
|
|
|
if (ret > 0)
|
|
|
|
ret = -EFAULT;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = extent_read_full_page(&BTRFS_I(inode)->io_tree, page,
|
|
|
|
btrfs_get_extent,
|
|
|
|
fixup->mirror_num);
|
|
|
|
wait_on_page_locked(page);
|
|
|
|
|
|
|
|
corrected = !test_range_bit(&BTRFS_I(inode)->io_tree, offset,
|
|
|
|
end, EXTENT_DAMAGED, 0, NULL);
|
|
|
|
if (!corrected)
|
|
|
|
clear_extent_bits(&BTRFS_I(inode)->io_tree, offset, end,
|
2016-04-27 05:54:39 +08:00
|
|
|
EXTENT_DAMAGED);
|
2011-08-05 00:11:04 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
if (page)
|
|
|
|
put_page(page);
|
2014-04-25 20:58:05 +08:00
|
|
|
|
|
|
|
iput(inode);
|
2011-06-14 02:04:15 +08:00
|
|
|
|
|
|
|
if (ret < 0)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
if (ret == 0 && corrected) {
|
|
|
|
/*
|
|
|
|
* we only need to call readpage for one of the inodes belonging
|
|
|
|
* to this extent. so make iterate_extent_inodes stop
|
|
|
|
*/
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_fixup_nodatasum(struct btrfs_work *work)
|
|
|
|
{
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info;
|
2011-06-14 02:04:15 +08:00
|
|
|
int ret;
|
|
|
|
struct scrub_fixup_nodatasum *fixup;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
2011-06-14 02:04:15 +08:00
|
|
|
struct btrfs_trans_handle *trans = NULL;
|
|
|
|
struct btrfs_path *path;
|
|
|
|
int uncorrectable = 0;
|
|
|
|
|
|
|
|
fixup = container_of(work, struct scrub_fixup_nodatasum, work);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sctx = fixup->sctx;
|
2016-06-23 06:54:23 +08:00
|
|
|
fs_info = fixup->root->fs_info;
|
2011-06-14 02:04:15 +08:00
|
|
|
|
|
|
|
path = btrfs_alloc_path();
|
|
|
|
if (!path) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
++sctx->stat.malloc_errors;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2011-06-14 02:04:15 +08:00
|
|
|
uncorrectable = 1;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
trans = btrfs_join_transaction(fixup->root);
|
|
|
|
if (IS_ERR(trans)) {
|
|
|
|
uncorrectable = 1;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* the idea is to trigger a regular read through the standard path. we
|
|
|
|
* read a page from the (failed) logical address by specifying the
|
|
|
|
* corresponding copynum of the failed sector. thus, that readpage is
|
|
|
|
* expected to fail.
|
|
|
|
* that is the point where on-the-fly error correction will kick in
|
|
|
|
* (once it's finished) and rewrite the failed sector if a good copy
|
|
|
|
* can be found.
|
|
|
|
*/
|
2016-06-23 06:54:23 +08:00
|
|
|
ret = iterate_inodes_from_logical(fixup->logical, fs_info, path,
|
btrfs: add a flag to iterate_inodes_from_logical to find all extent refs for uncompressed extents
The LOGICAL_INO ioctl provides a backward mapping from extent bytenr and
offset (encoded as a single logical address) to a list of extent refs.
LOGICAL_INO complements TREE_SEARCH, which provides the forward mapping
(extent ref -> extent bytenr and offset, or logical address). These are
useful capabilities for programs that manipulate extents and extent
references from userspace (e.g. dedup and defrag utilities).
When the extents are uncompressed (and not encrypted and not other),
check_extent_in_eb performs filtering of the extent refs to remove any
extent refs which do not contain the same extent offset as the 'logical'
parameter's extent offset. This prevents LOGICAL_INO from returning
references to more than a single block.
To find the set of extent references to an uncompressed extent from [a, b),
userspace has to run a loop like this pseudocode:
for (i = a; i < b; ++i)
extent_ref_set += LOGICAL_INO(i);
At each iteration of the loop (up to 32768 iterations for a 128M extent),
data we are interested in is collected in the kernel, then deleted by
the filter in check_extent_in_eb.
When the extents are compressed (or encrypted or other), the 'logical'
parameter must be an extent bytenr (the 'a' parameter in the loop).
No filtering by extent offset is done (or possible?) so the result is
the complete set of extent refs for the entire extent. This removes
the need for the loop, since we get all the extent refs in one call.
Add an 'ignore_offset' argument to iterate_inodes_from_logical,
[...several levels of function call graph...], and check_extent_in_eb, so
that we can disable the extent offset filtering for uncompressed extents.
This flag can be set by an improved version of the LOGICAL_INO ioctl to
get either behavior as desired.
There is no functional change in this patch. The new flag is always
false.
Signed-off-by: Zygo Blaxell <ce3g8jdj@umail.furryterror.org>
Reviewed-by: David Sterba <dsterba@suse.com>
[ minor coding style fixes ]
Signed-off-by: David Sterba <dsterba@suse.com>
2017-09-23 01:58:45 +08:00
|
|
|
scrub_fixup_readpage, fixup, false);
|
2011-06-14 02:04:15 +08:00
|
|
|
if (ret < 0) {
|
|
|
|
uncorrectable = 1;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
WARN_ON(ret != 1);
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
++sctx->stat.corrected_errors;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2011-06-14 02:04:15 +08:00
|
|
|
|
|
|
|
out:
|
|
|
|
if (trans && !IS_ERR(trans))
|
2016-09-10 09:39:03 +08:00
|
|
|
btrfs_end_transaction(trans);
|
2011-06-14 02:04:15 +08:00
|
|
|
if (uncorrectable) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
++sctx->stat.uncorrectable_errors;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
btrfs_dev_replace_stats_inc(
|
2016-06-23 06:54:23 +08:00
|
|
|
&fs_info->dev_replace.num_uncorrectable_read_errors);
|
|
|
|
btrfs_err_rl_in_rcu(fs_info,
|
2015-10-08 16:43:10 +08:00
|
|
|
"unable to fixup (nodatasum) error at logical %llu on dev %s",
|
2013-08-20 19:20:07 +08:00
|
|
|
fixup->logical, rcu_str_deref(fixup->dev->name));
|
2011-06-14 02:04:15 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
btrfs_free_path(path);
|
|
|
|
kfree(fixup);
|
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
scrub_pending_trans_workers_dec(sctx);
|
2011-06-14 02:04:15 +08:00
|
|
|
}
|
|
|
|
|
2014-10-23 14:42:50 +08:00
|
|
|
static inline void scrub_get_recover(struct scrub_recover *recover)
|
|
|
|
{
|
2017-03-03 16:55:21 +08:00
|
|
|
refcount_inc(&recover->refs);
|
2014-10-23 14:42:50 +08:00
|
|
|
}
|
|
|
|
|
2017-03-29 09:33:22 +08:00
|
|
|
static inline void scrub_put_recover(struct btrfs_fs_info *fs_info,
|
|
|
|
struct scrub_recover *recover)
|
2014-10-23 14:42:50 +08:00
|
|
|
{
|
2017-03-03 16:55:21 +08:00
|
|
|
if (refcount_dec_and_test(&recover->refs)) {
|
2017-03-29 09:33:22 +08:00
|
|
|
btrfs_bio_counter_dec(fs_info);
|
2015-01-20 15:11:34 +08:00
|
|
|
btrfs_put_bbio(recover->bbio);
|
2014-10-23 14:42:50 +08:00
|
|
|
kfree(recover);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
/*
|
2012-03-28 02:21:27 +08:00
|
|
|
* scrub_handle_errored_block gets called when either verification of the
|
|
|
|
* pages failed or the bio failed to read, e.g. with EIO. In the latter
|
|
|
|
* case, this function handles all pages in the bio, even though only one
|
|
|
|
* may be bad.
|
|
|
|
* The goal of this function is to repair the errored block by using the
|
|
|
|
* contents of one of the mirrors.
|
2011-03-08 21:14:00 +08:00
|
|
|
*/
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_handle_errored_block(struct scrub_block *sblock_to_check)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx = sblock_to_check->sctx;
|
2012-11-02 20:26:57 +08:00
|
|
|
struct btrfs_device *dev;
|
2012-03-28 02:21:27 +08:00
|
|
|
struct btrfs_fs_info *fs_info;
|
|
|
|
u64 length;
|
|
|
|
u64 logical;
|
|
|
|
unsigned int failed_mirror_index;
|
|
|
|
unsigned int is_metadata;
|
|
|
|
unsigned int have_csum;
|
|
|
|
struct scrub_block *sblocks_for_recheck; /* holds one for each mirror */
|
|
|
|
struct scrub_block *sblock_bad;
|
|
|
|
int ret;
|
|
|
|
int mirror_index;
|
|
|
|
int page_num;
|
|
|
|
int success;
|
btrfs: scrub: Fix RAID56 recovery race condition
When scrubbing a RAID5 which has recoverable data corruption (only one
data stripe is corrupted), sometimes scrub will report more csum errors
than expected. Sometimes even unrecoverable error will be reported.
The problem can be easily reproduced by the following steps:
1) Create a btrfs with RAID5 data profile with 3 devs
2) Mount it with nospace_cache or space_cache=v2
To avoid extra data space usage.
3) Create a 128K file and sync the fs, unmount it
Now the 128K file lies at the beginning of the data chunk
4) Locate the physical bytenr of data chunk on dev3
Dev3 is the 1st data stripe.
5) Corrupt the first 64K of the data chunk stripe on dev3
6) Mount the fs and scrub it
The correct csum error number should be 16 (assuming using x86_64).
Larger csum error number can be reported in a 1/3 chance.
And unrecoverable error can also be reported in a 1/10 chance.
The root cause of the problem is RAID5/6 recover code has race
condition, due to the fact that full scrub is initiated per device.
While for other mirror based profiles, each mirror is independent with
each other, so race won't cause any big problem.
For example:
Corrupted | Correct | Correct |
| Scrub dev3 (D1) | Scrub dev2 (D2) | Scrub dev1(P) |
------------------------------------------------------------------------
Read out D1 |Read out D2 |Read full stripe |
Check csum |Check csum |Check parity |
Csum mismatch |Csum match, continue |Parity mismatch |
handle_errored_block | |handle_errored_block |
Read out full stripe | | Read out full stripe|
D1 csum error(err++) | | D1 csum error(err++)|
Recover D1 | | Recover D1 |
So D1's csum error is accounted twice, just because
handle_errored_block() doesn't have enough protection, and race can happen.
On even worse case, for example D1's recovery code is re-writing
D1/D2/P, and P's recovery code is just reading out full stripe, then we
can cause unrecoverable error.
This patch will use previously introduced lock_full_stripe() and
unlock_full_stripe() to protect the whole scrub_handle_errored_block()
function for RAID56 recovery.
So no extra csum error nor unrecoverable error.
Reported-by: Goffredo Baroncelli <kreijack@libero.it>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-04-14 08:35:55 +08:00
|
|
|
bool full_stripe_locked;
|
2011-06-14 01:59:12 +08:00
|
|
|
static DEFINE_RATELIMIT_STATE(_rs, DEFAULT_RATELIMIT_INTERVAL,
|
2012-03-28 02:21:27 +08:00
|
|
|
DEFAULT_RATELIMIT_BURST);
|
|
|
|
|
|
|
|
BUG_ON(sblock_to_check->page_count < 1);
|
2016-06-23 06:54:56 +08:00
|
|
|
fs_info = sctx->fs_info;
|
2012-11-15 02:57:29 +08:00
|
|
|
if (sblock_to_check->pagev[0]->flags & BTRFS_EXTENT_FLAG_SUPER) {
|
|
|
|
/*
|
|
|
|
* if we find an error in a super block, we just report it.
|
|
|
|
* They will get written with the next transaction commit
|
|
|
|
* anyway
|
|
|
|
*/
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
++sctx->stat.super_errors;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
return 0;
|
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
length = sblock_to_check->page_count * PAGE_SIZE;
|
2012-11-02 21:58:04 +08:00
|
|
|
logical = sblock_to_check->pagev[0]->logical;
|
|
|
|
BUG_ON(sblock_to_check->pagev[0]->mirror_num < 1);
|
|
|
|
failed_mirror_index = sblock_to_check->pagev[0]->mirror_num - 1;
|
|
|
|
is_metadata = !(sblock_to_check->pagev[0]->flags &
|
2012-03-28 02:21:27 +08:00
|
|
|
BTRFS_EXTENT_FLAG_DATA);
|
2012-11-02 21:58:04 +08:00
|
|
|
have_csum = sblock_to_check->pagev[0]->have_csum;
|
|
|
|
dev = sblock_to_check->pagev[0]->dev;
|
2011-06-14 01:56:13 +08:00
|
|
|
|
btrfs: scrub: Fix RAID56 recovery race condition
When scrubbing a RAID5 which has recoverable data corruption (only one
data stripe is corrupted), sometimes scrub will report more csum errors
than expected. Sometimes even unrecoverable error will be reported.
The problem can be easily reproduced by the following steps:
1) Create a btrfs with RAID5 data profile with 3 devs
2) Mount it with nospace_cache or space_cache=v2
To avoid extra data space usage.
3) Create a 128K file and sync the fs, unmount it
Now the 128K file lies at the beginning of the data chunk
4) Locate the physical bytenr of data chunk on dev3
Dev3 is the 1st data stripe.
5) Corrupt the first 64K of the data chunk stripe on dev3
6) Mount the fs and scrub it
The correct csum error number should be 16 (assuming using x86_64).
Larger csum error number can be reported in a 1/3 chance.
And unrecoverable error can also be reported in a 1/10 chance.
The root cause of the problem is RAID5/6 recover code has race
condition, due to the fact that full scrub is initiated per device.
While for other mirror based profiles, each mirror is independent with
each other, so race won't cause any big problem.
For example:
Corrupted | Correct | Correct |
| Scrub dev3 (D1) | Scrub dev2 (D2) | Scrub dev1(P) |
------------------------------------------------------------------------
Read out D1 |Read out D2 |Read full stripe |
Check csum |Check csum |Check parity |
Csum mismatch |Csum match, continue |Parity mismatch |
handle_errored_block | |handle_errored_block |
Read out full stripe | | Read out full stripe|
D1 csum error(err++) | | D1 csum error(err++)|
Recover D1 | | Recover D1 |
So D1's csum error is accounted twice, just because
handle_errored_block() doesn't have enough protection, and race can happen.
On even worse case, for example D1's recovery code is re-writing
D1/D2/P, and P's recovery code is just reading out full stripe, then we
can cause unrecoverable error.
This patch will use previously introduced lock_full_stripe() and
unlock_full_stripe() to protect the whole scrub_handle_errored_block()
function for RAID56 recovery.
So no extra csum error nor unrecoverable error.
Reported-by: Goffredo Baroncelli <kreijack@libero.it>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-04-14 08:35:55 +08:00
|
|
|
/*
|
|
|
|
* For RAID5/6, race can happen for a different device scrub thread.
|
|
|
|
* For data corruption, Parity and Data threads will both try
|
|
|
|
* to recovery the data.
|
|
|
|
* Race can lead to doubly added csum error, or even unrecoverable
|
|
|
|
* error.
|
|
|
|
*/
|
|
|
|
ret = lock_full_stripe(fs_info, logical, &full_stripe_locked);
|
|
|
|
if (ret < 0) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
if (ret == -ENOMEM)
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
sctx->stat.read_errors++;
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
if (sctx->is_dev_replace && !is_metadata && !have_csum) {
|
|
|
|
sblocks_for_recheck = NULL;
|
|
|
|
goto nodatasum_case;
|
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* read all mirrors one after the other. This includes to
|
|
|
|
* re-read the extent or metadata block that failed (that was
|
|
|
|
* the cause that this fixup code is called) another time,
|
|
|
|
* page by page this time in order to know which pages
|
|
|
|
* caused I/O errors and which ones are good (for all mirrors).
|
|
|
|
* It is the goal to handle the situation when more than one
|
|
|
|
* mirror contains I/O errors, but the errors do not
|
|
|
|
* overlap, i.e. the data can be repaired by selecting the
|
|
|
|
* pages from those mirrors without I/O error on the
|
|
|
|
* particular pages. One example (with blocks >= 2 * PAGE_SIZE)
|
|
|
|
* would be that mirror #1 has an I/O error on the first page,
|
|
|
|
* the second page is good, and mirror #2 has an I/O error on
|
|
|
|
* the second page, but the first page is good.
|
|
|
|
* Then the first page of the first mirror can be repaired by
|
|
|
|
* taking the first page of the second mirror, and the
|
|
|
|
* second page of the second mirror can be repaired by
|
|
|
|
* copying the contents of the 2nd page of the 1st mirror.
|
|
|
|
* One more note: if the pages of one mirror contain I/O
|
|
|
|
* errors, the checksum cannot be verified. In order to get
|
|
|
|
* the best data for repairing, the first attempt is to find
|
|
|
|
* a mirror without I/O errors and with a validated checksum.
|
|
|
|
* Only if this is not possible, the pages are picked from
|
|
|
|
* mirrors with I/O errors without considering the checksum.
|
|
|
|
* If the latter is the case, at the end, the checksum of the
|
|
|
|
* repaired area is verified in order to correctly maintain
|
|
|
|
* the statistics.
|
|
|
|
*/
|
|
|
|
|
2015-02-21 01:00:26 +08:00
|
|
|
sblocks_for_recheck = kcalloc(BTRFS_MAX_MIRRORS,
|
|
|
|
sizeof(*sblocks_for_recheck), GFP_NOFS);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (!sblocks_for_recheck) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
sctx->stat.read_errors++;
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-11-02 20:26:57 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(dev, BTRFS_DEV_STAT_READ_ERRS);
|
2012-03-28 02:21:27 +08:00
|
|
|
goto out;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/* setup the context, map the logical blocks and alloc the pages */
|
2015-01-20 15:11:42 +08:00
|
|
|
ret = scrub_setup_recheck_block(sblock_to_check, sblocks_for_recheck);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (ret) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.read_errors++;
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-11-02 20:26:57 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(dev, BTRFS_DEV_STAT_READ_ERRS);
|
2012-03-28 02:21:27 +08:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
BUG_ON(failed_mirror_index >= BTRFS_MAX_MIRRORS);
|
|
|
|
sblock_bad = sblocks_for_recheck + failed_mirror_index;
|
2011-06-14 01:56:13 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/* build and submit the bios for the failed mirror, check checksums */
|
2015-08-24 21:32:06 +08:00
|
|
|
scrub_recheck_block(fs_info, sblock_bad, 1);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
if (!sblock_bad->header_error && !sblock_bad->checksum_error &&
|
|
|
|
sblock_bad->no_io_error_seen) {
|
|
|
|
/*
|
|
|
|
* the error disappeared after reading page by page, or
|
|
|
|
* the area was part of a huge bio and other parts of the
|
|
|
|
* bio caused I/O errors, or the block layer merged several
|
|
|
|
* read requests into one and the error is caused by a
|
|
|
|
* different bio (usually one of the two latter cases is
|
|
|
|
* the cause)
|
|
|
|
*/
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.unverified_errors++;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
sblock_to_check->data_corrected = 1;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_unlock(&sctx->stat_lock);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
if (sctx->is_dev_replace)
|
|
|
|
scrub_write_block_to_dev_replace(sblock_bad);
|
2012-03-28 02:21:27 +08:00
|
|
|
goto out;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
if (!sblock_bad->no_io_error_seen) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.read_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (__ratelimit(&_rs))
|
|
|
|
scrub_print_warning("i/o error", sblock_to_check);
|
2012-11-02 20:26:57 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(dev, BTRFS_DEV_STAT_READ_ERRS);
|
2012-03-28 02:21:27 +08:00
|
|
|
} else if (sblock_bad->checksum_error) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.csum_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (__ratelimit(&_rs))
|
|
|
|
scrub_print_warning("checksum error", sblock_to_check);
|
2012-11-02 20:26:57 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(dev,
|
2012-05-25 22:06:08 +08:00
|
|
|
BTRFS_DEV_STAT_CORRUPTION_ERRS);
|
2012-03-28 02:21:27 +08:00
|
|
|
} else if (sblock_bad->header_error) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.verify_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (__ratelimit(&_rs))
|
|
|
|
scrub_print_warning("checksum/header error",
|
|
|
|
sblock_to_check);
|
2012-05-25 22:06:08 +08:00
|
|
|
if (sblock_bad->generation_error)
|
2012-11-02 20:26:57 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(dev,
|
2012-05-25 22:06:08 +08:00
|
|
|
BTRFS_DEV_STAT_GENERATION_ERRS);
|
|
|
|
else
|
2012-11-02 20:26:57 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(dev,
|
2012-05-25 22:06:08 +08:00
|
|
|
BTRFS_DEV_STAT_CORRUPTION_ERRS);
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2013-11-04 01:06:38 +08:00
|
|
|
if (sctx->readonly) {
|
|
|
|
ASSERT(!sctx->is_dev_replace);
|
|
|
|
goto out;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
if (!is_metadata && !have_csum) {
|
|
|
|
struct scrub_fixup_nodatasum *fixup_nodatasum;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
WARN_ON(sctx->is_dev_replace);
|
|
|
|
|
2015-01-20 15:11:35 +08:00
|
|
|
nodatasum_case:
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* !is_metadata and !have_csum, this means that the data
|
2016-05-20 09:18:45 +08:00
|
|
|
* might not be COWed, that it might be modified
|
2012-03-28 02:21:27 +08:00
|
|
|
* concurrently. The general strategy to work on the
|
|
|
|
* commit root does not help in the case when COW is not
|
|
|
|
* used.
|
|
|
|
*/
|
|
|
|
fixup_nodatasum = kzalloc(sizeof(*fixup_nodatasum), GFP_NOFS);
|
|
|
|
if (!fixup_nodatasum)
|
|
|
|
goto did_not_correct_error;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
fixup_nodatasum->sctx = sctx;
|
2012-11-02 20:26:57 +08:00
|
|
|
fixup_nodatasum->dev = dev;
|
2012-03-28 02:21:27 +08:00
|
|
|
fixup_nodatasum->logical = logical;
|
|
|
|
fixup_nodatasum->root = fs_info->extent_root;
|
|
|
|
fixup_nodatasum->mirror_num = failed_mirror_index + 1;
|
2012-11-02 23:44:58 +08:00
|
|
|
scrub_pending_trans_workers_inc(sctx);
|
Btrfs: fix task hang under heavy compressed write
This has been reported and discussed for a long time, and this hang occurs in
both 3.15 and 3.16.
Btrfs now migrates to use kernel workqueue, but it introduces this hang problem.
Btrfs has a kind of work queued as an ordered way, which means that its
ordered_func() must be processed in the way of FIFO, so it usually looks like --
normal_work_helper(arg)
work = container_of(arg, struct btrfs_work, normal_work);
work->func() <---- (we name it work X)
for ordered_work in wq->ordered_list
ordered_work->ordered_func()
ordered_work->ordered_free()
The hang is a rare case, first when we find free space, we get an uncached block
group, then we go to read its free space cache inode for free space information,
so it will
file a readahead request
btrfs_readpages()
for page that is not in page cache
__do_readpage()
submit_extent_page()
btrfs_submit_bio_hook()
btrfs_bio_wq_end_io()
submit_bio()
end_workqueue_bio() <--(ret by the 1st endio)
queue a work(named work Y) for the 2nd
also the real endio()
So the hang occurs when work Y's work_struct and work X's work_struct happens
to share the same address.
A bit more explanation,
A,B,C -- struct btrfs_work
arg -- struct work_struct
kthread:
worker_thread()
pick up a work_struct from @worklist
process_one_work(arg)
worker->current_work = arg; <-- arg is A->normal_work
worker->current_func(arg)
normal_work_helper(arg)
A = container_of(arg, struct btrfs_work, normal_work);
A->func()
A->ordered_func()
A->ordered_free() <-- A gets freed
B->ordered_func()
submit_compressed_extents()
find_free_extent()
load_free_space_inode()
... <-- (the above readhead stack)
end_workqueue_bio()
btrfs_queue_work(work C)
B->ordered_free()
As if work A has a high priority in wq->ordered_list and there are more ordered
works queued after it, such as B->ordered_func(), its memory could have been
freed before normal_work_helper() returns, which means that kernel workqueue
code worker_thread() still has worker->current_work pointer to be work
A->normal_work's, ie. arg's address.
Meanwhile, work C is allocated after work A is freed, work C->normal_work
and work A->normal_work are likely to share the same address(I confirmed this
with ftrace output, so I'm not just guessing, it's rare though).
When another kthread picks up work C->normal_work to process, and finds our
kthread is processing it(see find_worker_executing_work()), it'll think
work C as a collision and skip then, which ends up nobody processing work C.
So the situation is that our kthread is waiting forever on work C.
Besides, there're other cases that can lead to deadlock, but the real problem
is that all btrfs workqueue shares one work->func, -- normal_work_helper,
so this makes each workqueue to have its own helper function, but only a
wraper pf normal_work_helper.
With this patch, I no long hit the above hang.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Chris Mason <clm@fb.com>
2014-08-15 23:36:53 +08:00
|
|
|
btrfs_init_work(&fixup_nodatasum->work, btrfs_scrub_helper,
|
|
|
|
scrub_fixup_nodatasum, NULL, NULL);
|
2014-02-28 10:46:17 +08:00
|
|
|
btrfs_queue_work(fs_info->scrub_workers,
|
|
|
|
&fixup_nodatasum->work);
|
2012-03-28 02:21:27 +08:00
|
|
|
goto out;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* now build and submit the bios for the other mirrors, check
|
2012-11-02 23:14:21 +08:00
|
|
|
* checksums.
|
|
|
|
* First try to pick the mirror which is completely without I/O
|
2012-03-28 02:21:27 +08:00
|
|
|
* errors and also does not have a checksum error.
|
|
|
|
* If one is found, and if a checksum is present, the full block
|
|
|
|
* that is known to contain an error is rewritten. Afterwards
|
|
|
|
* the block is known to be corrected.
|
|
|
|
* If a mirror is found which is completely correct, and no
|
|
|
|
* checksum is present, only those pages are rewritten that had
|
|
|
|
* an I/O error in the block to be repaired, since it cannot be
|
|
|
|
* determined, which copy of the other pages is better (and it
|
|
|
|
* could happen otherwise that a correct page would be
|
|
|
|
* overwritten by a bad one).
|
|
|
|
*/
|
Btrfs: fix scrub to repair raid6 corruption
The raid6 corruption is that,
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content.
We've fixed normal reads to rebuild raid6 correctly with more retries
in Patch "Btrfs: make raid6 rebuild retry more"[1], this is to fix
scrub to do the exactly same rebuild process.
[1]: https://patchwork.kernel.org/patch/10091755/
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2018-01-03 04:36:42 +08:00
|
|
|
for (mirror_index = 0; ;mirror_index++) {
|
2012-11-02 23:14:21 +08:00
|
|
|
struct scrub_block *sblock_other;
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2012-11-02 23:14:21 +08:00
|
|
|
if (mirror_index == failed_mirror_index)
|
|
|
|
continue;
|
Btrfs: fix scrub to repair raid6 corruption
The raid6 corruption is that,
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content.
We've fixed normal reads to rebuild raid6 correctly with more retries
in Patch "Btrfs: make raid6 rebuild retry more"[1], this is to fix
scrub to do the exactly same rebuild process.
[1]: https://patchwork.kernel.org/patch/10091755/
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2018-01-03 04:36:42 +08:00
|
|
|
|
|
|
|
/* raid56's mirror can be more than BTRFS_MAX_MIRRORS */
|
|
|
|
if (!scrub_is_page_on_raid56(sblock_bad->pagev[0])) {
|
|
|
|
if (mirror_index >= BTRFS_MAX_MIRRORS)
|
|
|
|
break;
|
|
|
|
if (!sblocks_for_recheck[mirror_index].page_count)
|
|
|
|
break;
|
|
|
|
|
|
|
|
sblock_other = sblocks_for_recheck + mirror_index;
|
|
|
|
} else {
|
|
|
|
struct scrub_recover *r = sblock_bad->pagev[0]->recover;
|
|
|
|
int max_allowed = r->bbio->num_stripes -
|
|
|
|
r->bbio->num_tgtdevs;
|
|
|
|
|
|
|
|
if (mirror_index >= max_allowed)
|
|
|
|
break;
|
|
|
|
if (!sblocks_for_recheck[1].page_count)
|
|
|
|
break;
|
|
|
|
|
|
|
|
ASSERT(failed_mirror_index == 0);
|
|
|
|
sblock_other = sblocks_for_recheck + 1;
|
|
|
|
sblock_other->pagev[0]->mirror_num = 1 + mirror_index;
|
|
|
|
}
|
2012-11-02 23:14:21 +08:00
|
|
|
|
|
|
|
/* build and submit the bios, check checksums */
|
2015-08-24 21:32:06 +08:00
|
|
|
scrub_recheck_block(fs_info, sblock_other, 0);
|
2012-11-02 23:16:26 +08:00
|
|
|
|
|
|
|
if (!sblock_other->header_error &&
|
2012-03-28 02:21:27 +08:00
|
|
|
!sblock_other->checksum_error &&
|
|
|
|
sblock_other->no_io_error_seen) {
|
2012-11-06 18:43:11 +08:00
|
|
|
if (sctx->is_dev_replace) {
|
|
|
|
scrub_write_block_to_dev_replace(sblock_other);
|
2015-01-20 15:11:36 +08:00
|
|
|
goto corrected_error;
|
2012-11-06 18:43:11 +08:00
|
|
|
} else {
|
|
|
|
ret = scrub_repair_block_from_good_copy(
|
2015-01-20 15:11:36 +08:00
|
|
|
sblock_bad, sblock_other);
|
|
|
|
if (!ret)
|
|
|
|
goto corrected_error;
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-01-20 15:11:41 +08:00
|
|
|
if (sblock_bad->no_io_error_seen && !sctx->is_dev_replace)
|
|
|
|
goto did_not_correct_error;
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* In case of I/O errors in the area that is supposed to be
|
2012-03-28 02:21:27 +08:00
|
|
|
* repaired, continue by picking good copies of those pages.
|
|
|
|
* Select the good pages from mirrors to rewrite bad pages from
|
|
|
|
* the area to fix. Afterwards verify the checksum of the block
|
|
|
|
* that is supposed to be repaired. This verification step is
|
|
|
|
* only done for the purpose of statistic counting and for the
|
|
|
|
* final scrub report, whether errors remain.
|
|
|
|
* A perfect algorithm could make use of the checksum and try
|
|
|
|
* all possible combinations of pages from the different mirrors
|
|
|
|
* until the checksum verification succeeds. For example, when
|
|
|
|
* the 2nd page of mirror #1 faces I/O errors, and the 2nd page
|
|
|
|
* of mirror #2 is readable but the final checksum test fails,
|
|
|
|
* then the 2nd page of mirror #3 could be tried, whether now
|
2016-05-20 09:18:45 +08:00
|
|
|
* the final checksum succeeds. But this would be a rare
|
2012-03-28 02:21:27 +08:00
|
|
|
* exception and is therefore not implemented. At least it is
|
|
|
|
* avoided that the good copy is overwritten.
|
|
|
|
* A more useful improvement would be to pick the sectors
|
|
|
|
* without I/O error based on sector sizes (512 bytes on legacy
|
|
|
|
* disks) instead of on PAGE_SIZE. Then maybe 512 byte of one
|
|
|
|
* mirror could be repaired by taking 512 byte of a different
|
|
|
|
* mirror, even if other 512 byte sectors in the same PAGE_SIZE
|
|
|
|
* area are unreadable.
|
2011-03-08 21:14:00 +08:00
|
|
|
*/
|
2012-03-28 02:21:27 +08:00
|
|
|
success = 1;
|
2015-01-20 15:11:41 +08:00
|
|
|
for (page_num = 0; page_num < sblock_bad->page_count;
|
|
|
|
page_num++) {
|
2012-11-02 21:58:04 +08:00
|
|
|
struct scrub_page *page_bad = sblock_bad->pagev[page_num];
|
2015-01-20 15:11:41 +08:00
|
|
|
struct scrub_block *sblock_other = NULL;
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2015-01-20 15:11:41 +08:00
|
|
|
/* skip no-io-error page in scrub */
|
|
|
|
if (!page_bad->io_error && !sctx->is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
continue;
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2015-01-20 15:11:41 +08:00
|
|
|
/* try to find no-io-error page in mirrors */
|
|
|
|
if (page_bad->io_error) {
|
|
|
|
for (mirror_index = 0;
|
|
|
|
mirror_index < BTRFS_MAX_MIRRORS &&
|
|
|
|
sblocks_for_recheck[mirror_index].page_count > 0;
|
|
|
|
mirror_index++) {
|
|
|
|
if (!sblocks_for_recheck[mirror_index].
|
|
|
|
pagev[page_num]->io_error) {
|
|
|
|
sblock_other = sblocks_for_recheck +
|
|
|
|
mirror_index;
|
|
|
|
break;
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-20 15:11:41 +08:00
|
|
|
if (!sblock_other)
|
|
|
|
success = 0;
|
2011-04-09 19:27:01 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-01-20 15:11:41 +08:00
|
|
|
if (sctx->is_dev_replace) {
|
|
|
|
/*
|
|
|
|
* did not find a mirror to fetch the page
|
|
|
|
* from. scrub_write_page_to_dev_replace()
|
|
|
|
* handles this case (page->io_error), by
|
|
|
|
* filling the block with zeros before
|
|
|
|
* submitting the write request
|
|
|
|
*/
|
|
|
|
if (!sblock_other)
|
|
|
|
sblock_other = sblock_bad;
|
|
|
|
|
|
|
|
if (scrub_write_page_to_dev_replace(sblock_other,
|
|
|
|
page_num) != 0) {
|
|
|
|
btrfs_dev_replace_stats_inc(
|
2016-06-23 06:54:23 +08:00
|
|
|
&fs_info->dev_replace.num_write_errors);
|
2015-01-20 15:11:41 +08:00
|
|
|
success = 0;
|
|
|
|
}
|
|
|
|
} else if (sblock_other) {
|
|
|
|
ret = scrub_repair_page_from_good_copy(sblock_bad,
|
|
|
|
sblock_other,
|
|
|
|
page_num, 0);
|
|
|
|
if (0 == ret)
|
|
|
|
page_bad->io_error = 0;
|
|
|
|
else
|
|
|
|
success = 0;
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2015-01-20 15:11:41 +08:00
|
|
|
if (success && !sctx->is_dev_replace) {
|
2012-03-28 02:21:27 +08:00
|
|
|
if (is_metadata || have_csum) {
|
|
|
|
/*
|
|
|
|
* need to verify the checksum now that all
|
|
|
|
* sectors on disk are repaired (the write
|
|
|
|
* request for data to be repaired is on its way).
|
|
|
|
* Just be lazy and use scrub_recheck_block()
|
|
|
|
* which re-reads the data before the checksum
|
|
|
|
* is verified, but most likely the data comes out
|
|
|
|
* of the page cache.
|
|
|
|
*/
|
2015-08-24 21:32:06 +08:00
|
|
|
scrub_recheck_block(fs_info, sblock_bad, 1);
|
2012-11-02 23:16:26 +08:00
|
|
|
if (!sblock_bad->header_error &&
|
2012-03-28 02:21:27 +08:00
|
|
|
!sblock_bad->checksum_error &&
|
|
|
|
sblock_bad->no_io_error_seen)
|
|
|
|
goto corrected_error;
|
|
|
|
else
|
|
|
|
goto did_not_correct_error;
|
|
|
|
} else {
|
|
|
|
corrected_error:
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.corrected_errors++;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
sblock_to_check->data_corrected = 1;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_unlock(&sctx->stat_lock);
|
2015-10-08 16:43:10 +08:00
|
|
|
btrfs_err_rl_in_rcu(fs_info,
|
|
|
|
"fixed up error at logical %llu on dev %s",
|
2013-08-20 19:20:07 +08:00
|
|
|
logical, rcu_str_deref(dev->name));
|
2011-03-23 23:34:19 +08:00
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
} else {
|
|
|
|
did_not_correct_error:
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2015-10-08 16:43:10 +08:00
|
|
|
btrfs_err_rl_in_rcu(fs_info,
|
|
|
|
"unable to fixup (regular) error at logical %llu on dev %s",
|
2013-08-20 19:20:07 +08:00
|
|
|
logical, rcu_str_deref(dev->name));
|
2011-04-09 19:27:01 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
out:
|
|
|
|
if (sblocks_for_recheck) {
|
|
|
|
for (mirror_index = 0; mirror_index < BTRFS_MAX_MIRRORS;
|
|
|
|
mirror_index++) {
|
|
|
|
struct scrub_block *sblock = sblocks_for_recheck +
|
|
|
|
mirror_index;
|
2014-10-23 14:42:50 +08:00
|
|
|
struct scrub_recover *recover;
|
2012-03-28 02:21:27 +08:00
|
|
|
int page_index;
|
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
for (page_index = 0; page_index < sblock->page_count;
|
|
|
|
page_index++) {
|
|
|
|
sblock->pagev[page_index]->sblock = NULL;
|
2014-10-23 14:42:50 +08:00
|
|
|
recover = sblock->pagev[page_index]->recover;
|
|
|
|
if (recover) {
|
2017-03-29 09:33:22 +08:00
|
|
|
scrub_put_recover(fs_info, recover);
|
2014-10-23 14:42:50 +08:00
|
|
|
sblock->pagev[page_index]->recover =
|
|
|
|
NULL;
|
|
|
|
}
|
2012-11-02 21:58:04 +08:00
|
|
|
scrub_page_put(sblock->pagev[page_index]);
|
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
kfree(sblocks_for_recheck);
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
btrfs: scrub: Fix RAID56 recovery race condition
When scrubbing a RAID5 which has recoverable data corruption (only one
data stripe is corrupted), sometimes scrub will report more csum errors
than expected. Sometimes even unrecoverable error will be reported.
The problem can be easily reproduced by the following steps:
1) Create a btrfs with RAID5 data profile with 3 devs
2) Mount it with nospace_cache or space_cache=v2
To avoid extra data space usage.
3) Create a 128K file and sync the fs, unmount it
Now the 128K file lies at the beginning of the data chunk
4) Locate the physical bytenr of data chunk on dev3
Dev3 is the 1st data stripe.
5) Corrupt the first 64K of the data chunk stripe on dev3
6) Mount the fs and scrub it
The correct csum error number should be 16 (assuming using x86_64).
Larger csum error number can be reported in a 1/3 chance.
And unrecoverable error can also be reported in a 1/10 chance.
The root cause of the problem is RAID5/6 recover code has race
condition, due to the fact that full scrub is initiated per device.
While for other mirror based profiles, each mirror is independent with
each other, so race won't cause any big problem.
For example:
Corrupted | Correct | Correct |
| Scrub dev3 (D1) | Scrub dev2 (D2) | Scrub dev1(P) |
------------------------------------------------------------------------
Read out D1 |Read out D2 |Read full stripe |
Check csum |Check csum |Check parity |
Csum mismatch |Csum match, continue |Parity mismatch |
handle_errored_block | |handle_errored_block |
Read out full stripe | | Read out full stripe|
D1 csum error(err++) | | D1 csum error(err++)|
Recover D1 | | Recover D1 |
So D1's csum error is accounted twice, just because
handle_errored_block() doesn't have enough protection, and race can happen.
On even worse case, for example D1's recovery code is re-writing
D1/D2/P, and P's recovery code is just reading out full stripe, then we
can cause unrecoverable error.
This patch will use previously introduced lock_full_stripe() and
unlock_full_stripe() to protect the whole scrub_handle_errored_block()
function for RAID56 recovery.
So no extra csum error nor unrecoverable error.
Reported-by: Goffredo Baroncelli <kreijack@libero.it>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-04-14 08:35:55 +08:00
|
|
|
ret = unlock_full_stripe(fs_info, logical, full_stripe_locked);
|
|
|
|
if (ret < 0)
|
|
|
|
return ret;
|
2012-03-28 02:21:27 +08:00
|
|
|
return 0;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-01-20 15:11:33 +08:00
|
|
|
static inline int scrub_nr_raid_mirrors(struct btrfs_bio *bbio)
|
2014-10-23 14:42:50 +08:00
|
|
|
{
|
2015-01-20 15:11:43 +08:00
|
|
|
if (bbio->map_type & BTRFS_BLOCK_GROUP_RAID5)
|
|
|
|
return 2;
|
|
|
|
else if (bbio->map_type & BTRFS_BLOCK_GROUP_RAID6)
|
|
|
|
return 3;
|
|
|
|
else
|
2014-10-23 14:42:50 +08:00
|
|
|
return (int)bbio->num_stripes;
|
|
|
|
}
|
|
|
|
|
2015-01-20 15:11:43 +08:00
|
|
|
static inline void scrub_stripe_index_and_offset(u64 logical, u64 map_type,
|
|
|
|
u64 *raid_map,
|
2014-10-23 14:42:50 +08:00
|
|
|
u64 mapped_length,
|
|
|
|
int nstripes, int mirror,
|
|
|
|
int *stripe_index,
|
|
|
|
u64 *stripe_offset)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
2015-01-20 15:11:44 +08:00
|
|
|
if (map_type & BTRFS_BLOCK_GROUP_RAID56_MASK) {
|
2014-10-23 14:42:50 +08:00
|
|
|
/* RAID5/6 */
|
|
|
|
for (i = 0; i < nstripes; i++) {
|
|
|
|
if (raid_map[i] == RAID6_Q_STRIPE ||
|
|
|
|
raid_map[i] == RAID5_P_STRIPE)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (logical >= raid_map[i] &&
|
|
|
|
logical < raid_map[i] + mapped_length)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
*stripe_index = i;
|
|
|
|
*stripe_offset = logical - raid_map[i];
|
|
|
|
} else {
|
|
|
|
/* The other RAID type */
|
|
|
|
*stripe_index = mirror;
|
|
|
|
*stripe_offset = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-01-20 15:11:42 +08:00
|
|
|
static int scrub_setup_recheck_block(struct scrub_block *original_sblock,
|
2012-03-28 02:21:27 +08:00
|
|
|
struct scrub_block *sblocks_for_recheck)
|
|
|
|
{
|
2015-01-20 15:11:42 +08:00
|
|
|
struct scrub_ctx *sctx = original_sblock->sctx;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2015-01-20 15:11:42 +08:00
|
|
|
u64 length = original_sblock->page_count * PAGE_SIZE;
|
|
|
|
u64 logical = original_sblock->pagev[0]->logical;
|
2015-08-19 22:39:18 +08:00
|
|
|
u64 generation = original_sblock->pagev[0]->generation;
|
|
|
|
u64 flags = original_sblock->pagev[0]->flags;
|
|
|
|
u64 have_csum = original_sblock->pagev[0]->have_csum;
|
2014-10-23 14:42:50 +08:00
|
|
|
struct scrub_recover *recover;
|
|
|
|
struct btrfs_bio *bbio;
|
|
|
|
u64 sublen;
|
|
|
|
u64 mapped_length;
|
|
|
|
u64 stripe_offset;
|
|
|
|
int stripe_index;
|
2015-01-20 15:11:42 +08:00
|
|
|
int page_index = 0;
|
2012-03-28 02:21:27 +08:00
|
|
|
int mirror_index;
|
2014-10-23 14:42:50 +08:00
|
|
|
int nmirrors;
|
2012-03-28 02:21:27 +08:00
|
|
|
int ret;
|
|
|
|
|
|
|
|
/*
|
2015-01-20 15:11:45 +08:00
|
|
|
* note: the two members refs and outstanding_pages
|
2012-03-28 02:21:27 +08:00
|
|
|
* are not used (and not set) in the blocks that are used for
|
|
|
|
* the recheck procedure
|
|
|
|
*/
|
|
|
|
|
|
|
|
while (length > 0) {
|
2014-10-23 14:42:50 +08:00
|
|
|
sublen = min_t(u64, length, PAGE_SIZE);
|
|
|
|
mapped_length = sublen;
|
|
|
|
bbio = NULL;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* with a length of PAGE_SIZE, each returned stripe
|
|
|
|
* represents one mirror
|
|
|
|
*/
|
2017-03-29 09:33:22 +08:00
|
|
|
btrfs_bio_counter_inc_blocked(fs_info);
|
2016-10-27 15:27:36 +08:00
|
|
|
ret = btrfs_map_sblock(fs_info, BTRFS_MAP_GET_READ_MIRRORS,
|
2017-03-28 20:45:22 +08:00
|
|
|
logical, &mapped_length, &bbio);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (ret || !bbio || mapped_length < sublen) {
|
2015-01-20 15:11:34 +08:00
|
|
|
btrfs_put_bbio(bbio);
|
2017-03-29 09:33:22 +08:00
|
|
|
btrfs_bio_counter_dec(fs_info);
|
2012-03-28 02:21:27 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2014-10-23 14:42:50 +08:00
|
|
|
recover = kzalloc(sizeof(struct scrub_recover), GFP_NOFS);
|
|
|
|
if (!recover) {
|
2015-01-20 15:11:34 +08:00
|
|
|
btrfs_put_bbio(bbio);
|
2017-03-29 09:33:22 +08:00
|
|
|
btrfs_bio_counter_dec(fs_info);
|
2014-10-23 14:42:50 +08:00
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
2017-03-03 16:55:21 +08:00
|
|
|
refcount_set(&recover->refs, 1);
|
2014-10-23 14:42:50 +08:00
|
|
|
recover->bbio = bbio;
|
|
|
|
recover->map_length = mapped_length;
|
|
|
|
|
2016-04-30 09:33:59 +08:00
|
|
|
BUG_ON(page_index >= SCRUB_MAX_PAGES_PER_BLOCK);
|
2014-10-23 14:42:50 +08:00
|
|
|
|
2015-01-20 15:11:42 +08:00
|
|
|
nmirrors = min(scrub_nr_raid_mirrors(bbio), BTRFS_MAX_MIRRORS);
|
2015-01-20 15:11:43 +08:00
|
|
|
|
2014-10-23 14:42:50 +08:00
|
|
|
for (mirror_index = 0; mirror_index < nmirrors;
|
2012-03-28 02:21:27 +08:00
|
|
|
mirror_index++) {
|
|
|
|
struct scrub_block *sblock;
|
|
|
|
struct scrub_page *page;
|
|
|
|
|
|
|
|
sblock = sblocks_for_recheck + mirror_index;
|
2012-11-02 21:58:04 +08:00
|
|
|
sblock->sctx = sctx;
|
2015-08-19 22:39:18 +08:00
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
page = kzalloc(sizeof(*page), GFP_NOFS);
|
|
|
|
if (!page) {
|
|
|
|
leave_nomem:
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2017-03-29 09:33:22 +08:00
|
|
|
scrub_put_recover(fs_info, recover);
|
2012-03-28 02:21:27 +08:00
|
|
|
return -ENOMEM;
|
|
|
|
}
|
2012-11-02 21:58:04 +08:00
|
|
|
scrub_page_get(page);
|
|
|
|
sblock->pagev[page_index] = page;
|
2015-08-19 22:39:18 +08:00
|
|
|
page->sblock = sblock;
|
|
|
|
page->flags = flags;
|
|
|
|
page->generation = generation;
|
2012-11-02 21:58:04 +08:00
|
|
|
page->logical = logical;
|
2015-08-19 22:39:18 +08:00
|
|
|
page->have_csum = have_csum;
|
|
|
|
if (have_csum)
|
|
|
|
memcpy(page->csum,
|
|
|
|
original_sblock->pagev[0]->csum,
|
|
|
|
sctx->csum_size);
|
2014-10-23 14:42:50 +08:00
|
|
|
|
2015-01-20 15:11:43 +08:00
|
|
|
scrub_stripe_index_and_offset(logical,
|
|
|
|
bbio->map_type,
|
|
|
|
bbio->raid_map,
|
2014-10-23 14:42:50 +08:00
|
|
|
mapped_length,
|
2015-01-20 15:11:31 +08:00
|
|
|
bbio->num_stripes -
|
|
|
|
bbio->num_tgtdevs,
|
2014-10-23 14:42:50 +08:00
|
|
|
mirror_index,
|
|
|
|
&stripe_index,
|
|
|
|
&stripe_offset);
|
|
|
|
page->physical = bbio->stripes[stripe_index].physical +
|
|
|
|
stripe_offset;
|
|
|
|
page->dev = bbio->stripes[stripe_index].dev;
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
BUG_ON(page_index >= original_sblock->page_count);
|
|
|
|
page->physical_for_dev_replace =
|
|
|
|
original_sblock->pagev[page_index]->
|
|
|
|
physical_for_dev_replace;
|
2012-11-02 21:58:04 +08:00
|
|
|
/* for missing devices, dev->bdev is NULL */
|
|
|
|
page->mirror_num = mirror_index + 1;
|
2012-03-28 02:21:27 +08:00
|
|
|
sblock->page_count++;
|
2012-11-02 21:58:04 +08:00
|
|
|
page->page = alloc_page(GFP_NOFS);
|
|
|
|
if (!page->page)
|
|
|
|
goto leave_nomem;
|
2014-10-23 14:42:50 +08:00
|
|
|
|
|
|
|
scrub_get_recover(recover);
|
|
|
|
page->recover = recover;
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
2017-03-29 09:33:22 +08:00
|
|
|
scrub_put_recover(fs_info, recover);
|
2012-03-28 02:21:27 +08:00
|
|
|
length -= sublen;
|
|
|
|
logical += sublen;
|
|
|
|
page_index++;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
2011-04-09 19:27:01 +08:00
|
|
|
}
|
|
|
|
|
2015-07-20 21:29:37 +08:00
|
|
|
static void scrub_bio_wait_endio(struct bio *bio)
|
2014-10-23 14:42:50 +08:00
|
|
|
{
|
2017-12-01 08:26:39 +08:00
|
|
|
complete(bio->bi_private);
|
2014-10-23 14:42:50 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static int scrub_submit_raid56_bio_wait(struct btrfs_fs_info *fs_info,
|
|
|
|
struct bio *bio,
|
|
|
|
struct scrub_page *page)
|
|
|
|
{
|
2017-12-01 08:26:39 +08:00
|
|
|
DECLARE_COMPLETION_ONSTACK(done);
|
2014-10-23 14:42:50 +08:00
|
|
|
int ret;
|
Btrfs: fix scrub to repair raid6 corruption
The raid6 corruption is that,
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content.
We've fixed normal reads to rebuild raid6 correctly with more retries
in Patch "Btrfs: make raid6 rebuild retry more"[1], this is to fix
scrub to do the exactly same rebuild process.
[1]: https://patchwork.kernel.org/patch/10091755/
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2018-01-03 04:36:42 +08:00
|
|
|
int mirror_num;
|
2014-10-23 14:42:50 +08:00
|
|
|
|
|
|
|
bio->bi_iter.bi_sector = page->logical >> 9;
|
|
|
|
bio->bi_private = &done;
|
|
|
|
bio->bi_end_io = scrub_bio_wait_endio;
|
|
|
|
|
Btrfs: fix scrub to repair raid6 corruption
The raid6 corruption is that,
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content.
We've fixed normal reads to rebuild raid6 correctly with more retries
in Patch "Btrfs: make raid6 rebuild retry more"[1], this is to fix
scrub to do the exactly same rebuild process.
[1]: https://patchwork.kernel.org/patch/10091755/
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2018-01-03 04:36:42 +08:00
|
|
|
mirror_num = page->sblock->pagev[0]->mirror_num;
|
2016-06-23 06:54:24 +08:00
|
|
|
ret = raid56_parity_recover(fs_info, bio, page->recover->bbio,
|
2014-10-23 14:42:50 +08:00
|
|
|
page->recover->map_length,
|
Btrfs: fix scrub to repair raid6 corruption
The raid6 corruption is that,
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content.
We've fixed normal reads to rebuild raid6 correctly with more retries
in Patch "Btrfs: make raid6 rebuild retry more"[1], this is to fix
scrub to do the exactly same rebuild process.
[1]: https://patchwork.kernel.org/patch/10091755/
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2018-01-03 04:36:42 +08:00
|
|
|
mirror_num, 0);
|
2014-10-23 14:42:50 +08:00
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
2017-12-01 08:26:39 +08:00
|
|
|
wait_for_completion_io(&done);
|
|
|
|
return blk_status_to_errno(bio->bi_status);
|
2014-10-23 14:42:50 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* this function will check the on disk data for checksum errors, header
|
|
|
|
* errors and read I/O errors. If any I/O errors happen, the exact pages
|
|
|
|
* which are errored are marked as being bad. The goal is to enable scrub
|
|
|
|
* to take those pages that are not errored from all the mirrors so that
|
|
|
|
* the pages that are errored in the just handled mirror can be repaired.
|
|
|
|
*/
|
2012-11-02 23:16:26 +08:00
|
|
|
static void scrub_recheck_block(struct btrfs_fs_info *fs_info,
|
2015-08-24 21:32:06 +08:00
|
|
|
struct scrub_block *sblock,
|
|
|
|
int retry_failed_mirror)
|
2011-04-09 19:27:01 +08:00
|
|
|
{
|
2012-03-28 02:21:27 +08:00
|
|
|
int page_num;
|
2011-04-09 19:27:01 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
sblock->no_io_error_seen = 1;
|
2011-04-09 19:27:01 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
for (page_num = 0; page_num < sblock->page_count; page_num++) {
|
|
|
|
struct bio *bio;
|
2012-11-02 21:58:04 +08:00
|
|
|
struct scrub_page *page = sblock->pagev[page_num];
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2012-05-25 22:06:08 +08:00
|
|
|
if (page->dev->bdev == NULL) {
|
2012-05-05 03:16:07 +08:00
|
|
|
page->io_error = 1;
|
|
|
|
sblock->no_io_error_seen = 0;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
WARN_ON(!page->page);
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(1);
|
2017-08-24 01:10:32 +08:00
|
|
|
bio_set_dev(bio, page->dev->bdev);
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2012-11-02 23:16:26 +08:00
|
|
|
bio_add_page(bio, page->page, PAGE_SIZE, 0);
|
2014-10-23 14:42:50 +08:00
|
|
|
if (!retry_failed_mirror && scrub_is_page_on_raid56(page)) {
|
2017-03-30 01:55:16 +08:00
|
|
|
if (scrub_submit_raid56_bio_wait(fs_info, bio, page)) {
|
|
|
|
page->io_error = 1;
|
2014-10-23 14:42:50 +08:00
|
|
|
sblock->no_io_error_seen = 0;
|
2017-03-30 01:55:16 +08:00
|
|
|
}
|
2014-10-23 14:42:50 +08:00
|
|
|
} else {
|
|
|
|
bio->bi_iter.bi_sector = page->physical >> 9;
|
2016-06-06 03:31:52 +08:00
|
|
|
bio_set_op_attrs(bio, REQ_OP_READ, 0);
|
2014-10-23 14:42:50 +08:00
|
|
|
|
2017-03-30 01:55:16 +08:00
|
|
|
if (btrfsic_submit_bio_wait(bio)) {
|
|
|
|
page->io_error = 1;
|
2014-10-23 14:42:50 +08:00
|
|
|
sblock->no_io_error_seen = 0;
|
2017-03-30 01:55:16 +08:00
|
|
|
}
|
2014-10-23 14:42:50 +08:00
|
|
|
}
|
2013-11-24 14:33:32 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
bio_put(bio);
|
|
|
|
}
|
2011-04-09 19:27:01 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
if (sblock->no_io_error_seen)
|
2015-08-24 21:18:02 +08:00
|
|
|
scrub_recheck_block_checksum(sblock);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2014-07-24 11:37:08 +08:00
|
|
|
static inline int scrub_check_fsid(u8 fsid[],
|
|
|
|
struct scrub_page *spage)
|
|
|
|
{
|
|
|
|
struct btrfs_fs_devices *fs_devices = spage->dev->fs_devices;
|
|
|
|
int ret;
|
|
|
|
|
2017-07-29 17:50:09 +08:00
|
|
|
ret = memcmp(fsid, fs_devices->fsid, BTRFS_FSID_SIZE);
|
2014-07-24 11:37:08 +08:00
|
|
|
return !ret;
|
|
|
|
}
|
|
|
|
|
2015-08-24 21:18:02 +08:00
|
|
|
static void scrub_recheck_block_checksum(struct scrub_block *sblock)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
2015-08-24 21:18:02 +08:00
|
|
|
sblock->header_error = 0;
|
|
|
|
sblock->checksum_error = 0;
|
|
|
|
sblock->generation_error = 0;
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2015-08-24 21:18:02 +08:00
|
|
|
if (sblock->pagev[0]->flags & BTRFS_EXTENT_FLAG_DATA)
|
|
|
|
scrub_checksum_data(sblock);
|
|
|
|
else
|
|
|
|
scrub_checksum_tree_block(sblock);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_repair_block_from_good_copy(struct scrub_block *sblock_bad,
|
2015-01-20 15:11:36 +08:00
|
|
|
struct scrub_block *sblock_good)
|
2012-03-28 02:21:27 +08:00
|
|
|
{
|
|
|
|
int page_num;
|
|
|
|
int ret = 0;
|
2011-04-09 19:27:01 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
for (page_num = 0; page_num < sblock_bad->page_count; page_num++) {
|
|
|
|
int ret_sub;
|
2011-04-09 19:27:01 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
ret_sub = scrub_repair_page_from_good_copy(sblock_bad,
|
|
|
|
sblock_good,
|
2015-01-20 15:11:36 +08:00
|
|
|
page_num, 1);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (ret_sub)
|
|
|
|
ret = ret_sub;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int scrub_repair_page_from_good_copy(struct scrub_block *sblock_bad,
|
|
|
|
struct scrub_block *sblock_good,
|
|
|
|
int page_num, int force_write)
|
|
|
|
{
|
2012-11-02 21:58:04 +08:00
|
|
|
struct scrub_page *page_bad = sblock_bad->pagev[page_num];
|
|
|
|
struct scrub_page *page_good = sblock_good->pagev[page_num];
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sblock_bad->sctx->fs_info;
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
BUG_ON(page_bad->page == NULL);
|
|
|
|
BUG_ON(page_good->page == NULL);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (force_write || sblock_bad->header_error ||
|
|
|
|
sblock_bad->checksum_error || page_bad->io_error) {
|
|
|
|
struct bio *bio;
|
|
|
|
int ret;
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
if (!page_bad->dev->bdev) {
|
2016-06-23 06:54:23 +08:00
|
|
|
btrfs_warn_rl(fs_info,
|
2016-09-20 22:05:00 +08:00
|
|
|
"scrub_repair_page_from_good_copy(bdev == NULL) is unexpected");
|
2012-11-06 18:43:11 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(1);
|
2017-08-24 01:10:32 +08:00
|
|
|
bio_set_dev(bio, page_bad->dev->bdev);
|
2013-10-12 06:44:27 +08:00
|
|
|
bio->bi_iter.bi_sector = page_bad->physical >> 9;
|
2016-06-06 03:31:52 +08:00
|
|
|
bio_set_op_attrs(bio, REQ_OP_WRITE, 0);
|
2012-03-28 02:21:27 +08:00
|
|
|
|
|
|
|
ret = bio_add_page(bio, page_good->page, PAGE_SIZE, 0);
|
|
|
|
if (PAGE_SIZE != ret) {
|
|
|
|
bio_put(bio);
|
|
|
|
return -EIO;
|
2011-06-14 01:56:13 +08:00
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2016-06-06 03:31:41 +08:00
|
|
|
if (btrfsic_submit_bio_wait(bio)) {
|
2012-05-25 22:06:08 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(page_bad->dev,
|
|
|
|
BTRFS_DEV_STAT_WRITE_ERRS);
|
2012-11-06 18:43:11 +08:00
|
|
|
btrfs_dev_replace_stats_inc(
|
2016-06-23 06:54:23 +08:00
|
|
|
&fs_info->dev_replace.num_write_errors);
|
2012-05-25 22:06:08 +08:00
|
|
|
bio_put(bio);
|
|
|
|
return -EIO;
|
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
bio_put(bio);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
static void scrub_write_block_to_dev_replace(struct scrub_block *sblock)
|
|
|
|
{
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sblock->sctx->fs_info;
|
2012-11-06 18:43:11 +08:00
|
|
|
int page_num;
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
/*
|
|
|
|
* This block is used for the check of the parity on the source device,
|
|
|
|
* so the data needn't be written into the destination device.
|
|
|
|
*/
|
|
|
|
if (sblock->sparity)
|
|
|
|
return;
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
for (page_num = 0; page_num < sblock->page_count; page_num++) {
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = scrub_write_page_to_dev_replace(sblock, page_num);
|
|
|
|
if (ret)
|
|
|
|
btrfs_dev_replace_stats_inc(
|
2016-06-23 06:54:23 +08:00
|
|
|
&fs_info->dev_replace.num_write_errors);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static int scrub_write_page_to_dev_replace(struct scrub_block *sblock,
|
|
|
|
int page_num)
|
|
|
|
{
|
|
|
|
struct scrub_page *spage = sblock->pagev[page_num];
|
|
|
|
|
|
|
|
BUG_ON(spage->page == NULL);
|
|
|
|
if (spage->io_error) {
|
|
|
|
void *mapped_buffer = kmap_atomic(spage->page);
|
|
|
|
|
2017-03-30 02:48:44 +08:00
|
|
|
clear_page(mapped_buffer);
|
2012-11-06 18:43:11 +08:00
|
|
|
flush_dcache_page(spage->page);
|
|
|
|
kunmap_atomic(mapped_buffer);
|
|
|
|
}
|
|
|
|
return scrub_add_page_to_wr_bio(sblock->sctx, spage);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int scrub_add_page_to_wr_bio(struct scrub_ctx *sctx,
|
|
|
|
struct scrub_page *spage)
|
|
|
|
{
|
|
|
|
struct scrub_bio *sbio;
|
|
|
|
int ret;
|
|
|
|
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
again:
|
2017-05-17 01:10:32 +08:00
|
|
|
if (!sctx->wr_curr_bio) {
|
|
|
|
sctx->wr_curr_bio = kzalloc(sizeof(*sctx->wr_curr_bio),
|
2016-02-11 17:49:42 +08:00
|
|
|
GFP_KERNEL);
|
2017-05-17 01:10:32 +08:00
|
|
|
if (!sctx->wr_curr_bio) {
|
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
return -ENOMEM;
|
|
|
|
}
|
2017-05-17 01:10:32 +08:00
|
|
|
sctx->wr_curr_bio->sctx = sctx;
|
|
|
|
sctx->wr_curr_bio->page_count = 0;
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
2017-05-17 01:10:32 +08:00
|
|
|
sbio = sctx->wr_curr_bio;
|
2012-11-06 18:43:11 +08:00
|
|
|
if (sbio->page_count == 0) {
|
|
|
|
struct bio *bio;
|
|
|
|
|
|
|
|
sbio->physical = spage->physical_for_dev_replace;
|
|
|
|
sbio->logical = spage->logical;
|
2017-05-17 01:10:32 +08:00
|
|
|
sbio->dev = sctx->wr_tgtdev;
|
2012-11-06 18:43:11 +08:00
|
|
|
bio = sbio->bio;
|
|
|
|
if (!bio) {
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(sctx->pages_per_wr_bio);
|
2012-11-06 18:43:11 +08:00
|
|
|
sbio->bio = bio;
|
|
|
|
}
|
|
|
|
|
|
|
|
bio->bi_private = sbio;
|
|
|
|
bio->bi_end_io = scrub_wr_bio_end_io;
|
2017-08-24 01:10:32 +08:00
|
|
|
bio_set_dev(bio, sbio->dev->bdev);
|
2013-10-12 06:44:27 +08:00
|
|
|
bio->bi_iter.bi_sector = sbio->physical >> 9;
|
2016-06-06 03:31:52 +08:00
|
|
|
bio_set_op_attrs(bio, REQ_OP_WRITE, 0);
|
2017-06-03 15:38:06 +08:00
|
|
|
sbio->status = 0;
|
2012-11-06 18:43:11 +08:00
|
|
|
} else if (sbio->physical + sbio->page_count * PAGE_SIZE !=
|
|
|
|
spage->physical_for_dev_replace ||
|
|
|
|
sbio->logical + sbio->page_count * PAGE_SIZE !=
|
|
|
|
spage->logical) {
|
|
|
|
scrub_wr_submit(sctx);
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = bio_add_page(sbio->bio, spage->page, PAGE_SIZE, 0);
|
|
|
|
if (ret != PAGE_SIZE) {
|
|
|
|
if (sbio->page_count < 1) {
|
|
|
|
bio_put(sbio->bio);
|
|
|
|
sbio->bio = NULL;
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
scrub_wr_submit(sctx);
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
|
|
|
|
sbio->pagev[sbio->page_count] = spage;
|
|
|
|
scrub_page_get(spage);
|
|
|
|
sbio->page_count++;
|
2017-05-17 01:10:32 +08:00
|
|
|
if (sbio->page_count == sctx->pages_per_wr_bio)
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_wr_submit(struct scrub_ctx *sctx)
|
|
|
|
{
|
|
|
|
struct scrub_bio *sbio;
|
|
|
|
|
2017-05-17 01:10:32 +08:00
|
|
|
if (!sctx->wr_curr_bio)
|
2012-11-06 18:43:11 +08:00
|
|
|
return;
|
|
|
|
|
2017-05-17 01:10:32 +08:00
|
|
|
sbio = sctx->wr_curr_bio;
|
|
|
|
sctx->wr_curr_bio = NULL;
|
2017-08-24 01:10:32 +08:00
|
|
|
WARN_ON(!sbio->bio->bi_disk);
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_pending_bio_inc(sctx);
|
|
|
|
/* process all writes in a single worker thread. Then the block layer
|
|
|
|
* orders the requests before sending them to the driver which
|
|
|
|
* doubled the write performance on spinning disks when measured
|
|
|
|
* with Linux 3.5 */
|
2016-06-06 03:31:41 +08:00
|
|
|
btrfsic_submit_bio(sbio->bio);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
|
|
|
|
2015-07-20 21:29:37 +08:00
|
|
|
static void scrub_wr_bio_end_io(struct bio *bio)
|
2012-11-06 18:43:11 +08:00
|
|
|
{
|
|
|
|
struct scrub_bio *sbio = bio->bi_private;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sbio->dev->fs_info;
|
2012-11-06 18:43:11 +08:00
|
|
|
|
2017-06-03 15:38:06 +08:00
|
|
|
sbio->status = bio->bi_status;
|
2012-11-06 18:43:11 +08:00
|
|
|
sbio->bio = bio;
|
|
|
|
|
Btrfs: fix task hang under heavy compressed write
This has been reported and discussed for a long time, and this hang occurs in
both 3.15 and 3.16.
Btrfs now migrates to use kernel workqueue, but it introduces this hang problem.
Btrfs has a kind of work queued as an ordered way, which means that its
ordered_func() must be processed in the way of FIFO, so it usually looks like --
normal_work_helper(arg)
work = container_of(arg, struct btrfs_work, normal_work);
work->func() <---- (we name it work X)
for ordered_work in wq->ordered_list
ordered_work->ordered_func()
ordered_work->ordered_free()
The hang is a rare case, first when we find free space, we get an uncached block
group, then we go to read its free space cache inode for free space information,
so it will
file a readahead request
btrfs_readpages()
for page that is not in page cache
__do_readpage()
submit_extent_page()
btrfs_submit_bio_hook()
btrfs_bio_wq_end_io()
submit_bio()
end_workqueue_bio() <--(ret by the 1st endio)
queue a work(named work Y) for the 2nd
also the real endio()
So the hang occurs when work Y's work_struct and work X's work_struct happens
to share the same address.
A bit more explanation,
A,B,C -- struct btrfs_work
arg -- struct work_struct
kthread:
worker_thread()
pick up a work_struct from @worklist
process_one_work(arg)
worker->current_work = arg; <-- arg is A->normal_work
worker->current_func(arg)
normal_work_helper(arg)
A = container_of(arg, struct btrfs_work, normal_work);
A->func()
A->ordered_func()
A->ordered_free() <-- A gets freed
B->ordered_func()
submit_compressed_extents()
find_free_extent()
load_free_space_inode()
... <-- (the above readhead stack)
end_workqueue_bio()
btrfs_queue_work(work C)
B->ordered_free()
As if work A has a high priority in wq->ordered_list and there are more ordered
works queued after it, such as B->ordered_func(), its memory could have been
freed before normal_work_helper() returns, which means that kernel workqueue
code worker_thread() still has worker->current_work pointer to be work
A->normal_work's, ie. arg's address.
Meanwhile, work C is allocated after work A is freed, work C->normal_work
and work A->normal_work are likely to share the same address(I confirmed this
with ftrace output, so I'm not just guessing, it's rare though).
When another kthread picks up work C->normal_work to process, and finds our
kthread is processing it(see find_worker_executing_work()), it'll think
work C as a collision and skip then, which ends up nobody processing work C.
So the situation is that our kthread is waiting forever on work C.
Besides, there're other cases that can lead to deadlock, but the real problem
is that all btrfs workqueue shares one work->func, -- normal_work_helper,
so this makes each workqueue to have its own helper function, but only a
wraper pf normal_work_helper.
With this patch, I no long hit the above hang.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Chris Mason <clm@fb.com>
2014-08-15 23:36:53 +08:00
|
|
|
btrfs_init_work(&sbio->work, btrfs_scrubwrc_helper,
|
|
|
|
scrub_wr_bio_end_io_worker, NULL, NULL);
|
2014-02-28 10:46:17 +08:00
|
|
|
btrfs_queue_work(fs_info->scrub_wr_completion_workers, &sbio->work);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_wr_bio_end_io_worker(struct btrfs_work *work)
|
|
|
|
{
|
|
|
|
struct scrub_bio *sbio = container_of(work, struct scrub_bio, work);
|
|
|
|
struct scrub_ctx *sctx = sbio->sctx;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
WARN_ON(sbio->page_count > SCRUB_PAGES_PER_WR_BIO);
|
2017-06-03 15:38:06 +08:00
|
|
|
if (sbio->status) {
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_dev_replace *dev_replace =
|
2016-06-23 06:54:56 +08:00
|
|
|
&sbio->sctx->fs_info->dev_replace;
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
for (i = 0; i < sbio->page_count; i++) {
|
|
|
|
struct scrub_page *spage = sbio->pagev[i];
|
|
|
|
|
|
|
|
spage->io_error = 1;
|
|
|
|
btrfs_dev_replace_stats_inc(&dev_replace->
|
|
|
|
num_write_errors);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < sbio->page_count; i++)
|
|
|
|
scrub_page_put(sbio->pagev[i]);
|
|
|
|
|
|
|
|
bio_put(sbio->bio);
|
|
|
|
kfree(sbio);
|
|
|
|
scrub_pending_bio_dec(sctx);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int scrub_checksum(struct scrub_block *sblock)
|
2012-03-28 02:21:27 +08:00
|
|
|
{
|
|
|
|
u64 flags;
|
|
|
|
int ret;
|
|
|
|
|
2015-08-24 21:18:02 +08:00
|
|
|
/*
|
|
|
|
* No need to initialize these stats currently,
|
|
|
|
* because this function only use return value
|
|
|
|
* instead of these stats value.
|
|
|
|
*
|
|
|
|
* Todo:
|
|
|
|
* always use stats
|
|
|
|
*/
|
|
|
|
sblock->header_error = 0;
|
|
|
|
sblock->generation_error = 0;
|
|
|
|
sblock->checksum_error = 0;
|
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
WARN_ON(sblock->page_count < 1);
|
|
|
|
flags = sblock->pagev[0]->flags;
|
2012-03-28 02:21:27 +08:00
|
|
|
ret = 0;
|
|
|
|
if (flags & BTRFS_EXTENT_FLAG_DATA)
|
|
|
|
ret = scrub_checksum_data(sblock);
|
|
|
|
else if (flags & BTRFS_EXTENT_FLAG_TREE_BLOCK)
|
|
|
|
ret = scrub_checksum_tree_block(sblock);
|
|
|
|
else if (flags & BTRFS_EXTENT_FLAG_SUPER)
|
|
|
|
(void)scrub_checksum_super(sblock);
|
|
|
|
else
|
|
|
|
WARN_ON(1);
|
|
|
|
if (ret)
|
|
|
|
scrub_handle_errored_block(sblock);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
return ret;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_checksum_data(struct scrub_block *sblock)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx = sblock->sctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
u8 csum[BTRFS_CSUM_SIZE];
|
2012-03-28 02:21:27 +08:00
|
|
|
u8 *on_disk_csum;
|
|
|
|
struct page *page;
|
|
|
|
void *buffer;
|
2011-03-08 21:14:00 +08:00
|
|
|
u32 crc = ~(u32)0;
|
2012-03-28 02:21:27 +08:00
|
|
|
u64 len;
|
|
|
|
int index;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
BUG_ON(sblock->page_count < 1);
|
2012-11-02 21:58:04 +08:00
|
|
|
if (!sblock->pagev[0]->have_csum)
|
2011-03-08 21:14:00 +08:00
|
|
|
return 0;
|
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
on_disk_csum = sblock->pagev[0]->csum;
|
|
|
|
page = sblock->pagev[0]->page;
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
buffer = kmap_atomic(page);
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2017-05-17 01:10:41 +08:00
|
|
|
len = sctx->fs_info->sectorsize;
|
2012-03-28 02:21:27 +08:00
|
|
|
index = 0;
|
|
|
|
for (;;) {
|
|
|
|
u64 l = min_t(u64, len, PAGE_SIZE);
|
|
|
|
|
2013-03-14 22:57:45 +08:00
|
|
|
crc = btrfs_csum_data(buffer, crc, l);
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
kunmap_atomic(buffer);
|
2012-03-28 02:21:27 +08:00
|
|
|
len -= l;
|
|
|
|
if (len == 0)
|
|
|
|
break;
|
|
|
|
index++;
|
|
|
|
BUG_ON(index >= sblock->page_count);
|
2012-11-02 21:58:04 +08:00
|
|
|
BUG_ON(!sblock->pagev[index]->page);
|
|
|
|
page = sblock->pagev[index]->page;
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
buffer = kmap_atomic(page);
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
btrfs_csum_final(crc, csum);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (memcmp(csum, on_disk_csum, sctx->csum_size))
|
2015-08-24 21:18:02 +08:00
|
|
|
sblock->checksum_error = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-08-24 21:18:02 +08:00
|
|
|
return sblock->checksum_error;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_checksum_tree_block(struct scrub_block *sblock)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx = sblock->sctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
struct btrfs_header *h;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2012-03-28 02:21:27 +08:00
|
|
|
u8 calculated_csum[BTRFS_CSUM_SIZE];
|
|
|
|
u8 on_disk_csum[BTRFS_CSUM_SIZE];
|
|
|
|
struct page *page;
|
|
|
|
void *mapped_buffer;
|
|
|
|
u64 mapped_size;
|
|
|
|
void *p;
|
2011-03-08 21:14:00 +08:00
|
|
|
u32 crc = ~(u32)0;
|
2012-03-28 02:21:27 +08:00
|
|
|
u64 len;
|
|
|
|
int index;
|
|
|
|
|
|
|
|
BUG_ON(sblock->page_count < 1);
|
2012-11-02 21:58:04 +08:00
|
|
|
page = sblock->pagev[0]->page;
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
mapped_buffer = kmap_atomic(page);
|
2012-03-28 02:21:27 +08:00
|
|
|
h = (struct btrfs_header *)mapped_buffer;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
memcpy(on_disk_csum, h->csum, sctx->csum_size);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* we don't use the getter functions here, as we
|
|
|
|
* a) don't have an extent buffer and
|
|
|
|
* b) the page is already kmapped
|
|
|
|
*/
|
2013-07-16 11:19:18 +08:00
|
|
|
if (sblock->pagev[0]->logical != btrfs_stack_header_bytenr(h))
|
2015-08-24 21:18:02 +08:00
|
|
|
sblock->header_error = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-08-24 21:18:02 +08:00
|
|
|
if (sblock->pagev[0]->generation != btrfs_stack_header_generation(h)) {
|
|
|
|
sblock->header_error = 1;
|
|
|
|
sblock->generation_error = 1;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2014-07-24 11:37:08 +08:00
|
|
|
if (!scrub_check_fsid(h->fsid, sblock->pagev[0]))
|
2015-08-24 21:18:02 +08:00
|
|
|
sblock->header_error = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
if (memcmp(h->chunk_tree_uuid, fs_info->chunk_tree_uuid,
|
|
|
|
BTRFS_UUID_SIZE))
|
2015-08-24 21:18:02 +08:00
|
|
|
sblock->header_error = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2017-05-17 01:10:41 +08:00
|
|
|
len = sctx->fs_info->nodesize - BTRFS_CSUM_SIZE;
|
2012-03-28 02:21:27 +08:00
|
|
|
mapped_size = PAGE_SIZE - BTRFS_CSUM_SIZE;
|
|
|
|
p = ((u8 *)mapped_buffer) + BTRFS_CSUM_SIZE;
|
|
|
|
index = 0;
|
|
|
|
for (;;) {
|
|
|
|
u64 l = min_t(u64, len, mapped_size);
|
|
|
|
|
2013-03-14 22:57:45 +08:00
|
|
|
crc = btrfs_csum_data(p, crc, l);
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
kunmap_atomic(mapped_buffer);
|
2012-03-28 02:21:27 +08:00
|
|
|
len -= l;
|
|
|
|
if (len == 0)
|
|
|
|
break;
|
|
|
|
index++;
|
|
|
|
BUG_ON(index >= sblock->page_count);
|
2012-11-02 21:58:04 +08:00
|
|
|
BUG_ON(!sblock->pagev[index]->page);
|
|
|
|
page = sblock->pagev[index]->page;
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
mapped_buffer = kmap_atomic(page);
|
2012-03-28 02:21:27 +08:00
|
|
|
mapped_size = PAGE_SIZE;
|
|
|
|
p = mapped_buffer;
|
|
|
|
}
|
|
|
|
|
|
|
|
btrfs_csum_final(crc, calculated_csum);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (memcmp(calculated_csum, on_disk_csum, sctx->csum_size))
|
2015-08-24 21:18:02 +08:00
|
|
|
sblock->checksum_error = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-08-24 21:18:02 +08:00
|
|
|
return sblock->header_error || sblock->checksum_error;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static int scrub_checksum_super(struct scrub_block *sblock)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
struct btrfs_super_block *s;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx = sblock->sctx;
|
2012-03-28 02:21:27 +08:00
|
|
|
u8 calculated_csum[BTRFS_CSUM_SIZE];
|
|
|
|
u8 on_disk_csum[BTRFS_CSUM_SIZE];
|
|
|
|
struct page *page;
|
|
|
|
void *mapped_buffer;
|
|
|
|
u64 mapped_size;
|
|
|
|
void *p;
|
2011-03-08 21:14:00 +08:00
|
|
|
u32 crc = ~(u32)0;
|
2012-05-25 22:06:08 +08:00
|
|
|
int fail_gen = 0;
|
|
|
|
int fail_cor = 0;
|
2012-03-28 02:21:27 +08:00
|
|
|
u64 len;
|
|
|
|
int index;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
BUG_ON(sblock->page_count < 1);
|
2012-11-02 21:58:04 +08:00
|
|
|
page = sblock->pagev[0]->page;
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
mapped_buffer = kmap_atomic(page);
|
2012-03-28 02:21:27 +08:00
|
|
|
s = (struct btrfs_super_block *)mapped_buffer;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
memcpy(on_disk_csum, s->csum, sctx->csum_size);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2013-07-16 11:19:18 +08:00
|
|
|
if (sblock->pagev[0]->logical != btrfs_super_bytenr(s))
|
2012-05-25 22:06:08 +08:00
|
|
|
++fail_cor;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2013-07-16 11:19:18 +08:00
|
|
|
if (sblock->pagev[0]->generation != btrfs_super_generation(s))
|
2012-05-25 22:06:08 +08:00
|
|
|
++fail_gen;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2014-07-24 11:37:08 +08:00
|
|
|
if (!scrub_check_fsid(s->fsid, sblock->pagev[0]))
|
2012-05-25 22:06:08 +08:00
|
|
|
++fail_cor;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
len = BTRFS_SUPER_INFO_SIZE - BTRFS_CSUM_SIZE;
|
|
|
|
mapped_size = PAGE_SIZE - BTRFS_CSUM_SIZE;
|
|
|
|
p = ((u8 *)mapped_buffer) + BTRFS_CSUM_SIZE;
|
|
|
|
index = 0;
|
|
|
|
for (;;) {
|
|
|
|
u64 l = min_t(u64, len, mapped_size);
|
|
|
|
|
2013-03-14 22:57:45 +08:00
|
|
|
crc = btrfs_csum_data(p, crc, l);
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
kunmap_atomic(mapped_buffer);
|
2012-03-28 02:21:27 +08:00
|
|
|
len -= l;
|
|
|
|
if (len == 0)
|
|
|
|
break;
|
|
|
|
index++;
|
|
|
|
BUG_ON(index >= sblock->page_count);
|
2012-11-02 21:58:04 +08:00
|
|
|
BUG_ON(!sblock->pagev[index]->page);
|
|
|
|
page = sblock->pagev[index]->page;
|
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes and features from Chris Mason:
"We've merged in the error handling patches from SuSE. These are
already shipping in the sles kernel, and they give btrfs the ability
to abort transactions and go readonly on errors. It involves a lot of
churn as they clarify BUG_ONs, and remove the ones we now properly
deal with.
Josef reworked the way our metadata interacts with the page cache.
page->private now points to the btrfs extent_buffer object, which
makes everything faster. He changed it so we write an whole extent
buffer at a time instead of allowing individual pages to go down,,
which will be important for the raid5/6 code (for the 3.5 merge
window ;)
Josef also made us more aggressive about dropping pages for metadata
blocks that were freed due to COW. Overall, our metadata caching is
much faster now.
We've integrated my patch for metadata bigger than the page size.
This allows metadata blocks up to 64KB in size. In practice 16K and
32K seem to work best. For workloads with lots of metadata, this cuts
down the size of the extent allocation tree dramatically and fragments
much less.
Scrub was updated to support the larger block sizes, which ended up
being a fairly large change (thanks Stefan Behrens).
We also have an assortment of fixes and updates, especially to the
balancing code (Ilya Dryomov), the back ref walker (Jan Schmidt) and
the defragging code (Liu Bo)."
Fixed up trivial conflicts in fs/btrfs/scrub.c that were just due to
removal of the second argument to k[un]map_atomic() in commit
7ac687d9e047.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (75 commits)
Btrfs: update the checks for mixed block groups with big metadata blocks
Btrfs: update to the right index of defragment
Btrfs: do not bother to defrag an extent if it is a big real extent
Btrfs: add a check to decide if we should defrag the range
Btrfs: fix recursive defragment with autodefrag option
Btrfs: fix the mismatch of page->mapping
Btrfs: fix race between direct io and autodefrag
Btrfs: fix deadlock during allocating chunks
Btrfs: show useful info in space reservation tracepoint
Btrfs: don't use crc items bigger than 4KB
Btrfs: flush out and clean up any block device pages during mount
btrfs: disallow unequal data/metadata blocksize for mixed block groups
Btrfs: enhance superblock sanity checks
Btrfs: change scrub to support big blocks
Btrfs: minor cleanup in scrub
Btrfs: introduce common define for max number of mirrors
Btrfs: fix infinite loop in btrfs_shrink_device()
Btrfs: fix memory leak in resolver code
Btrfs: allow dup for data chunks in mixed mode
Btrfs: validate target profiles only if we are going to use them
...
2012-03-31 03:44:29 +08:00
|
|
|
mapped_buffer = kmap_atomic(page);
|
2012-03-28 02:21:27 +08:00
|
|
|
mapped_size = PAGE_SIZE;
|
|
|
|
p = mapped_buffer;
|
|
|
|
}
|
|
|
|
|
|
|
|
btrfs_csum_final(crc, calculated_csum);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (memcmp(calculated_csum, on_disk_csum, sctx->csum_size))
|
2012-05-25 22:06:08 +08:00
|
|
|
++fail_cor;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-05-25 22:06:08 +08:00
|
|
|
if (fail_cor + fail_gen) {
|
2011-03-08 21:14:00 +08:00
|
|
|
/*
|
|
|
|
* if we find an error in a super block, we just report it.
|
|
|
|
* They will get written with the next transaction commit
|
|
|
|
* anyway
|
|
|
|
*/
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
++sctx->stat.super_errors;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-05-25 22:06:08 +08:00
|
|
|
if (fail_cor)
|
2012-11-02 21:58:04 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(sblock->pagev[0]->dev,
|
2012-05-25 22:06:08 +08:00
|
|
|
BTRFS_DEV_STAT_CORRUPTION_ERRS);
|
|
|
|
else
|
2012-11-02 21:58:04 +08:00
|
|
|
btrfs_dev_stat_inc_and_print(sblock->pagev[0]->dev,
|
2012-05-25 22:06:08 +08:00
|
|
|
BTRFS_DEV_STAT_GENERATION_ERRS);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-05-25 22:06:08 +08:00
|
|
|
return fail_cor + fail_gen;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static void scrub_block_get(struct scrub_block *sblock)
|
|
|
|
{
|
2017-03-03 16:55:23 +08:00
|
|
|
refcount_inc(&sblock->refs);
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_block_put(struct scrub_block *sblock)
|
|
|
|
{
|
2017-03-03 16:55:23 +08:00
|
|
|
if (refcount_dec_and_test(&sblock->refs)) {
|
2012-03-28 02:21:27 +08:00
|
|
|
int i;
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (sblock->sparity)
|
|
|
|
scrub_parity_put(sblock->sparity);
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
for (i = 0; i < sblock->page_count; i++)
|
2012-11-02 21:58:04 +08:00
|
|
|
scrub_page_put(sblock->pagev[i]);
|
2012-03-28 02:21:27 +08:00
|
|
|
kfree(sblock);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
static void scrub_page_get(struct scrub_page *spage)
|
|
|
|
{
|
2015-01-20 15:11:45 +08:00
|
|
|
atomic_inc(&spage->refs);
|
2012-11-02 21:58:04 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_page_put(struct scrub_page *spage)
|
|
|
|
{
|
2015-01-20 15:11:45 +08:00
|
|
|
if (atomic_dec_and_test(&spage->refs)) {
|
2012-11-02 21:58:04 +08:00
|
|
|
if (spage->page)
|
|
|
|
__free_page(spage->page);
|
|
|
|
kfree(spage);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static void scrub_submit(struct scrub_ctx *sctx)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
struct scrub_bio *sbio;
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (sctx->curr == -1)
|
2012-03-28 02:21:26 +08:00
|
|
|
return;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sbio = sctx->bios[sctx->curr];
|
|
|
|
sctx->curr = -1;
|
2012-11-02 23:44:58 +08:00
|
|
|
scrub_pending_bio_inc(sctx);
|
2016-06-06 03:31:41 +08:00
|
|
|
btrfsic_submit_bio(sbio->bio);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
static int scrub_add_page_to_rd_bio(struct scrub_ctx *sctx,
|
|
|
|
struct scrub_page *spage)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
2012-03-28 02:21:27 +08:00
|
|
|
struct scrub_block *sblock = spage->sblock;
|
2011-03-08 21:14:00 +08:00
|
|
|
struct scrub_bio *sbio;
|
2011-11-11 21:17:10 +08:00
|
|
|
int ret;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
again:
|
|
|
|
/*
|
|
|
|
* grab a fresh bio or wait for one to become available
|
|
|
|
*/
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
while (sctx->curr == -1) {
|
|
|
|
spin_lock(&sctx->list_lock);
|
|
|
|
sctx->curr = sctx->first_free;
|
|
|
|
if (sctx->curr != -1) {
|
|
|
|
sctx->first_free = sctx->bios[sctx->curr]->next_free;
|
|
|
|
sctx->bios[sctx->curr]->next_free = -1;
|
|
|
|
sctx->bios[sctx->curr]->page_count = 0;
|
|
|
|
spin_unlock(&sctx->list_lock);
|
2011-03-08 21:14:00 +08:00
|
|
|
} else {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_unlock(&sctx->list_lock);
|
|
|
|
wait_event(sctx->list_wait, sctx->first_free != -1);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
}
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sbio = sctx->bios[sctx->curr];
|
2012-03-28 02:21:27 +08:00
|
|
|
if (sbio->page_count == 0) {
|
2011-11-11 21:17:10 +08:00
|
|
|
struct bio *bio;
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
sbio->physical = spage->physical;
|
|
|
|
sbio->logical = spage->logical;
|
2012-11-02 20:26:57 +08:00
|
|
|
sbio->dev = spage->dev;
|
2012-03-28 02:21:27 +08:00
|
|
|
bio = sbio->bio;
|
|
|
|
if (!bio) {
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(sctx->pages_per_rd_bio);
|
2012-03-28 02:21:27 +08:00
|
|
|
sbio->bio = bio;
|
|
|
|
}
|
2011-11-11 21:17:10 +08:00
|
|
|
|
|
|
|
bio->bi_private = sbio;
|
|
|
|
bio->bi_end_io = scrub_bio_end_io;
|
2017-08-24 01:10:32 +08:00
|
|
|
bio_set_dev(bio, sbio->dev->bdev);
|
2013-10-12 06:44:27 +08:00
|
|
|
bio->bi_iter.bi_sector = sbio->physical >> 9;
|
2016-06-06 03:31:52 +08:00
|
|
|
bio_set_op_attrs(bio, REQ_OP_READ, 0);
|
2017-06-03 15:38:06 +08:00
|
|
|
sbio->status = 0;
|
2012-03-28 02:21:27 +08:00
|
|
|
} else if (sbio->physical + sbio->page_count * PAGE_SIZE !=
|
|
|
|
spage->physical ||
|
|
|
|
sbio->logical + sbio->page_count * PAGE_SIZE !=
|
2012-11-02 20:26:57 +08:00
|
|
|
spage->logical ||
|
|
|
|
sbio->dev != spage->dev) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_submit(sctx);
|
2011-03-08 21:14:00 +08:00
|
|
|
goto again;
|
|
|
|
}
|
2011-11-11 21:17:10 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
sbio->pagev[sbio->page_count] = spage;
|
|
|
|
ret = bio_add_page(sbio->bio, spage->page, PAGE_SIZE, 0);
|
|
|
|
if (ret != PAGE_SIZE) {
|
|
|
|
if (sbio->page_count < 1) {
|
|
|
|
bio_put(sbio->bio);
|
|
|
|
sbio->bio = NULL;
|
|
|
|
return -EIO;
|
|
|
|
}
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_submit(sctx);
|
2011-11-11 21:17:10 +08:00
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_block_get(sblock); /* one for the page added to the bio */
|
2012-03-28 02:21:27 +08:00
|
|
|
atomic_inc(&sblock->outstanding_pages);
|
|
|
|
sbio->page_count++;
|
2012-11-06 18:43:11 +08:00
|
|
|
if (sbio->page_count == sctx->pages_per_rd_bio)
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_submit(sctx);
|
2012-03-28 02:21:27 +08:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2015-09-06 06:14:43 +08:00
|
|
|
static void scrub_missing_raid56_end_io(struct bio *bio)
|
2015-06-20 02:52:51 +08:00
|
|
|
{
|
|
|
|
struct scrub_block *sblock = bio->bi_private;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sblock->sctx->fs_info;
|
2015-06-20 02:52:51 +08:00
|
|
|
|
2017-06-03 15:38:06 +08:00
|
|
|
if (bio->bi_status)
|
2015-06-20 02:52:51 +08:00
|
|
|
sblock->no_io_error_seen = 0;
|
|
|
|
|
2016-05-09 21:14:28 +08:00
|
|
|
bio_put(bio);
|
|
|
|
|
2015-06-20 02:52:51 +08:00
|
|
|
btrfs_queue_work(fs_info->scrub_workers, &sblock->work);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_missing_raid56_worker(struct btrfs_work *work)
|
|
|
|
{
|
|
|
|
struct scrub_block *sblock = container_of(work, struct scrub_block, work);
|
|
|
|
struct scrub_ctx *sctx = sblock->sctx;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2015-06-20 02:52:51 +08:00
|
|
|
u64 logical;
|
|
|
|
struct btrfs_device *dev;
|
|
|
|
|
|
|
|
logical = sblock->pagev[0]->logical;
|
|
|
|
dev = sblock->pagev[0]->dev;
|
|
|
|
|
2015-08-24 21:32:06 +08:00
|
|
|
if (sblock->no_io_error_seen)
|
2015-08-24 21:18:02 +08:00
|
|
|
scrub_recheck_block_checksum(sblock);
|
2015-06-20 02:52:51 +08:00
|
|
|
|
|
|
|
if (!sblock->no_io_error_seen) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.read_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2016-06-23 06:54:23 +08:00
|
|
|
btrfs_err_rl_in_rcu(fs_info,
|
2015-10-08 16:43:10 +08:00
|
|
|
"IO error rebuilding logical %llu for dev %s",
|
2015-06-20 02:52:51 +08:00
|
|
|
logical, rcu_str_deref(dev->name));
|
|
|
|
} else if (sblock->header_error || sblock->checksum_error) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2016-06-23 06:54:23 +08:00
|
|
|
btrfs_err_rl_in_rcu(fs_info,
|
2015-10-08 16:43:10 +08:00
|
|
|
"failed to rebuild valid logical %llu for dev %s",
|
2015-06-20 02:52:51 +08:00
|
|
|
logical, rcu_str_deref(dev->name));
|
|
|
|
} else {
|
|
|
|
scrub_write_block_to_dev_replace(sblock);
|
|
|
|
}
|
|
|
|
|
|
|
|
scrub_block_put(sblock);
|
|
|
|
|
2017-03-31 23:12:51 +08:00
|
|
|
if (sctx->is_dev_replace && sctx->flush_all_writes) {
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
2015-06-20 02:52:51 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2015-06-20 02:52:51 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
scrub_pending_bio_dec(sctx);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_missing_raid56_pages(struct scrub_block *sblock)
|
|
|
|
{
|
|
|
|
struct scrub_ctx *sctx = sblock->sctx;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2015-06-20 02:52:51 +08:00
|
|
|
u64 length = sblock->page_count * PAGE_SIZE;
|
|
|
|
u64 logical = sblock->pagev[0]->logical;
|
2016-05-17 17:37:38 +08:00
|
|
|
struct btrfs_bio *bbio = NULL;
|
2015-06-20 02:52:51 +08:00
|
|
|
struct bio *bio;
|
|
|
|
struct btrfs_raid_bio *rbio;
|
|
|
|
int ret;
|
|
|
|
int i;
|
|
|
|
|
btrfs: Wait for in-flight bios before freeing target device for raid56
When raid56 dev-replace is cancelled by running scrub, we will free
target device without waiting for in-flight bios, causing the following
NULL pointer deference or general protection failure.
BUG: unable to handle kernel NULL pointer dereference at 00000000000005e0
IP: generic_make_request_checks+0x4d/0x610
CPU: 1 PID: 11676 Comm: kworker/u4:14 Tainted: G O 4.11.0-rc2 #72
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.10.2-20170228_101828-anatol 04/01/2014
Workqueue: btrfs-endio-raid56 btrfs_endio_raid56_helper [btrfs]
task: ffff88002875b4c0 task.stack: ffffc90001334000
RIP: 0010:generic_make_request_checks+0x4d/0x610
Call Trace:
? generic_make_request+0xc7/0x360
generic_make_request+0x24/0x360
? generic_make_request+0xc7/0x360
submit_bio+0x64/0x120
? page_in_rbio+0x4d/0x80 [btrfs]
? rbio_orig_end_io+0x80/0x80 [btrfs]
finish_rmw+0x3f4/0x540 [btrfs]
validate_rbio_for_rmw+0x36/0x40 [btrfs]
raid_rmw_end_io+0x7a/0x90 [btrfs]
bio_endio+0x56/0x60
end_workqueue_fn+0x3c/0x40 [btrfs]
btrfs_scrubparity_helper+0xef/0x620 [btrfs]
btrfs_endio_raid56_helper+0xe/0x10 [btrfs]
process_one_work+0x2af/0x720
? process_one_work+0x22b/0x720
worker_thread+0x4b/0x4f0
kthread+0x10f/0x150
? process_one_work+0x720/0x720
? kthread_create_on_node+0x40/0x40
ret_from_fork+0x2e/0x40
RIP: generic_make_request_checks+0x4d/0x610 RSP: ffffc90001337bb8
In btrfs_dev_replace_finishing(), we will call
btrfs_rm_dev_replace_blocked() to wait bios before destroying the target
device when scrub is finished normally.
However when dev-replace is aborted, either due to error or cancelled by
scrub, we didn't wait for bios, this can lead to use-after-free if there
are bios holding the target device.
Furthermore, for raid56 scrub, at least 2 places are calling
btrfs_map_sblock() without protection of bio_counter, leading to the
problem.
This patch fixes the problem:
1) Wait for bio_counter before freeing target device when canceling
replace
2) When calling btrfs_map_sblock() for raid56, use bio_counter to
protect the call.
Cc: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-03-29 09:33:21 +08:00
|
|
|
btrfs_bio_counter_inc_blocked(fs_info);
|
2016-10-27 15:27:36 +08:00
|
|
|
ret = btrfs_map_sblock(fs_info, BTRFS_MAP_GET_READ_MIRRORS, logical,
|
2017-03-28 20:45:22 +08:00
|
|
|
&length, &bbio);
|
2015-06-20 02:52:51 +08:00
|
|
|
if (ret || !bbio || !bbio->raid_map)
|
|
|
|
goto bbio_out;
|
|
|
|
|
|
|
|
if (WARN_ON(!sctx->is_dev_replace ||
|
|
|
|
!(bbio->map_type & BTRFS_BLOCK_GROUP_RAID56_MASK))) {
|
|
|
|
/*
|
|
|
|
* We shouldn't be scrubbing a missing device. Even for dev
|
|
|
|
* replace, we should only get here for RAID 5/6. We either
|
|
|
|
* managed to mount something with no mirrors remaining or
|
|
|
|
* there's a bug in scrub_remap_extent()/btrfs_map_block().
|
|
|
|
*/
|
|
|
|
goto bbio_out;
|
|
|
|
}
|
|
|
|
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(0);
|
2015-06-20 02:52:51 +08:00
|
|
|
bio->bi_iter.bi_sector = logical >> 9;
|
|
|
|
bio->bi_private = sblock;
|
|
|
|
bio->bi_end_io = scrub_missing_raid56_end_io;
|
|
|
|
|
2016-06-23 06:54:24 +08:00
|
|
|
rbio = raid56_alloc_missing_rbio(fs_info, bio, bbio, length);
|
2015-06-20 02:52:51 +08:00
|
|
|
if (!rbio)
|
|
|
|
goto rbio_out;
|
|
|
|
|
|
|
|
for (i = 0; i < sblock->page_count; i++) {
|
|
|
|
struct scrub_page *spage = sblock->pagev[i];
|
|
|
|
|
|
|
|
raid56_add_scrub_pages(rbio, spage->page, spage->logical);
|
|
|
|
}
|
|
|
|
|
|
|
|
btrfs_init_work(&sblock->work, btrfs_scrub_helper,
|
|
|
|
scrub_missing_raid56_worker, NULL, NULL);
|
|
|
|
scrub_block_get(sblock);
|
|
|
|
scrub_pending_bio_inc(sctx);
|
|
|
|
raid56_submit_missing_rbio(rbio);
|
|
|
|
return;
|
|
|
|
|
|
|
|
rbio_out:
|
|
|
|
bio_put(bio);
|
|
|
|
bbio_out:
|
btrfs: Wait for in-flight bios before freeing target device for raid56
When raid56 dev-replace is cancelled by running scrub, we will free
target device without waiting for in-flight bios, causing the following
NULL pointer deference or general protection failure.
BUG: unable to handle kernel NULL pointer dereference at 00000000000005e0
IP: generic_make_request_checks+0x4d/0x610
CPU: 1 PID: 11676 Comm: kworker/u4:14 Tainted: G O 4.11.0-rc2 #72
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.10.2-20170228_101828-anatol 04/01/2014
Workqueue: btrfs-endio-raid56 btrfs_endio_raid56_helper [btrfs]
task: ffff88002875b4c0 task.stack: ffffc90001334000
RIP: 0010:generic_make_request_checks+0x4d/0x610
Call Trace:
? generic_make_request+0xc7/0x360
generic_make_request+0x24/0x360
? generic_make_request+0xc7/0x360
submit_bio+0x64/0x120
? page_in_rbio+0x4d/0x80 [btrfs]
? rbio_orig_end_io+0x80/0x80 [btrfs]
finish_rmw+0x3f4/0x540 [btrfs]
validate_rbio_for_rmw+0x36/0x40 [btrfs]
raid_rmw_end_io+0x7a/0x90 [btrfs]
bio_endio+0x56/0x60
end_workqueue_fn+0x3c/0x40 [btrfs]
btrfs_scrubparity_helper+0xef/0x620 [btrfs]
btrfs_endio_raid56_helper+0xe/0x10 [btrfs]
process_one_work+0x2af/0x720
? process_one_work+0x22b/0x720
worker_thread+0x4b/0x4f0
kthread+0x10f/0x150
? process_one_work+0x720/0x720
? kthread_create_on_node+0x40/0x40
ret_from_fork+0x2e/0x40
RIP: generic_make_request_checks+0x4d/0x610 RSP: ffffc90001337bb8
In btrfs_dev_replace_finishing(), we will call
btrfs_rm_dev_replace_blocked() to wait bios before destroying the target
device when scrub is finished normally.
However when dev-replace is aborted, either due to error or cancelled by
scrub, we didn't wait for bios, this can lead to use-after-free if there
are bios holding the target device.
Furthermore, for raid56 scrub, at least 2 places are calling
btrfs_map_sblock() without protection of bio_counter, leading to the
problem.
This patch fixes the problem:
1) Wait for bio_counter before freeing target device when canceling
replace
2) When calling btrfs_map_sblock() for raid56, use bio_counter to
protect the call.
Cc: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-03-29 09:33:21 +08:00
|
|
|
btrfs_bio_counter_dec(fs_info);
|
2015-06-20 02:52:51 +08:00
|
|
|
btrfs_put_bbio(bbio);
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
}
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static int scrub_pages(struct scrub_ctx *sctx, u64 logical, u64 len,
|
2012-11-02 20:26:57 +08:00
|
|
|
u64 physical, struct btrfs_device *dev, u64 flags,
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 gen, int mirror_num, u8 *csum, int force,
|
|
|
|
u64 physical_for_dev_replace)
|
2012-03-28 02:21:27 +08:00
|
|
|
{
|
|
|
|
struct scrub_block *sblock;
|
|
|
|
int index;
|
|
|
|
|
2016-02-11 17:49:42 +08:00
|
|
|
sblock = kzalloc(sizeof(*sblock), GFP_KERNEL);
|
2012-03-28 02:21:27 +08:00
|
|
|
if (!sblock) {
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-03-28 02:21:27 +08:00
|
|
|
return -ENOMEM;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
/* one ref inside this function, plus one for each page added to
|
|
|
|
* a bio later on */
|
2017-03-03 16:55:23 +08:00
|
|
|
refcount_set(&sblock->refs, 1);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sblock->sctx = sctx;
|
2012-03-28 02:21:27 +08:00
|
|
|
sblock->no_io_error_seen = 1;
|
|
|
|
|
|
|
|
for (index = 0; len > 0; index++) {
|
2012-11-02 21:58:04 +08:00
|
|
|
struct scrub_page *spage;
|
2012-03-28 02:21:27 +08:00
|
|
|
u64 l = min_t(u64, len, PAGE_SIZE);
|
|
|
|
|
2016-02-11 17:49:42 +08:00
|
|
|
spage = kzalloc(sizeof(*spage), GFP_KERNEL);
|
2012-11-02 21:58:04 +08:00
|
|
|
if (!spage) {
|
|
|
|
leave_nomem:
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-11-02 21:58:04 +08:00
|
|
|
scrub_block_put(sblock);
|
2012-03-28 02:21:27 +08:00
|
|
|
return -ENOMEM;
|
|
|
|
}
|
2012-11-02 21:58:04 +08:00
|
|
|
BUG_ON(index >= SCRUB_MAX_PAGES_PER_BLOCK);
|
|
|
|
scrub_page_get(spage);
|
|
|
|
sblock->pagev[index] = spage;
|
2012-03-28 02:21:27 +08:00
|
|
|
spage->sblock = sblock;
|
2012-11-02 20:26:57 +08:00
|
|
|
spage->dev = dev;
|
2012-03-28 02:21:27 +08:00
|
|
|
spage->flags = flags;
|
|
|
|
spage->generation = gen;
|
|
|
|
spage->logical = logical;
|
|
|
|
spage->physical = physical;
|
2012-11-06 18:43:11 +08:00
|
|
|
spage->physical_for_dev_replace = physical_for_dev_replace;
|
2012-03-28 02:21:27 +08:00
|
|
|
spage->mirror_num = mirror_num;
|
|
|
|
if (csum) {
|
|
|
|
spage->have_csum = 1;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
memcpy(spage->csum, csum, sctx->csum_size);
|
2012-03-28 02:21:27 +08:00
|
|
|
} else {
|
|
|
|
spage->have_csum = 0;
|
|
|
|
}
|
|
|
|
sblock->page_count++;
|
2016-02-11 17:49:42 +08:00
|
|
|
spage->page = alloc_page(GFP_KERNEL);
|
2012-11-02 21:58:04 +08:00
|
|
|
if (!spage->page)
|
|
|
|
goto leave_nomem;
|
2012-03-28 02:21:27 +08:00
|
|
|
len -= l;
|
|
|
|
logical += l;
|
|
|
|
physical += l;
|
2012-11-06 18:43:11 +08:00
|
|
|
physical_for_dev_replace += l;
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
|
2012-11-02 21:58:04 +08:00
|
|
|
WARN_ON(sblock->page_count == 0);
|
2017-12-04 12:54:54 +08:00
|
|
|
if (test_bit(BTRFS_DEV_STATE_MISSING, &dev->dev_state)) {
|
2015-06-20 02:52:51 +08:00
|
|
|
/*
|
|
|
|
* This case should only be hit for RAID 5/6 device replace. See
|
|
|
|
* the comment in scrub_missing_raid56_pages() for details.
|
|
|
|
*/
|
|
|
|
scrub_missing_raid56_pages(sblock);
|
|
|
|
} else {
|
|
|
|
for (index = 0; index < sblock->page_count; index++) {
|
|
|
|
struct scrub_page *spage = sblock->pagev[index];
|
|
|
|
int ret;
|
2011-05-29 03:57:55 +08:00
|
|
|
|
2015-06-20 02:52:51 +08:00
|
|
|
ret = scrub_add_page_to_rd_bio(sctx, spage);
|
|
|
|
if (ret) {
|
|
|
|
scrub_block_put(sblock);
|
|
|
|
return ret;
|
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-06-20 02:52:51 +08:00
|
|
|
if (force)
|
|
|
|
scrub_submit(sctx);
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/* last one frees, either here or in bio completion for last page */
|
|
|
|
scrub_block_put(sblock);
|
2011-03-08 21:14:00 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2015-07-20 21:29:37 +08:00
|
|
|
static void scrub_bio_end_io(struct bio *bio)
|
2012-03-28 02:21:27 +08:00
|
|
|
{
|
|
|
|
struct scrub_bio *sbio = bio->bi_private;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sbio->dev->fs_info;
|
2012-03-28 02:21:27 +08:00
|
|
|
|
2017-06-03 15:38:06 +08:00
|
|
|
sbio->status = bio->bi_status;
|
2012-03-28 02:21:27 +08:00
|
|
|
sbio->bio = bio;
|
|
|
|
|
2014-02-28 10:46:17 +08:00
|
|
|
btrfs_queue_work(fs_info->scrub_workers, &sbio->work);
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_bio_end_io_worker(struct btrfs_work *work)
|
|
|
|
{
|
|
|
|
struct scrub_bio *sbio = container_of(work, struct scrub_bio, work);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx = sbio->sctx;
|
2012-03-28 02:21:27 +08:00
|
|
|
int i;
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
BUG_ON(sbio->page_count > SCRUB_PAGES_PER_RD_BIO);
|
2017-06-03 15:38:06 +08:00
|
|
|
if (sbio->status) {
|
2012-03-28 02:21:27 +08:00
|
|
|
for (i = 0; i < sbio->page_count; i++) {
|
|
|
|
struct scrub_page *spage = sbio->pagev[i];
|
|
|
|
|
|
|
|
spage->io_error = 1;
|
|
|
|
spage->sblock->no_io_error_seen = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* now complete the scrub_block items that have all pages completed */
|
|
|
|
for (i = 0; i < sbio->page_count; i++) {
|
|
|
|
struct scrub_page *spage = sbio->pagev[i];
|
|
|
|
struct scrub_block *sblock = spage->sblock;
|
|
|
|
|
|
|
|
if (atomic_dec_and_test(&sblock->outstanding_pages))
|
|
|
|
scrub_block_complete(sblock);
|
|
|
|
scrub_block_put(sblock);
|
|
|
|
}
|
|
|
|
|
|
|
|
bio_put(sbio->bio);
|
|
|
|
sbio->bio = NULL;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->list_lock);
|
|
|
|
sbio->next_free = sctx->first_free;
|
|
|
|
sctx->first_free = sbio->index;
|
|
|
|
spin_unlock(&sctx->list_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
2017-03-31 23:12:51 +08:00
|
|
|
if (sctx->is_dev_replace && sctx->flush_all_writes) {
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
scrub_pending_bio_dec(sctx);
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
static inline void __scrub_mark_bitmap(struct scrub_parity *sparity,
|
|
|
|
unsigned long *bitmap,
|
|
|
|
u64 start, u64 len)
|
|
|
|
{
|
2017-04-04 04:45:33 +08:00
|
|
|
u64 offset;
|
2017-04-01 00:02:48 +08:00
|
|
|
u64 nsectors64;
|
|
|
|
u32 nsectors;
|
2016-06-15 21:22:56 +08:00
|
|
|
int sectorsize = sparity->sctx->fs_info->sectorsize;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
if (len >= sparity->stripe_len) {
|
|
|
|
bitmap_set(bitmap, 0, sparity->nsectors);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
start -= sparity->logic_start;
|
2017-04-04 04:45:33 +08:00
|
|
|
start = div64_u64_rem(start, sparity->stripe_len, &offset);
|
|
|
|
offset = div_u64(offset, sectorsize);
|
2017-04-01 00:02:48 +08:00
|
|
|
nsectors64 = div_u64(len, sectorsize);
|
|
|
|
|
|
|
|
ASSERT(nsectors64 < UINT_MAX);
|
|
|
|
nsectors = (u32)nsectors64;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
if (offset + nsectors <= sparity->nsectors) {
|
|
|
|
bitmap_set(bitmap, offset, nsectors);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
bitmap_set(bitmap, offset, sparity->nsectors - offset);
|
|
|
|
bitmap_set(bitmap, 0, nsectors - (sparity->nsectors - offset));
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void scrub_parity_mark_sectors_error(struct scrub_parity *sparity,
|
|
|
|
u64 start, u64 len)
|
|
|
|
{
|
|
|
|
__scrub_mark_bitmap(sparity, sparity->ebitmap, start, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void scrub_parity_mark_sectors_data(struct scrub_parity *sparity,
|
|
|
|
u64 start, u64 len)
|
|
|
|
{
|
|
|
|
__scrub_mark_bitmap(sparity, sparity->dbitmap, start, len);
|
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
static void scrub_block_complete(struct scrub_block *sblock)
|
|
|
|
{
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
int corrupted = 0;
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
if (!sblock->no_io_error_seen) {
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
corrupted = 1;
|
2012-03-28 02:21:27 +08:00
|
|
|
scrub_handle_errored_block(sblock);
|
2012-11-06 18:43:11 +08:00
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* if has checksum error, write via repair mechanism in
|
|
|
|
* dev replace case, otherwise write here in dev replace
|
|
|
|
* case.
|
|
|
|
*/
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
corrupted = scrub_checksum(sblock);
|
|
|
|
if (!corrupted && sblock->sctx->is_dev_replace)
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_write_block_to_dev_replace(sblock);
|
|
|
|
}
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
if (sblock->sparity && corrupted && !sblock->data_corrected) {
|
|
|
|
u64 start = sblock->pagev[0]->logical;
|
|
|
|
u64 end = sblock->pagev[sblock->page_count - 1]->logical +
|
|
|
|
PAGE_SIZE;
|
|
|
|
|
|
|
|
scrub_parity_mark_sectors_error(sblock->sparity,
|
|
|
|
start, end - start);
|
|
|
|
}
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
|
|
|
|
2015-08-24 22:03:02 +08:00
|
|
|
static int scrub_find_csum(struct scrub_ctx *sctx, u64 logical, u8 *csum)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
struct btrfs_ordered_sum *sum = NULL;
|
Btrfs: remove btrfs_sector_sum structure
Using the structure btrfs_sector_sum to keep the checksum value is
unnecessary, because the extents that btrfs_sector_sum points to are
continuous, we can find out the expected checksums by btrfs_ordered_sum's
bytenr and the offset, so we can remove btrfs_sector_sum's bytenr. After
removing bytenr, there is only one member in the structure, so it makes
no sense to keep the structure, just remove it, and use a u32 array to
store the checksum value.
By this change, we don't use the while loop to get the checksums one by
one. Now, we can get several checksum value at one time, it improved the
performance by ~74% on my SSD (31MB/s -> 54MB/s).
test command:
# dd if=/dev/zero of=/mnt/btrfs/file0 bs=1M count=1024 oflag=sync
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-06-19 10:36:09 +08:00
|
|
|
unsigned long index;
|
2011-03-08 21:14:00 +08:00
|
|
|
unsigned long num_sectors;
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
while (!list_empty(&sctx->csum_list)) {
|
|
|
|
sum = list_first_entry(&sctx->csum_list,
|
2011-03-08 21:14:00 +08:00
|
|
|
struct btrfs_ordered_sum, list);
|
|
|
|
if (sum->bytenr > logical)
|
|
|
|
return 0;
|
|
|
|
if (sum->bytenr + sum->len > logical)
|
|
|
|
break;
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
++sctx->stat.csum_discards;
|
2011-03-08 21:14:00 +08:00
|
|
|
list_del(&sum->list);
|
|
|
|
kfree(sum);
|
|
|
|
sum = NULL;
|
|
|
|
}
|
|
|
|
if (!sum)
|
|
|
|
return 0;
|
|
|
|
|
2017-04-01 00:02:48 +08:00
|
|
|
index = div_u64(logical - sum->bytenr, sctx->fs_info->sectorsize);
|
|
|
|
ASSERT(index < UINT_MAX);
|
|
|
|
|
2017-05-17 01:10:41 +08:00
|
|
|
num_sectors = sum->len / sctx->fs_info->sectorsize;
|
Btrfs: remove btrfs_sector_sum structure
Using the structure btrfs_sector_sum to keep the checksum value is
unnecessary, because the extents that btrfs_sector_sum points to are
continuous, we can find out the expected checksums by btrfs_ordered_sum's
bytenr and the offset, so we can remove btrfs_sector_sum's bytenr. After
removing bytenr, there is only one member in the structure, so it makes
no sense to keep the structure, just remove it, and use a u32 array to
store the checksum value.
By this change, we don't use the while loop to get the checksums one by
one. Now, we can get several checksum value at one time, it improved the
performance by ~74% on my SSD (31MB/s -> 54MB/s).
test command:
# dd if=/dev/zero of=/mnt/btrfs/file0 bs=1M count=1024 oflag=sync
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-06-19 10:36:09 +08:00
|
|
|
memcpy(csum, sum->sums + index, sctx->csum_size);
|
|
|
|
if (index == num_sectors - 1) {
|
2011-03-08 21:14:00 +08:00
|
|
|
list_del(&sum->list);
|
|
|
|
kfree(sum);
|
|
|
|
}
|
Btrfs: remove btrfs_sector_sum structure
Using the structure btrfs_sector_sum to keep the checksum value is
unnecessary, because the extents that btrfs_sector_sum points to are
continuous, we can find out the expected checksums by btrfs_ordered_sum's
bytenr and the offset, so we can remove btrfs_sector_sum's bytenr. After
removing bytenr, there is only one member in the structure, so it makes
no sense to keep the structure, just remove it, and use a u32 array to
store the checksum value.
By this change, we don't use the while loop to get the checksums one by
one. Now, we can get several checksum value at one time, it improved the
performance by ~74% on my SSD (31MB/s -> 54MB/s).
test command:
# dd if=/dev/zero of=/mnt/btrfs/file0 bs=1M count=1024 oflag=sync
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-06-19 10:36:09 +08:00
|
|
|
return 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* scrub extent tries to collect up to 64 kB for each bio */
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static int scrub_extent(struct scrub_ctx *sctx, u64 logical, u64 len,
|
2012-11-02 20:26:57 +08:00
|
|
|
u64 physical, struct btrfs_device *dev, u64 flags,
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 gen, int mirror_num, u64 physical_for_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
u8 csum[BTRFS_CSUM_SIZE];
|
2012-03-28 02:21:27 +08:00
|
|
|
u32 blocksize;
|
|
|
|
|
|
|
|
if (flags & BTRFS_EXTENT_FLAG_DATA) {
|
2017-05-17 01:10:41 +08:00
|
|
|
blocksize = sctx->fs_info->sectorsize;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.data_extents_scrubbed++;
|
|
|
|
sctx->stat.data_bytes_scrubbed += len;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-03-28 02:21:27 +08:00
|
|
|
} else if (flags & BTRFS_EXTENT_FLAG_TREE_BLOCK) {
|
2017-05-17 01:10:41 +08:00
|
|
|
blocksize = sctx->fs_info->nodesize;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.tree_extents_scrubbed++;
|
|
|
|
sctx->stat.tree_bytes_scrubbed += len;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2012-03-28 02:21:27 +08:00
|
|
|
} else {
|
2017-05-17 01:10:41 +08:00
|
|
|
blocksize = sctx->fs_info->sectorsize;
|
2012-11-06 18:43:11 +08:00
|
|
|
WARN_ON(1);
|
2012-03-28 02:21:27 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
while (len) {
|
2012-03-28 02:21:27 +08:00
|
|
|
u64 l = min_t(u64, len, blocksize);
|
2011-03-08 21:14:00 +08:00
|
|
|
int have_csum = 0;
|
|
|
|
|
|
|
|
if (flags & BTRFS_EXTENT_FLAG_DATA) {
|
|
|
|
/* push csums to sbio */
|
2015-08-24 22:03:02 +08:00
|
|
|
have_csum = scrub_find_csum(sctx, logical, csum);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (have_csum == 0)
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
++sctx->stat.no_csum;
|
2012-11-06 18:43:11 +08:00
|
|
|
if (sctx->is_dev_replace && !have_csum) {
|
|
|
|
ret = copy_nocow_pages(sctx, logical, l,
|
|
|
|
mirror_num,
|
|
|
|
physical_for_dev_replace);
|
|
|
|
goto behind_scrub_pages;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
2012-11-02 20:26:57 +08:00
|
|
|
ret = scrub_pages(sctx, logical, l, physical, dev, flags, gen,
|
2012-11-06 18:43:11 +08:00
|
|
|
mirror_num, have_csum ? csum : NULL, 0,
|
|
|
|
physical_for_dev_replace);
|
|
|
|
behind_scrub_pages:
|
2011-03-08 21:14:00 +08:00
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
len -= l;
|
|
|
|
logical += l;
|
|
|
|
physical += l;
|
2012-11-06 18:43:11 +08:00
|
|
|
physical_for_dev_replace += l;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
static int scrub_pages_for_parity(struct scrub_parity *sparity,
|
|
|
|
u64 logical, u64 len,
|
|
|
|
u64 physical, struct btrfs_device *dev,
|
|
|
|
u64 flags, u64 gen, int mirror_num, u8 *csum)
|
|
|
|
{
|
|
|
|
struct scrub_ctx *sctx = sparity->sctx;
|
|
|
|
struct scrub_block *sblock;
|
|
|
|
int index;
|
|
|
|
|
2016-02-11 17:49:42 +08:00
|
|
|
sblock = kzalloc(sizeof(*sblock), GFP_KERNEL);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (!sblock) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* one ref inside this function, plus one for each page added to
|
|
|
|
* a bio later on */
|
2017-03-03 16:55:23 +08:00
|
|
|
refcount_set(&sblock->refs, 1);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
sblock->sctx = sctx;
|
|
|
|
sblock->no_io_error_seen = 1;
|
|
|
|
sblock->sparity = sparity;
|
|
|
|
scrub_parity_get(sparity);
|
|
|
|
|
|
|
|
for (index = 0; len > 0; index++) {
|
|
|
|
struct scrub_page *spage;
|
|
|
|
u64 l = min_t(u64, len, PAGE_SIZE);
|
|
|
|
|
2016-02-11 17:49:42 +08:00
|
|
|
spage = kzalloc(sizeof(*spage), GFP_KERNEL);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (!spage) {
|
|
|
|
leave_nomem:
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
scrub_block_put(sblock);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
BUG_ON(index >= SCRUB_MAX_PAGES_PER_BLOCK);
|
|
|
|
/* For scrub block */
|
|
|
|
scrub_page_get(spage);
|
|
|
|
sblock->pagev[index] = spage;
|
|
|
|
/* For scrub parity */
|
|
|
|
scrub_page_get(spage);
|
|
|
|
list_add_tail(&spage->list, &sparity->spages);
|
|
|
|
spage->sblock = sblock;
|
|
|
|
spage->dev = dev;
|
|
|
|
spage->flags = flags;
|
|
|
|
spage->generation = gen;
|
|
|
|
spage->logical = logical;
|
|
|
|
spage->physical = physical;
|
|
|
|
spage->mirror_num = mirror_num;
|
|
|
|
if (csum) {
|
|
|
|
spage->have_csum = 1;
|
|
|
|
memcpy(spage->csum, csum, sctx->csum_size);
|
|
|
|
} else {
|
|
|
|
spage->have_csum = 0;
|
|
|
|
}
|
|
|
|
sblock->page_count++;
|
2016-02-11 17:49:42 +08:00
|
|
|
spage->page = alloc_page(GFP_KERNEL);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (!spage->page)
|
|
|
|
goto leave_nomem;
|
|
|
|
len -= l;
|
|
|
|
logical += l;
|
|
|
|
physical += l;
|
|
|
|
}
|
|
|
|
|
|
|
|
WARN_ON(sblock->page_count == 0);
|
|
|
|
for (index = 0; index < sblock->page_count; index++) {
|
|
|
|
struct scrub_page *spage = sblock->pagev[index];
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = scrub_add_page_to_rd_bio(sctx, spage);
|
|
|
|
if (ret) {
|
|
|
|
scrub_block_put(sblock);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* last one frees, either here or in bio completion for last page */
|
|
|
|
scrub_block_put(sblock);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int scrub_extent_for_parity(struct scrub_parity *sparity,
|
|
|
|
u64 logical, u64 len,
|
|
|
|
u64 physical, struct btrfs_device *dev,
|
|
|
|
u64 flags, u64 gen, int mirror_num)
|
|
|
|
{
|
|
|
|
struct scrub_ctx *sctx = sparity->sctx;
|
|
|
|
int ret;
|
|
|
|
u8 csum[BTRFS_CSUM_SIZE];
|
|
|
|
u32 blocksize;
|
|
|
|
|
2017-12-04 12:54:54 +08:00
|
|
|
if (test_bit(BTRFS_DEV_STATE_MISSING, &dev->dev_state)) {
|
2015-06-20 02:52:52 +08:00
|
|
|
scrub_parity_mark_sectors_error(sparity, logical, len);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (flags & BTRFS_EXTENT_FLAG_DATA) {
|
2017-05-17 01:10:41 +08:00
|
|
|
blocksize = sctx->fs_info->sectorsize;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
} else if (flags & BTRFS_EXTENT_FLAG_TREE_BLOCK) {
|
2017-05-17 01:10:41 +08:00
|
|
|
blocksize = sctx->fs_info->nodesize;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
} else {
|
2017-05-17 01:10:41 +08:00
|
|
|
blocksize = sctx->fs_info->sectorsize;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
WARN_ON(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
while (len) {
|
|
|
|
u64 l = min_t(u64, len, blocksize);
|
|
|
|
int have_csum = 0;
|
|
|
|
|
|
|
|
if (flags & BTRFS_EXTENT_FLAG_DATA) {
|
|
|
|
/* push csums to sbio */
|
2015-08-24 22:03:02 +08:00
|
|
|
have_csum = scrub_find_csum(sctx, logical, csum);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (have_csum == 0)
|
|
|
|
goto skip;
|
|
|
|
}
|
|
|
|
ret = scrub_pages_for_parity(sparity, logical, l, physical, dev,
|
|
|
|
flags, gen, mirror_num,
|
|
|
|
have_csum ? csum : NULL);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
2014-12-13 03:30:00 +08:00
|
|
|
skip:
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
len -= l;
|
|
|
|
logical += l;
|
|
|
|
physical += l;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2014-04-01 18:01:43 +08:00
|
|
|
/*
|
|
|
|
* Given a physical address, this will calculate it's
|
|
|
|
* logical offset. if this is a parity stripe, it will return
|
|
|
|
* the most left data stripe's logical offset.
|
|
|
|
*
|
|
|
|
* return 0 if it is a data stripe, 1 means parity stripe.
|
|
|
|
*/
|
|
|
|
static int get_raid56_logic_offset(u64 physical, int num,
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct map_lookup *map, u64 *offset,
|
|
|
|
u64 *stripe_start)
|
2014-04-01 18:01:43 +08:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
int j = 0;
|
|
|
|
u64 stripe_nr;
|
|
|
|
u64 last_offset;
|
2015-02-21 01:42:11 +08:00
|
|
|
u32 stripe_index;
|
|
|
|
u32 rot;
|
2014-04-01 18:01:43 +08:00
|
|
|
|
|
|
|
last_offset = (physical - map->stripes[num].physical) *
|
|
|
|
nr_data_stripes(map);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (stripe_start)
|
|
|
|
*stripe_start = last_offset;
|
|
|
|
|
2014-04-01 18:01:43 +08:00
|
|
|
*offset = last_offset;
|
|
|
|
for (i = 0; i < nr_data_stripes(map); i++) {
|
|
|
|
*offset = last_offset + i * map->stripe_len;
|
|
|
|
|
2017-04-04 04:45:24 +08:00
|
|
|
stripe_nr = div64_u64(*offset, map->stripe_len);
|
2015-01-17 00:26:13 +08:00
|
|
|
stripe_nr = div_u64(stripe_nr, nr_data_stripes(map));
|
2014-04-01 18:01:43 +08:00
|
|
|
|
|
|
|
/* Work out the disk rotation on this stripe-set */
|
2015-02-21 01:43:47 +08:00
|
|
|
stripe_nr = div_u64_rem(stripe_nr, map->num_stripes, &rot);
|
2014-04-01 18:01:43 +08:00
|
|
|
/* calculate which stripe this data locates */
|
|
|
|
rot += i;
|
2014-04-11 18:32:25 +08:00
|
|
|
stripe_index = rot % map->num_stripes;
|
2014-04-01 18:01:43 +08:00
|
|
|
if (stripe_index == num)
|
|
|
|
return 0;
|
|
|
|
if (stripe_index < num)
|
|
|
|
j++;
|
|
|
|
}
|
|
|
|
*offset = last_offset + j * map->stripe_len;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
static void scrub_free_parity(struct scrub_parity *sparity)
|
|
|
|
{
|
|
|
|
struct scrub_ctx *sctx = sparity->sctx;
|
|
|
|
struct scrub_page *curr, *next;
|
|
|
|
int nbits;
|
|
|
|
|
|
|
|
nbits = bitmap_weight(sparity->ebitmap, sparity->nsectors);
|
|
|
|
if (nbits) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.read_errors += nbits;
|
|
|
|
sctx->stat.uncorrectable_errors += nbits;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
list_for_each_entry_safe(curr, next, &sparity->spages, list) {
|
|
|
|
list_del_init(&curr->list);
|
|
|
|
scrub_page_put(curr);
|
|
|
|
}
|
|
|
|
|
|
|
|
kfree(sparity);
|
|
|
|
}
|
|
|
|
|
2015-06-04 20:09:15 +08:00
|
|
|
static void scrub_parity_bio_endio_worker(struct btrfs_work *work)
|
|
|
|
{
|
|
|
|
struct scrub_parity *sparity = container_of(work, struct scrub_parity,
|
|
|
|
work);
|
|
|
|
struct scrub_ctx *sctx = sparity->sctx;
|
|
|
|
|
|
|
|
scrub_free_parity(sparity);
|
|
|
|
scrub_pending_bio_dec(sctx);
|
|
|
|
}
|
|
|
|
|
2015-07-20 21:29:37 +08:00
|
|
|
static void scrub_parity_bio_endio(struct bio *bio)
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
{
|
|
|
|
struct scrub_parity *sparity = (struct scrub_parity *)bio->bi_private;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sparity->sctx->fs_info;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
2017-06-03 15:38:06 +08:00
|
|
|
if (bio->bi_status)
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
bitmap_or(sparity->ebitmap, sparity->ebitmap, sparity->dbitmap,
|
|
|
|
sparity->nsectors);
|
|
|
|
|
|
|
|
bio_put(bio);
|
2015-06-04 20:09:15 +08:00
|
|
|
|
|
|
|
btrfs_init_work(&sparity->work, btrfs_scrubparity_helper,
|
|
|
|
scrub_parity_bio_endio_worker, NULL, NULL);
|
2016-06-23 06:54:23 +08:00
|
|
|
btrfs_queue_work(fs_info->scrub_parity_workers, &sparity->work);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_parity_check_and_repair(struct scrub_parity *sparity)
|
|
|
|
{
|
|
|
|
struct scrub_ctx *sctx = sparity->sctx;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct bio *bio;
|
|
|
|
struct btrfs_raid_bio *rbio;
|
|
|
|
struct btrfs_bio *bbio = NULL;
|
|
|
|
u64 length;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
if (!bitmap_andnot(sparity->dbitmap, sparity->dbitmap, sparity->ebitmap,
|
|
|
|
sparity->nsectors))
|
|
|
|
goto out;
|
|
|
|
|
btrfs: Fix calculate typo caused by ambiguous meaning of logic_end
For example, in scrub_raid56_parity(), following lines are used
to judge is all data processed:
place1: if (key.objectid > logic_end) ...
place2: if (logic_start >= logic_end) ...
...
(place2 is typo, is should be ">", it is copied from other
place, where logic_end's meaning is different, long story...)
We can fix above typo directly, but the root reason is ambiguous
meaning of logic_end in scrub raid56 parity.
In other place, XXX_end is pointed to data which is not included,
and we need to process segment of [XXX_start, XXX_end).
But for scrub raid56 parity, logic_end is pointed to lattest data
need to process, and introduced many "+ 1" and "- 1" in code as
below:
length = sparity->logic_end - sparity->logic_start + 1
logic_end - logic_start + 1
stripe_logical + increment - 1
This patch changed logic_end's meaning to make it in normal understanding
in raid56 parity functions and data struct alone with above bugfix.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-21 15:42:26 +08:00
|
|
|
length = sparity->logic_end - sparity->logic_start;
|
btrfs: Wait for in-flight bios before freeing target device for raid56
When raid56 dev-replace is cancelled by running scrub, we will free
target device without waiting for in-flight bios, causing the following
NULL pointer deference or general protection failure.
BUG: unable to handle kernel NULL pointer dereference at 00000000000005e0
IP: generic_make_request_checks+0x4d/0x610
CPU: 1 PID: 11676 Comm: kworker/u4:14 Tainted: G O 4.11.0-rc2 #72
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.10.2-20170228_101828-anatol 04/01/2014
Workqueue: btrfs-endio-raid56 btrfs_endio_raid56_helper [btrfs]
task: ffff88002875b4c0 task.stack: ffffc90001334000
RIP: 0010:generic_make_request_checks+0x4d/0x610
Call Trace:
? generic_make_request+0xc7/0x360
generic_make_request+0x24/0x360
? generic_make_request+0xc7/0x360
submit_bio+0x64/0x120
? page_in_rbio+0x4d/0x80 [btrfs]
? rbio_orig_end_io+0x80/0x80 [btrfs]
finish_rmw+0x3f4/0x540 [btrfs]
validate_rbio_for_rmw+0x36/0x40 [btrfs]
raid_rmw_end_io+0x7a/0x90 [btrfs]
bio_endio+0x56/0x60
end_workqueue_fn+0x3c/0x40 [btrfs]
btrfs_scrubparity_helper+0xef/0x620 [btrfs]
btrfs_endio_raid56_helper+0xe/0x10 [btrfs]
process_one_work+0x2af/0x720
? process_one_work+0x22b/0x720
worker_thread+0x4b/0x4f0
kthread+0x10f/0x150
? process_one_work+0x720/0x720
? kthread_create_on_node+0x40/0x40
ret_from_fork+0x2e/0x40
RIP: generic_make_request_checks+0x4d/0x610 RSP: ffffc90001337bb8
In btrfs_dev_replace_finishing(), we will call
btrfs_rm_dev_replace_blocked() to wait bios before destroying the target
device when scrub is finished normally.
However when dev-replace is aborted, either due to error or cancelled by
scrub, we didn't wait for bios, this can lead to use-after-free if there
are bios holding the target device.
Furthermore, for raid56 scrub, at least 2 places are calling
btrfs_map_sblock() without protection of bio_counter, leading to the
problem.
This patch fixes the problem:
1) Wait for bio_counter before freeing target device when canceling
replace
2) When calling btrfs_map_sblock() for raid56, use bio_counter to
protect the call.
Cc: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-03-29 09:33:21 +08:00
|
|
|
|
|
|
|
btrfs_bio_counter_inc_blocked(fs_info);
|
2016-06-23 06:54:23 +08:00
|
|
|
ret = btrfs_map_sblock(fs_info, BTRFS_MAP_WRITE, sparity->logic_start,
|
2017-03-28 20:45:22 +08:00
|
|
|
&length, &bbio);
|
2015-01-20 15:11:33 +08:00
|
|
|
if (ret || !bbio || !bbio->raid_map)
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
goto bbio_out;
|
|
|
|
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(0);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
bio->bi_iter.bi_sector = sparity->logic_start >> 9;
|
|
|
|
bio->bi_private = sparity;
|
|
|
|
bio->bi_end_io = scrub_parity_bio_endio;
|
|
|
|
|
2016-06-23 06:54:24 +08:00
|
|
|
rbio = raid56_parity_alloc_scrub_rbio(fs_info, bio, bbio,
|
2015-01-20 15:11:33 +08:00
|
|
|
length, sparity->scrub_dev,
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
sparity->dbitmap,
|
|
|
|
sparity->nsectors);
|
|
|
|
if (!rbio)
|
|
|
|
goto rbio_out;
|
|
|
|
|
|
|
|
scrub_pending_bio_inc(sctx);
|
|
|
|
raid56_parity_submit_scrub_rbio(rbio);
|
|
|
|
return;
|
|
|
|
|
|
|
|
rbio_out:
|
|
|
|
bio_put(bio);
|
|
|
|
bbio_out:
|
btrfs: Wait for in-flight bios before freeing target device for raid56
When raid56 dev-replace is cancelled by running scrub, we will free
target device without waiting for in-flight bios, causing the following
NULL pointer deference or general protection failure.
BUG: unable to handle kernel NULL pointer dereference at 00000000000005e0
IP: generic_make_request_checks+0x4d/0x610
CPU: 1 PID: 11676 Comm: kworker/u4:14 Tainted: G O 4.11.0-rc2 #72
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.10.2-20170228_101828-anatol 04/01/2014
Workqueue: btrfs-endio-raid56 btrfs_endio_raid56_helper [btrfs]
task: ffff88002875b4c0 task.stack: ffffc90001334000
RIP: 0010:generic_make_request_checks+0x4d/0x610
Call Trace:
? generic_make_request+0xc7/0x360
generic_make_request+0x24/0x360
? generic_make_request+0xc7/0x360
submit_bio+0x64/0x120
? page_in_rbio+0x4d/0x80 [btrfs]
? rbio_orig_end_io+0x80/0x80 [btrfs]
finish_rmw+0x3f4/0x540 [btrfs]
validate_rbio_for_rmw+0x36/0x40 [btrfs]
raid_rmw_end_io+0x7a/0x90 [btrfs]
bio_endio+0x56/0x60
end_workqueue_fn+0x3c/0x40 [btrfs]
btrfs_scrubparity_helper+0xef/0x620 [btrfs]
btrfs_endio_raid56_helper+0xe/0x10 [btrfs]
process_one_work+0x2af/0x720
? process_one_work+0x22b/0x720
worker_thread+0x4b/0x4f0
kthread+0x10f/0x150
? process_one_work+0x720/0x720
? kthread_create_on_node+0x40/0x40
ret_from_fork+0x2e/0x40
RIP: generic_make_request_checks+0x4d/0x610 RSP: ffffc90001337bb8
In btrfs_dev_replace_finishing(), we will call
btrfs_rm_dev_replace_blocked() to wait bios before destroying the target
device when scrub is finished normally.
However when dev-replace is aborted, either due to error or cancelled by
scrub, we didn't wait for bios, this can lead to use-after-free if there
are bios holding the target device.
Furthermore, for raid56 scrub, at least 2 places are calling
btrfs_map_sblock() without protection of bio_counter, leading to the
problem.
This patch fixes the problem:
1) Wait for bio_counter before freeing target device when canceling
replace
2) When calling btrfs_map_sblock() for raid56, use bio_counter to
protect the call.
Cc: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Reviewed-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2017-03-29 09:33:21 +08:00
|
|
|
btrfs_bio_counter_dec(fs_info);
|
2015-01-20 15:11:34 +08:00
|
|
|
btrfs_put_bbio(bbio);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
bitmap_or(sparity->ebitmap, sparity->ebitmap, sparity->dbitmap,
|
|
|
|
sparity->nsectors);
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
out:
|
|
|
|
scrub_free_parity(sparity);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int scrub_calc_parity_bitmap_len(int nsectors)
|
|
|
|
{
|
2014-12-08 19:55:57 +08:00
|
|
|
return DIV_ROUND_UP(nsectors, BITS_PER_LONG) * sizeof(long);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_parity_get(struct scrub_parity *sparity)
|
|
|
|
{
|
2017-03-03 16:55:24 +08:00
|
|
|
refcount_inc(&sparity->refs);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void scrub_parity_put(struct scrub_parity *sparity)
|
|
|
|
{
|
2017-03-03 16:55:24 +08:00
|
|
|
if (!refcount_dec_and_test(&sparity->refs))
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
return;
|
|
|
|
|
|
|
|
scrub_parity_check_and_repair(sparity);
|
|
|
|
}
|
|
|
|
|
|
|
|
static noinline_for_stack int scrub_raid56_parity(struct scrub_ctx *sctx,
|
|
|
|
struct map_lookup *map,
|
|
|
|
struct btrfs_device *sdev,
|
|
|
|
struct btrfs_path *path,
|
|
|
|
u64 logic_start,
|
|
|
|
u64 logic_end)
|
|
|
|
{
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct btrfs_root *root = fs_info->extent_root;
|
|
|
|
struct btrfs_root *csum_root = fs_info->csum_root;
|
|
|
|
struct btrfs_extent_item *extent;
|
2015-06-20 02:52:52 +08:00
|
|
|
struct btrfs_bio *bbio = NULL;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
u64 flags;
|
|
|
|
int ret;
|
|
|
|
int slot;
|
|
|
|
struct extent_buffer *l;
|
|
|
|
struct btrfs_key key;
|
|
|
|
u64 generation;
|
|
|
|
u64 extent_logical;
|
|
|
|
u64 extent_physical;
|
|
|
|
u64 extent_len;
|
2015-06-20 02:52:52 +08:00
|
|
|
u64 mapped_length;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct btrfs_device *extent_dev;
|
|
|
|
struct scrub_parity *sparity;
|
|
|
|
int nsectors;
|
|
|
|
int bitmap_len;
|
|
|
|
int extent_mirror_num;
|
|
|
|
int stop_loop = 0;
|
|
|
|
|
2016-06-23 06:54:23 +08:00
|
|
|
nsectors = div_u64(map->stripe_len, fs_info->sectorsize);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
bitmap_len = scrub_calc_parity_bitmap_len(nsectors);
|
|
|
|
sparity = kzalloc(sizeof(struct scrub_parity) + 2 * bitmap_len,
|
|
|
|
GFP_NOFS);
|
|
|
|
if (!sparity) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
|
|
|
sparity->stripe_len = map->stripe_len;
|
|
|
|
sparity->nsectors = nsectors;
|
|
|
|
sparity->sctx = sctx;
|
|
|
|
sparity->scrub_dev = sdev;
|
|
|
|
sparity->logic_start = logic_start;
|
|
|
|
sparity->logic_end = logic_end;
|
2017-03-03 16:55:24 +08:00
|
|
|
refcount_set(&sparity->refs, 1);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
INIT_LIST_HEAD(&sparity->spages);
|
|
|
|
sparity->dbitmap = sparity->bitmap;
|
|
|
|
sparity->ebitmap = (void *)sparity->bitmap + bitmap_len;
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
while (logic_start < logic_end) {
|
|
|
|
if (btrfs_fs_incompat(fs_info, SKINNY_METADATA))
|
|
|
|
key.type = BTRFS_METADATA_ITEM_KEY;
|
|
|
|
else
|
|
|
|
key.type = BTRFS_EXTENT_ITEM_KEY;
|
|
|
|
key.objectid = logic_start;
|
|
|
|
key.offset = (u64)-1;
|
|
|
|
|
|
|
|
ret = btrfs_search_slot(NULL, root, &key, path, 0, 0);
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (ret > 0) {
|
|
|
|
ret = btrfs_previous_extent_item(root, path, 0);
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
if (ret > 0) {
|
|
|
|
btrfs_release_path(path);
|
|
|
|
ret = btrfs_search_slot(NULL, root, &key,
|
|
|
|
path, 0, 0);
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
stop_loop = 0;
|
|
|
|
while (1) {
|
|
|
|
u64 bytes;
|
|
|
|
|
|
|
|
l = path->nodes[0];
|
|
|
|
slot = path->slots[0];
|
|
|
|
if (slot >= btrfs_header_nritems(l)) {
|
|
|
|
ret = btrfs_next_leaf(root, path);
|
|
|
|
if (ret == 0)
|
|
|
|
continue;
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
stop_loop = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
btrfs_item_key_to_cpu(l, &key, slot);
|
|
|
|
|
2015-07-22 13:14:48 +08:00
|
|
|
if (key.type != BTRFS_EXTENT_ITEM_KEY &&
|
|
|
|
key.type != BTRFS_METADATA_ITEM_KEY)
|
|
|
|
goto next;
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (key.type == BTRFS_METADATA_ITEM_KEY)
|
2016-06-23 06:54:23 +08:00
|
|
|
bytes = fs_info->nodesize;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
else
|
|
|
|
bytes = key.offset;
|
|
|
|
|
|
|
|
if (key.objectid + bytes <= logic_start)
|
|
|
|
goto next;
|
|
|
|
|
btrfs: Fix calculate typo caused by ambiguous meaning of logic_end
For example, in scrub_raid56_parity(), following lines are used
to judge is all data processed:
place1: if (key.objectid > logic_end) ...
place2: if (logic_start >= logic_end) ...
...
(place2 is typo, is should be ">", it is copied from other
place, where logic_end's meaning is different, long story...)
We can fix above typo directly, but the root reason is ambiguous
meaning of logic_end in scrub raid56 parity.
In other place, XXX_end is pointed to data which is not included,
and we need to process segment of [XXX_start, XXX_end).
But for scrub raid56 parity, logic_end is pointed to lattest data
need to process, and introduced many "+ 1" and "- 1" in code as
below:
length = sparity->logic_end - sparity->logic_start + 1
logic_end - logic_start + 1
stripe_logical + increment - 1
This patch changed logic_end's meaning to make it in normal understanding
in raid56 parity functions and data struct alone with above bugfix.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-21 15:42:26 +08:00
|
|
|
if (key.objectid >= logic_end) {
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
stop_loop = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
while (key.objectid >= logic_start + map->stripe_len)
|
|
|
|
logic_start += map->stripe_len;
|
|
|
|
|
|
|
|
extent = btrfs_item_ptr(l, slot,
|
|
|
|
struct btrfs_extent_item);
|
|
|
|
flags = btrfs_extent_flags(l, extent);
|
|
|
|
generation = btrfs_extent_generation(l, extent);
|
|
|
|
|
btrfs: Fix scrub panic when leaf crosses stripes
Scrub panic in following operation:
mkfs.ext4 /dev/vdh
btrfs-convert /dev/vdh
mount /dev/vdh /mnt/tmp1
btrfs scrub start -B /dev/vdh
(panic)
Reason:
1: In some case, leaf created by btrfs-convert was splited into 2
strips.
2: Scrub bypassed part of above wrong leaf data, but remain data
caused panic in scrub_checksum_tree_block().
For reason 1:
we can get following information after some simple operation.
a. mkfs.ext4 /dev/vdh
btrfs-convert /dev/vdh
b. btrfs-debug-tree /dev/vdh
we can see following item in extent tree:
item 25 key (27054080 METADATA_ITEM 0) itemoff 15083 itemsize 33
Its logical address is [27054080, 27070464)
and acrossed 2 strips:
[27000832, 27066368)
[27066368, 27131904)
Will be fixed in btrfs-progs(btrfs-convert, btrfsck, ...)
For reason 2:
Scrub is trying to do a "bypass" in this case, but the result is
"panic", because current code lacks of some condition in bypass,
and let some wrong leaf data escaped.
This patch fixed above scrub code.
Before patch:
# btrfs scrub start -B /dev/vdh
(panic)
After patch:
# btrfs scrub start -B /dev/vdh
scrub done for 353cec8f-da31-4a94-aa35-be72d997b06e
...
# dmesg
...
[ 59.088697] BTRFS error (device vdh): scrub: tree block 27054080 spanning stripes, ignored. logical=27000832
[ 59.089929] BTRFS error (device vdh): scrub: tree block 27054080 spanning stripes, ignored. logical=27066368
#
Reported-by: Chris Murphy <lists@colorremedies.com>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-23 12:29:49 +08:00
|
|
|
if ((flags & BTRFS_EXTENT_FLAG_TREE_BLOCK) &&
|
|
|
|
(key.objectid < logic_start ||
|
|
|
|
key.objectid + bytes >
|
|
|
|
logic_start + map->stripe_len)) {
|
2016-09-20 22:05:00 +08:00
|
|
|
btrfs_err(fs_info,
|
|
|
|
"scrub: tree block %llu spanning stripes, ignored. logical=%llu",
|
btrfs: Fix scrub panic when leaf crosses stripes
Scrub panic in following operation:
mkfs.ext4 /dev/vdh
btrfs-convert /dev/vdh
mount /dev/vdh /mnt/tmp1
btrfs scrub start -B /dev/vdh
(panic)
Reason:
1: In some case, leaf created by btrfs-convert was splited into 2
strips.
2: Scrub bypassed part of above wrong leaf data, but remain data
caused panic in scrub_checksum_tree_block().
For reason 1:
we can get following information after some simple operation.
a. mkfs.ext4 /dev/vdh
btrfs-convert /dev/vdh
b. btrfs-debug-tree /dev/vdh
we can see following item in extent tree:
item 25 key (27054080 METADATA_ITEM 0) itemoff 15083 itemsize 33
Its logical address is [27054080, 27070464)
and acrossed 2 strips:
[27000832, 27066368)
[27066368, 27131904)
Will be fixed in btrfs-progs(btrfs-convert, btrfsck, ...)
For reason 2:
Scrub is trying to do a "bypass" in this case, but the result is
"panic", because current code lacks of some condition in bypass,
and let some wrong leaf data escaped.
This patch fixed above scrub code.
Before patch:
# btrfs scrub start -B /dev/vdh
(panic)
After patch:
# btrfs scrub start -B /dev/vdh
scrub done for 353cec8f-da31-4a94-aa35-be72d997b06e
...
# dmesg
...
[ 59.088697] BTRFS error (device vdh): scrub: tree block 27054080 spanning stripes, ignored. logical=27000832
[ 59.089929] BTRFS error (device vdh): scrub: tree block 27054080 spanning stripes, ignored. logical=27066368
#
Reported-by: Chris Murphy <lists@colorremedies.com>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-23 12:29:49 +08:00
|
|
|
key.objectid, logic_start);
|
2015-08-25 21:31:40 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
goto next;
|
|
|
|
}
|
|
|
|
again:
|
|
|
|
extent_logical = key.objectid;
|
|
|
|
extent_len = bytes;
|
|
|
|
|
|
|
|
if (extent_logical < logic_start) {
|
|
|
|
extent_len -= logic_start - extent_logical;
|
|
|
|
extent_logical = logic_start;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (extent_logical + extent_len >
|
|
|
|
logic_start + map->stripe_len)
|
|
|
|
extent_len = logic_start + map->stripe_len -
|
|
|
|
extent_logical;
|
|
|
|
|
|
|
|
scrub_parity_mark_sectors_data(sparity, extent_logical,
|
|
|
|
extent_len);
|
|
|
|
|
2015-06-20 02:52:52 +08:00
|
|
|
mapped_length = extent_len;
|
2016-05-17 17:37:38 +08:00
|
|
|
bbio = NULL;
|
2016-10-27 15:27:36 +08:00
|
|
|
ret = btrfs_map_block(fs_info, BTRFS_MAP_READ,
|
|
|
|
extent_logical, &mapped_length, &bbio,
|
|
|
|
0);
|
2015-06-20 02:52:52 +08:00
|
|
|
if (!ret) {
|
|
|
|
if (!bbio || mapped_length < extent_len)
|
|
|
|
ret = -EIO;
|
|
|
|
}
|
|
|
|
if (ret) {
|
|
|
|
btrfs_put_bbio(bbio);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
extent_physical = bbio->stripes[0].physical;
|
|
|
|
extent_mirror_num = bbio->mirror_num;
|
|
|
|
extent_dev = bbio->stripes[0].dev;
|
|
|
|
btrfs_put_bbio(bbio);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
ret = btrfs_lookup_csums_range(csum_root,
|
|
|
|
extent_logical,
|
|
|
|
extent_logical + extent_len - 1,
|
|
|
|
&sctx->csum_list, 1);
|
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
ret = scrub_extent_for_parity(sparity, extent_logical,
|
|
|
|
extent_len,
|
|
|
|
extent_physical,
|
|
|
|
extent_dev, flags,
|
|
|
|
generation,
|
|
|
|
extent_mirror_num);
|
2015-07-21 12:22:30 +08:00
|
|
|
|
|
|
|
scrub_free_csums(sctx);
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (extent_logical + extent_len <
|
|
|
|
key.objectid + bytes) {
|
|
|
|
logic_start += map->stripe_len;
|
|
|
|
|
|
|
|
if (logic_start >= logic_end) {
|
|
|
|
stop_loop = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (logic_start < key.objectid + bytes) {
|
|
|
|
cond_resched();
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
next:
|
|
|
|
path->slots[0]++;
|
|
|
|
}
|
|
|
|
|
|
|
|
btrfs_release_path(path);
|
|
|
|
|
|
|
|
if (stop_loop)
|
|
|
|
break;
|
|
|
|
|
|
|
|
logic_start += map->stripe_len;
|
|
|
|
}
|
|
|
|
out:
|
|
|
|
if (ret < 0)
|
|
|
|
scrub_parity_mark_sectors_error(sparity, logic_start,
|
btrfs: Fix calculate typo caused by ambiguous meaning of logic_end
For example, in scrub_raid56_parity(), following lines are used
to judge is all data processed:
place1: if (key.objectid > logic_end) ...
place2: if (logic_start >= logic_end) ...
...
(place2 is typo, is should be ">", it is copied from other
place, where logic_end's meaning is different, long story...)
We can fix above typo directly, but the root reason is ambiguous
meaning of logic_end in scrub raid56 parity.
In other place, XXX_end is pointed to data which is not included,
and we need to process segment of [XXX_start, XXX_end).
But for scrub raid56 parity, logic_end is pointed to lattest data
need to process, and introduced many "+ 1" and "- 1" in code as
below:
length = sparity->logic_end - sparity->logic_start + 1
logic_end - logic_start + 1
stripe_logical + increment - 1
This patch changed logic_end's meaning to make it in normal understanding
in raid56 parity functions and data struct alone with above bugfix.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-21 15:42:26 +08:00
|
|
|
logic_end - logic_start);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
scrub_parity_put(sparity);
|
|
|
|
scrub_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
|
|
|
|
btrfs_release_path(path);
|
|
|
|
return ret < 0 ? ret : 0;
|
|
|
|
}
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static noinline_for_stack int scrub_stripe(struct scrub_ctx *sctx,
|
2012-11-02 20:26:57 +08:00
|
|
|
struct map_lookup *map,
|
|
|
|
struct btrfs_device *scrub_dev,
|
2012-11-06 18:43:11 +08:00
|
|
|
int num, u64 base, u64 length,
|
|
|
|
int is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
struct btrfs_path *path, *ppath;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2011-03-08 21:14:00 +08:00
|
|
|
struct btrfs_root *root = fs_info->extent_root;
|
|
|
|
struct btrfs_root *csum_root = fs_info->csum_root;
|
|
|
|
struct btrfs_extent_item *extent;
|
2011-05-29 04:58:38 +08:00
|
|
|
struct blk_plug plug;
|
2011-03-08 21:14:00 +08:00
|
|
|
u64 flags;
|
|
|
|
int ret;
|
|
|
|
int slot;
|
|
|
|
u64 nstripes;
|
|
|
|
struct extent_buffer *l;
|
|
|
|
u64 physical;
|
|
|
|
u64 logical;
|
2013-04-27 10:56:57 +08:00
|
|
|
u64 logic_end;
|
2014-04-01 18:01:43 +08:00
|
|
|
u64 physical_end;
|
2011-03-08 21:14:00 +08:00
|
|
|
u64 generation;
|
2011-06-17 21:55:21 +08:00
|
|
|
int mirror_num;
|
2011-06-10 18:39:23 +08:00
|
|
|
struct reada_control *reada1;
|
|
|
|
struct reada_control *reada2;
|
2016-03-25 01:00:53 +08:00
|
|
|
struct btrfs_key key;
|
2011-06-10 18:39:23 +08:00
|
|
|
struct btrfs_key key_end;
|
2011-03-08 21:14:00 +08:00
|
|
|
u64 increment = map->stripe_len;
|
|
|
|
u64 offset;
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 extent_logical;
|
|
|
|
u64 extent_physical;
|
|
|
|
u64 extent_len;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
u64 stripe_logical;
|
|
|
|
u64 stripe_end;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_device *extent_dev;
|
|
|
|
int extent_mirror_num;
|
2014-04-01 18:01:43 +08:00
|
|
|
int stop_loop = 0;
|
2013-01-30 07:40:14 +08:00
|
|
|
|
2014-04-01 18:01:43 +08:00
|
|
|
physical = map->stripes[num].physical;
|
2011-03-08 21:14:00 +08:00
|
|
|
offset = 0;
|
2017-04-04 04:45:24 +08:00
|
|
|
nstripes = div64_u64(length, map->stripe_len);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (map->type & BTRFS_BLOCK_GROUP_RAID0) {
|
|
|
|
offset = map->stripe_len * num;
|
|
|
|
increment = map->stripe_len * map->num_stripes;
|
2011-06-14 01:56:54 +08:00
|
|
|
mirror_num = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
} else if (map->type & BTRFS_BLOCK_GROUP_RAID10) {
|
|
|
|
int factor = map->num_stripes / map->sub_stripes;
|
|
|
|
offset = map->stripe_len * (num / map->sub_stripes);
|
|
|
|
increment = map->stripe_len * factor;
|
2011-06-14 01:56:54 +08:00
|
|
|
mirror_num = num % map->sub_stripes + 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
} else if (map->type & BTRFS_BLOCK_GROUP_RAID1) {
|
|
|
|
increment = map->stripe_len;
|
2011-06-14 01:56:54 +08:00
|
|
|
mirror_num = num % map->num_stripes + 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
} else if (map->type & BTRFS_BLOCK_GROUP_DUP) {
|
|
|
|
increment = map->stripe_len;
|
2011-06-14 01:56:54 +08:00
|
|
|
mirror_num = num % map->num_stripes + 1;
|
2015-01-20 15:11:44 +08:00
|
|
|
} else if (map->type & BTRFS_BLOCK_GROUP_RAID56_MASK) {
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
get_raid56_logic_offset(physical, num, map, &offset, NULL);
|
2014-04-01 18:01:43 +08:00
|
|
|
increment = map->stripe_len * nr_data_stripes(map);
|
|
|
|
mirror_num = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
} else {
|
|
|
|
increment = map->stripe_len;
|
2011-06-14 01:56:54 +08:00
|
|
|
mirror_num = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
path = btrfs_alloc_path();
|
|
|
|
if (!path)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
ppath = btrfs_alloc_path();
|
|
|
|
if (!ppath) {
|
2015-01-09 16:37:52 +08:00
|
|
|
btrfs_free_path(path);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* work on commit root. The related disk blocks are static as
|
|
|
|
* long as COW is applied. This means, it is save to rewrite
|
|
|
|
* them to repair disk errors without any race conditions
|
|
|
|
*/
|
2011-03-08 21:14:00 +08:00
|
|
|
path->search_commit_root = 1;
|
|
|
|
path->skip_locking = 1;
|
|
|
|
|
2015-01-09 09:39:40 +08:00
|
|
|
ppath->search_commit_root = 1;
|
|
|
|
ppath->skip_locking = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
/*
|
2011-06-10 18:39:23 +08:00
|
|
|
* trigger the readahead for extent tree csum tree and wait for
|
|
|
|
* completion. During readahead, the scrub is officially paused
|
|
|
|
* to not hold off transaction commits
|
2011-03-08 21:14:00 +08:00
|
|
|
*/
|
|
|
|
logical = base + offset;
|
2014-04-01 18:01:43 +08:00
|
|
|
physical_end = physical + nstripes * map->stripe_len;
|
2015-01-20 15:11:44 +08:00
|
|
|
if (map->type & BTRFS_BLOCK_GROUP_RAID56_MASK) {
|
2014-04-01 18:01:43 +08:00
|
|
|
get_raid56_logic_offset(physical_end, num,
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
map, &logic_end, NULL);
|
2014-04-01 18:01:43 +08:00
|
|
|
logic_end += base;
|
|
|
|
} else {
|
|
|
|
logic_end = logical + increment * nstripes;
|
|
|
|
}
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
wait_event(sctx->list_wait,
|
2012-11-02 23:44:58 +08:00
|
|
|
atomic_read(&sctx->bios_in_flight) == 0);
|
2013-12-04 21:16:53 +08:00
|
|
|
scrub_blocked_if_needed(fs_info);
|
2011-06-10 18:39:23 +08:00
|
|
|
|
|
|
|
/* FIXME it might be better to start readahead at commit root */
|
2016-03-25 01:00:53 +08:00
|
|
|
key.objectid = logical;
|
|
|
|
key.type = BTRFS_EXTENT_ITEM_KEY;
|
|
|
|
key.offset = (u64)0;
|
2014-04-01 18:01:43 +08:00
|
|
|
key_end.objectid = logic_end;
|
2013-03-08 03:22:04 +08:00
|
|
|
key_end.type = BTRFS_METADATA_ITEM_KEY;
|
|
|
|
key_end.offset = (u64)-1;
|
2016-03-25 01:00:53 +08:00
|
|
|
reada1 = btrfs_reada_add(root, &key, &key_end);
|
2011-06-10 18:39:23 +08:00
|
|
|
|
2016-03-25 01:00:53 +08:00
|
|
|
key.objectid = BTRFS_EXTENT_CSUM_OBJECTID;
|
|
|
|
key.type = BTRFS_EXTENT_CSUM_KEY;
|
|
|
|
key.offset = logical;
|
2011-06-10 18:39:23 +08:00
|
|
|
key_end.objectid = BTRFS_EXTENT_CSUM_OBJECTID;
|
|
|
|
key_end.type = BTRFS_EXTENT_CSUM_KEY;
|
2014-04-01 18:01:43 +08:00
|
|
|
key_end.offset = logic_end;
|
2016-03-25 01:00:53 +08:00
|
|
|
reada2 = btrfs_reada_add(csum_root, &key, &key_end);
|
2011-06-10 18:39:23 +08:00
|
|
|
|
|
|
|
if (!IS_ERR(reada1))
|
|
|
|
btrfs_reada_wait(reada1);
|
|
|
|
if (!IS_ERR(reada2))
|
|
|
|
btrfs_reada_wait(reada2);
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* collect all data csums for the stripe to avoid seeking during
|
|
|
|
* the scrub. This might currently (crc32) end up to be about 1MB
|
|
|
|
*/
|
2011-05-29 04:58:38 +08:00
|
|
|
blk_start_plug(&plug);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* now find all extents for each stripe and scrub them
|
|
|
|
*/
|
|
|
|
ret = 0;
|
2014-04-01 18:01:43 +08:00
|
|
|
while (physical < physical_end) {
|
2011-03-08 21:14:00 +08:00
|
|
|
/*
|
|
|
|
* canceled?
|
|
|
|
*/
|
|
|
|
if (atomic_read(&fs_info->scrub_cancel_req) ||
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
atomic_read(&sctx->cancel_req)) {
|
2011-03-08 21:14:00 +08:00
|
|
|
ret = -ECANCELED;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* check to see if we have to pause
|
|
|
|
*/
|
|
|
|
if (atomic_read(&fs_info->scrub_pause_req)) {
|
|
|
|
/* push queued extents */
|
2017-03-31 23:12:51 +08:00
|
|
|
sctx->flush_all_writes = true;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
wait_event(sctx->list_wait,
|
2012-11-02 23:44:58 +08:00
|
|
|
atomic_read(&sctx->bios_in_flight) == 0);
|
2017-03-31 23:12:51 +08:00
|
|
|
sctx->flush_all_writes = false;
|
2013-12-04 21:15:19 +08:00
|
|
|
scrub_blocked_if_needed(fs_info);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2015-07-21 12:22:29 +08:00
|
|
|
if (map->type & BTRFS_BLOCK_GROUP_RAID56_MASK) {
|
|
|
|
ret = get_raid56_logic_offset(physical, num, map,
|
|
|
|
&logical,
|
|
|
|
&stripe_logical);
|
|
|
|
logical += base;
|
|
|
|
if (ret) {
|
2015-08-18 17:54:30 +08:00
|
|
|
/* it is parity strip */
|
2015-07-21 12:22:29 +08:00
|
|
|
stripe_logical += base;
|
btrfs: Fix calculate typo caused by ambiguous meaning of logic_end
For example, in scrub_raid56_parity(), following lines are used
to judge is all data processed:
place1: if (key.objectid > logic_end) ...
place2: if (logic_start >= logic_end) ...
...
(place2 is typo, is should be ">", it is copied from other
place, where logic_end's meaning is different, long story...)
We can fix above typo directly, but the root reason is ambiguous
meaning of logic_end in scrub raid56 parity.
In other place, XXX_end is pointed to data which is not included,
and we need to process segment of [XXX_start, XXX_end).
But for scrub raid56 parity, logic_end is pointed to lattest data
need to process, and introduced many "+ 1" and "- 1" in code as
below:
length = sparity->logic_end - sparity->logic_start + 1
logic_end - logic_start + 1
stripe_logical + increment - 1
This patch changed logic_end's meaning to make it in normal understanding
in raid56 parity functions and data struct alone with above bugfix.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-21 15:42:26 +08:00
|
|
|
stripe_end = stripe_logical + increment;
|
2015-07-21 12:22:29 +08:00
|
|
|
ret = scrub_raid56_parity(sctx, map, scrub_dev,
|
|
|
|
ppath, stripe_logical,
|
|
|
|
stripe_end);
|
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
goto skip;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-01-12 21:38:32 +08:00
|
|
|
if (btrfs_fs_incompat(fs_info, SKINNY_METADATA))
|
|
|
|
key.type = BTRFS_METADATA_ITEM_KEY;
|
|
|
|
else
|
|
|
|
key.type = BTRFS_EXTENT_ITEM_KEY;
|
2011-03-08 21:14:00 +08:00
|
|
|
key.objectid = logical;
|
2013-04-27 10:56:57 +08:00
|
|
|
key.offset = (u64)-1;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
ret = btrfs_search_slot(NULL, root, &key, path, 0, 0);
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
2013-03-08 03:22:04 +08:00
|
|
|
|
2011-06-03 16:09:26 +08:00
|
|
|
if (ret > 0) {
|
2014-01-12 21:38:33 +08:00
|
|
|
ret = btrfs_previous_extent_item(root, path, 0);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
2011-06-03 16:09:26 +08:00
|
|
|
if (ret > 0) {
|
|
|
|
/* there's no smaller item, so stick with the
|
|
|
|
* larger one */
|
|
|
|
btrfs_release_path(path);
|
|
|
|
ret = btrfs_search_slot(NULL, root, &key,
|
|
|
|
path, 0, 0);
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2013-04-27 10:56:57 +08:00
|
|
|
stop_loop = 0;
|
2011-03-08 21:14:00 +08:00
|
|
|
while (1) {
|
2013-03-08 03:22:04 +08:00
|
|
|
u64 bytes;
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
l = path->nodes[0];
|
|
|
|
slot = path->slots[0];
|
|
|
|
if (slot >= btrfs_header_nritems(l)) {
|
|
|
|
ret = btrfs_next_leaf(root, path);
|
|
|
|
if (ret == 0)
|
|
|
|
continue;
|
|
|
|
if (ret < 0)
|
|
|
|
goto out;
|
|
|
|
|
2013-04-27 10:56:57 +08:00
|
|
|
stop_loop = 1;
|
2011-03-08 21:14:00 +08:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
btrfs_item_key_to_cpu(l, &key, slot);
|
|
|
|
|
2015-07-22 13:14:48 +08:00
|
|
|
if (key.type != BTRFS_EXTENT_ITEM_KEY &&
|
|
|
|
key.type != BTRFS_METADATA_ITEM_KEY)
|
|
|
|
goto next;
|
|
|
|
|
2013-03-08 03:22:04 +08:00
|
|
|
if (key.type == BTRFS_METADATA_ITEM_KEY)
|
2016-06-23 06:54:23 +08:00
|
|
|
bytes = fs_info->nodesize;
|
2013-03-08 03:22:04 +08:00
|
|
|
else
|
|
|
|
bytes = key.offset;
|
|
|
|
|
|
|
|
if (key.objectid + bytes <= logical)
|
2011-03-08 21:14:00 +08:00
|
|
|
goto next;
|
|
|
|
|
2013-04-27 10:56:57 +08:00
|
|
|
if (key.objectid >= logical + map->stripe_len) {
|
|
|
|
/* out of this device extent */
|
|
|
|
if (key.objectid >= logic_end)
|
|
|
|
stop_loop = 1;
|
|
|
|
break;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
extent = btrfs_item_ptr(l, slot,
|
|
|
|
struct btrfs_extent_item);
|
|
|
|
flags = btrfs_extent_flags(l, extent);
|
|
|
|
generation = btrfs_extent_generation(l, extent);
|
|
|
|
|
btrfs: Fix scrub panic when leaf crosses stripes
Scrub panic in following operation:
mkfs.ext4 /dev/vdh
btrfs-convert /dev/vdh
mount /dev/vdh /mnt/tmp1
btrfs scrub start -B /dev/vdh
(panic)
Reason:
1: In some case, leaf created by btrfs-convert was splited into 2
strips.
2: Scrub bypassed part of above wrong leaf data, but remain data
caused panic in scrub_checksum_tree_block().
For reason 1:
we can get following information after some simple operation.
a. mkfs.ext4 /dev/vdh
btrfs-convert /dev/vdh
b. btrfs-debug-tree /dev/vdh
we can see following item in extent tree:
item 25 key (27054080 METADATA_ITEM 0) itemoff 15083 itemsize 33
Its logical address is [27054080, 27070464)
and acrossed 2 strips:
[27000832, 27066368)
[27066368, 27131904)
Will be fixed in btrfs-progs(btrfs-convert, btrfsck, ...)
For reason 2:
Scrub is trying to do a "bypass" in this case, but the result is
"panic", because current code lacks of some condition in bypass,
and let some wrong leaf data escaped.
This patch fixed above scrub code.
Before patch:
# btrfs scrub start -B /dev/vdh
(panic)
After patch:
# btrfs scrub start -B /dev/vdh
scrub done for 353cec8f-da31-4a94-aa35-be72d997b06e
...
# dmesg
...
[ 59.088697] BTRFS error (device vdh): scrub: tree block 27054080 spanning stripes, ignored. logical=27000832
[ 59.089929] BTRFS error (device vdh): scrub: tree block 27054080 spanning stripes, ignored. logical=27066368
#
Reported-by: Chris Murphy <lists@colorremedies.com>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-23 12:29:49 +08:00
|
|
|
if ((flags & BTRFS_EXTENT_FLAG_TREE_BLOCK) &&
|
|
|
|
(key.objectid < logical ||
|
|
|
|
key.objectid + bytes >
|
|
|
|
logical + map->stripe_len)) {
|
2013-12-21 00:37:06 +08:00
|
|
|
btrfs_err(fs_info,
|
2016-09-20 22:05:00 +08:00
|
|
|
"scrub: tree block %llu spanning stripes, ignored. logical=%llu",
|
2013-08-20 19:20:07 +08:00
|
|
|
key.objectid, logical);
|
2015-08-25 21:31:40 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.uncorrectable_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
2011-03-08 21:14:00 +08:00
|
|
|
goto next;
|
|
|
|
}
|
|
|
|
|
2013-04-27 10:56:57 +08:00
|
|
|
again:
|
|
|
|
extent_logical = key.objectid;
|
|
|
|
extent_len = bytes;
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
/*
|
|
|
|
* trim extent to this stripe
|
|
|
|
*/
|
2013-04-27 10:56:57 +08:00
|
|
|
if (extent_logical < logical) {
|
|
|
|
extent_len -= logical - extent_logical;
|
|
|
|
extent_logical = logical;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
2013-04-27 10:56:57 +08:00
|
|
|
if (extent_logical + extent_len >
|
2011-03-08 21:14:00 +08:00
|
|
|
logical + map->stripe_len) {
|
2013-04-27 10:56:57 +08:00
|
|
|
extent_len = logical + map->stripe_len -
|
|
|
|
extent_logical;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2013-04-27 10:56:57 +08:00
|
|
|
extent_physical = extent_logical - logical + physical;
|
2012-11-06 18:43:11 +08:00
|
|
|
extent_dev = scrub_dev;
|
|
|
|
extent_mirror_num = mirror_num;
|
|
|
|
if (is_dev_replace)
|
|
|
|
scrub_remap_extent(fs_info, extent_logical,
|
|
|
|
extent_len, &extent_physical,
|
|
|
|
&extent_dev,
|
|
|
|
&extent_mirror_num);
|
2013-04-27 10:56:57 +08:00
|
|
|
|
2015-07-22 13:14:47 +08:00
|
|
|
ret = btrfs_lookup_csums_range(csum_root,
|
|
|
|
extent_logical,
|
|
|
|
extent_logical +
|
|
|
|
extent_len - 1,
|
|
|
|
&sctx->csum_list, 1);
|
2013-04-27 10:56:57 +08:00
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
ret = scrub_extent(sctx, extent_logical, extent_len,
|
|
|
|
extent_physical, extent_dev, flags,
|
|
|
|
generation, extent_mirror_num,
|
2013-07-04 22:14:23 +08:00
|
|
|
extent_logical - logical + physical);
|
2015-07-21 12:22:30 +08:00
|
|
|
|
|
|
|
scrub_free_csums(sctx);
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
|
2013-04-27 10:56:57 +08:00
|
|
|
if (extent_logical + extent_len <
|
|
|
|
key.objectid + bytes) {
|
2015-01-20 15:11:44 +08:00
|
|
|
if (map->type & BTRFS_BLOCK_GROUP_RAID56_MASK) {
|
2014-04-01 18:01:43 +08:00
|
|
|
/*
|
|
|
|
* loop until we find next data stripe
|
|
|
|
* or we have finished all stripes.
|
|
|
|
*/
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
loop:
|
|
|
|
physical += map->stripe_len;
|
|
|
|
ret = get_raid56_logic_offset(physical,
|
|
|
|
num, map, &logical,
|
|
|
|
&stripe_logical);
|
|
|
|
logical += base;
|
|
|
|
|
|
|
|
if (ret && physical < physical_end) {
|
|
|
|
stripe_logical += base;
|
|
|
|
stripe_end = stripe_logical +
|
btrfs: Fix calculate typo caused by ambiguous meaning of logic_end
For example, in scrub_raid56_parity(), following lines are used
to judge is all data processed:
place1: if (key.objectid > logic_end) ...
place2: if (logic_start >= logic_end) ...
...
(place2 is typo, is should be ">", it is copied from other
place, where logic_end's meaning is different, long story...)
We can fix above typo directly, but the root reason is ambiguous
meaning of logic_end in scrub raid56 parity.
In other place, XXX_end is pointed to data which is not included,
and we need to process segment of [XXX_start, XXX_end).
But for scrub raid56 parity, logic_end is pointed to lattest data
need to process, and introduced many "+ 1" and "- 1" in code as
below:
length = sparity->logic_end - sparity->logic_start + 1
logic_end - logic_start + 1
stripe_logical + increment - 1
This patch changed logic_end's meaning to make it in normal understanding
in raid56 parity functions and data struct alone with above bugfix.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-07-21 15:42:26 +08:00
|
|
|
increment;
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
ret = scrub_raid56_parity(sctx,
|
|
|
|
map, scrub_dev, ppath,
|
|
|
|
stripe_logical,
|
|
|
|
stripe_end);
|
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
goto loop;
|
|
|
|
}
|
2014-04-01 18:01:43 +08:00
|
|
|
} else {
|
|
|
|
physical += map->stripe_len;
|
|
|
|
logical += increment;
|
|
|
|
}
|
2013-04-27 10:56:57 +08:00
|
|
|
if (logical < key.objectid + bytes) {
|
|
|
|
cond_resched();
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
|
2014-04-01 18:01:43 +08:00
|
|
|
if (physical >= physical_end) {
|
2013-04-27 10:56:57 +08:00
|
|
|
stop_loop = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
next:
|
|
|
|
path->slots[0]++;
|
|
|
|
}
|
2011-05-23 18:30:52 +08:00
|
|
|
btrfs_release_path(path);
|
2014-04-01 18:01:43 +08:00
|
|
|
skip:
|
2011-03-08 21:14:00 +08:00
|
|
|
logical += increment;
|
|
|
|
physical += map->stripe_len;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_lock(&sctx->stat_lock);
|
2013-04-27 10:56:57 +08:00
|
|
|
if (stop_loop)
|
|
|
|
sctx->stat.last_physical = map->stripes[num].physical +
|
|
|
|
length;
|
|
|
|
else
|
|
|
|
sctx->stat.last_physical = physical;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
spin_unlock(&sctx->stat_lock);
|
2013-04-27 10:56:57 +08:00
|
|
|
if (stop_loop)
|
|
|
|
break;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
2012-11-06 18:43:11 +08:00
|
|
|
out:
|
2011-03-08 21:14:00 +08:00
|
|
|
/* push queued extents */
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
scrub_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2011-05-29 04:58:38 +08:00
|
|
|
blk_finish_plug(&plug);
|
2011-03-08 21:14:00 +08:00
|
|
|
btrfs_free_path(path);
|
Btrfs, raid56: support parity scrub on raid56
The implementation is:
- Read and check all the data with checksum in the same stripe.
All the data which has checksum is COW data, and we are sure
that it is not changed though we don't lock the stripe. because
the space of that data just can be reclaimed after the current
transction is committed, and then the fs can use it to store the
other data, but when doing scrub, we hold the current transaction,
that is that data can not be recovered, it is safe that read and check
it out of the stripe lock.
- Lock the stripe
- Read out all the data without checksum and parity
The data without checksum and the parity may be changed if we don't
lock the stripe, so we need read it in the stripe lock context.
- Check the parity
- Re-calculate the new parity and write back it if the old parity
is not right
- Unlock the stripe
If we can not read out the data or the data we read is corrupted,
we will try to repair it. If the repair fails. we will mark the
horizontal sub-stripe(pages on the same horizontal) as corrupted
sub-stripe, and we will skip the parity check and repair of that
horizontal sub-stripe.
And in order to skip the horizontal sub-stripe that has no data, we
introduce a bitmap. If there is some data on the horizontal sub-stripe,
we will the relative bit to 1, and when we check and repair the
parity, we will skip those horizontal sub-stripes that the relative
bits is 0.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
2014-11-06 17:20:58 +08:00
|
|
|
btrfs_free_path(ppath);
|
2011-03-08 21:14:00 +08:00
|
|
|
return ret < 0 ? ret : 0;
|
|
|
|
}
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
static noinline_for_stack int scrub_chunk(struct scrub_ctx *sctx,
|
2012-11-02 20:26:57 +08:00
|
|
|
struct btrfs_device *scrub_dev,
|
|
|
|
u64 chunk_offset, u64 length,
|
2015-11-19 18:57:20 +08:00
|
|
|
u64 dev_offset,
|
|
|
|
struct btrfs_block_group_cache *cache,
|
|
|
|
int is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
|
|
|
struct btrfs_mapping_tree *map_tree = &fs_info->mapping_tree;
|
2011-03-08 21:14:00 +08:00
|
|
|
struct map_lookup *map;
|
|
|
|
struct extent_map *em;
|
|
|
|
int i;
|
2012-11-06 18:43:11 +08:00
|
|
|
int ret = 0;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
read_lock(&map_tree->map_tree.lock);
|
|
|
|
em = lookup_extent_mapping(&map_tree->map_tree, chunk_offset, 1);
|
|
|
|
read_unlock(&map_tree->map_tree.lock);
|
|
|
|
|
2015-11-19 18:57:20 +08:00
|
|
|
if (!em) {
|
|
|
|
/*
|
|
|
|
* Might have been an unused block group deleted by the cleaner
|
|
|
|
* kthread or relocation.
|
|
|
|
*/
|
|
|
|
spin_lock(&cache->lock);
|
|
|
|
if (!cache->removed)
|
|
|
|
ret = -EINVAL;
|
|
|
|
spin_unlock(&cache->lock);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2015-06-03 22:55:48 +08:00
|
|
|
map = em->map_lookup;
|
2011-03-08 21:14:00 +08:00
|
|
|
if (em->start != chunk_offset)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (em->len < length)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
for (i = 0; i < map->num_stripes; ++i) {
|
2012-11-02 20:26:57 +08:00
|
|
|
if (map->stripes[i].dev->bdev == scrub_dev->bdev &&
|
2012-02-09 22:09:02 +08:00
|
|
|
map->stripes[i].physical == dev_offset) {
|
2012-11-02 20:26:57 +08:00
|
|
|
ret = scrub_stripe(sctx, map, scrub_dev, i,
|
2012-11-06 18:43:11 +08:00
|
|
|
chunk_offset, length,
|
|
|
|
is_dev_replace);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
out:
|
|
|
|
free_extent_map(em);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static noinline_for_stack
|
2012-11-02 20:26:57 +08:00
|
|
|
int scrub_enumerate_chunks(struct scrub_ctx *sctx,
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_device *scrub_dev, u64 start, u64 end,
|
|
|
|
int is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
struct btrfs_dev_extent *dev_extent = NULL;
|
|
|
|
struct btrfs_path *path;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
|
|
|
struct btrfs_root *root = fs_info->dev_root;
|
2011-03-08 21:14:00 +08:00
|
|
|
u64 length;
|
|
|
|
u64 chunk_offset;
|
2015-08-05 16:43:30 +08:00
|
|
|
int ret = 0;
|
btrfs: Continue replace when set_block_ro failed
xfstests/011 failed in node with small_size filesystem.
Can be reproduced by following script:
DEV_LIST="/dev/vdd /dev/vde"
DEV_REPLACE="/dev/vdf"
do_test()
{
local mkfs_opt="$1"
local size="$2"
dmesg -c >/dev/null
umount $SCRATCH_MNT &>/dev/null
echo mkfs.btrfs -f $mkfs_opt "${DEV_LIST[*]}"
mkfs.btrfs -f $mkfs_opt "${DEV_LIST[@]}" || return 1
mount "${DEV_LIST[0]}" $SCRATCH_MNT
echo -n "Writing big files"
dd if=/dev/urandom of=$SCRATCH_MNT/t0 bs=1M count=1 >/dev/null 2>&1
for ((i = 1; i <= size; i++)); do
echo -n .
/bin/cp $SCRATCH_MNT/t0 $SCRATCH_MNT/t$i || return 1
done
echo
echo Start replace
btrfs replace start -Bf "${DEV_LIST[0]}" "$DEV_REPLACE" $SCRATCH_MNT || {
dmesg
return 1
}
return 0
}
# Set size to value near fs size
# for example, 1897 can trigger this bug in 2.6G device.
#
./do_test "-d raid1 -m raid1" 1897
System will report replace fail with following warning in dmesg:
[ 134.710853] BTRFS: dev_replace from /dev/vdd (devid 1) to /dev/vdf started
[ 135.542390] BTRFS: btrfs_scrub_dev(/dev/vdd, 1, /dev/vdf) failed -28
[ 135.543505] ------------[ cut here ]------------
[ 135.544127] WARNING: CPU: 0 PID: 4080 at fs/btrfs/dev-replace.c:428 btrfs_dev_replace_start+0x398/0x440()
[ 135.545276] Modules linked in:
[ 135.545681] CPU: 0 PID: 4080 Comm: btrfs Not tainted 4.3.0 #256
[ 135.546439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014
[ 135.547798] ffffffff81c5bfcf ffff88003cbb3d28 ffffffff817fe7b5 0000000000000000
[ 135.548774] ffff88003cbb3d60 ffffffff810a88f1 ffff88002b030000 00000000ffffffe4
[ 135.549774] ffff88003c080000 ffff88003c082588 ffff88003c28ab60 ffff88003cbb3d70
[ 135.550758] Call Trace:
[ 135.551086] [<ffffffff817fe7b5>] dump_stack+0x44/0x55
[ 135.551737] [<ffffffff810a88f1>] warn_slowpath_common+0x81/0xc0
[ 135.552487] [<ffffffff810a89e5>] warn_slowpath_null+0x15/0x20
[ 135.553211] [<ffffffff81448c88>] btrfs_dev_replace_start+0x398/0x440
[ 135.554051] [<ffffffff81412c3e>] btrfs_ioctl+0x1d2e/0x25c0
[ 135.554722] [<ffffffff8114c7ba>] ? __audit_syscall_entry+0xaa/0xf0
[ 135.555506] [<ffffffff8111ab36>] ? current_kernel_time64+0x56/0xa0
[ 135.556304] [<ffffffff81201e3d>] do_vfs_ioctl+0x30d/0x580
[ 135.557009] [<ffffffff8114c7ba>] ? __audit_syscall_entry+0xaa/0xf0
[ 135.557855] [<ffffffff810011d1>] ? do_audit_syscall_entry+0x61/0x70
[ 135.558669] [<ffffffff8120d1c1>] ? __fget_light+0x61/0x90
[ 135.559374] [<ffffffff81202124>] SyS_ioctl+0x74/0x80
[ 135.559987] [<ffffffff81809857>] entry_SYSCALL_64_fastpath+0x12/0x6f
[ 135.560842] ---[ end trace 2a5c1fc3205abbdd ]---
Reason:
When big data writen to fs, the whole free space will be allocated
for data chunk.
And operation as scrub need to set_block_ro(), and when there is
only one metadata chunk in system(or other metadata chunks
are all full), the function will try to allocate a new chunk,
and failed because no space in device.
Fix:
When set_block_ro failed for metadata chunk, it is not a problem
because scrub_lock paused commit_trancaction in same time, and
metadata are always cowed, so the on-the-fly writepages will not
write data into same place with scrub/replace.
Let replace continue in this case is no problem.
Tested by above script, and xfstests/011, plus 100 times xfstests/070.
Changelog v1->v2:
1: Add detail comments in source and commit-message.
2: Add dmesg detail into commit-message.
3: Limit return value of -ENOSPC to be passed.
All suggested by: Filipe Manana <fdmanana@gmail.com>
Suggested-by: Filipe Manana <fdmanana@gmail.com>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-11-17 18:46:17 +08:00
|
|
|
int ro_set;
|
2011-03-08 21:14:00 +08:00
|
|
|
int slot;
|
|
|
|
struct extent_buffer *l;
|
|
|
|
struct btrfs_key key;
|
|
|
|
struct btrfs_key found_key;
|
|
|
|
struct btrfs_block_group_cache *cache;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_dev_replace *dev_replace = &fs_info->dev_replace;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
path = btrfs_alloc_path();
|
|
|
|
if (!path)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
2015-11-27 23:31:35 +08:00
|
|
|
path->reada = READA_FORWARD;
|
2011-03-08 21:14:00 +08:00
|
|
|
path->search_commit_root = 1;
|
|
|
|
path->skip_locking = 1;
|
|
|
|
|
2012-11-02 20:26:57 +08:00
|
|
|
key.objectid = scrub_dev->devid;
|
2011-03-08 21:14:00 +08:00
|
|
|
key.offset = 0ull;
|
|
|
|
key.type = BTRFS_DEV_EXTENT_KEY;
|
|
|
|
|
|
|
|
while (1) {
|
|
|
|
ret = btrfs_search_slot(NULL, root, &key, path, 0, 0);
|
|
|
|
if (ret < 0)
|
2011-06-03 16:09:26 +08:00
|
|
|
break;
|
|
|
|
if (ret > 0) {
|
|
|
|
if (path->slots[0] >=
|
|
|
|
btrfs_header_nritems(path->nodes[0])) {
|
|
|
|
ret = btrfs_next_leaf(root, path);
|
2015-08-05 16:43:30 +08:00
|
|
|
if (ret < 0)
|
|
|
|
break;
|
|
|
|
if (ret > 0) {
|
|
|
|
ret = 0;
|
2011-06-03 16:09:26 +08:00
|
|
|
break;
|
2015-08-05 16:43:30 +08:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
ret = 0;
|
2011-06-03 16:09:26 +08:00
|
|
|
}
|
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
l = path->nodes[0];
|
|
|
|
slot = path->slots[0];
|
|
|
|
|
|
|
|
btrfs_item_key_to_cpu(l, &found_key, slot);
|
|
|
|
|
2012-11-02 20:26:57 +08:00
|
|
|
if (found_key.objectid != scrub_dev->devid)
|
2011-03-08 21:14:00 +08:00
|
|
|
break;
|
|
|
|
|
2014-06-05 00:41:45 +08:00
|
|
|
if (found_key.type != BTRFS_DEV_EXTENT_KEY)
|
2011-03-08 21:14:00 +08:00
|
|
|
break;
|
|
|
|
|
|
|
|
if (found_key.offset >= end)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if (found_key.offset < key.offset)
|
|
|
|
break;
|
|
|
|
|
|
|
|
dev_extent = btrfs_item_ptr(l, slot, struct btrfs_dev_extent);
|
|
|
|
length = btrfs_dev_extent_length(l, dev_extent);
|
|
|
|
|
2014-06-19 10:42:51 +08:00
|
|
|
if (found_key.offset + length <= start)
|
|
|
|
goto skip;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
chunk_offset = btrfs_dev_extent_chunk_offset(l, dev_extent);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* get a reference on the corresponding block group to prevent
|
|
|
|
* the chunk from going away while we scrub it
|
|
|
|
*/
|
|
|
|
cache = btrfs_lookup_block_group(fs_info, chunk_offset);
|
2014-06-19 10:42:51 +08:00
|
|
|
|
|
|
|
/* some chunks are removed but not committed to disk yet,
|
|
|
|
* continue scrubbing */
|
|
|
|
if (!cache)
|
|
|
|
goto skip;
|
|
|
|
|
2015-08-05 16:43:30 +08:00
|
|
|
/*
|
|
|
|
* we need call btrfs_inc_block_group_ro() with scrubs_paused,
|
|
|
|
* to avoid deadlock caused by:
|
|
|
|
* btrfs_inc_block_group_ro()
|
|
|
|
* -> btrfs_wait_for_commit()
|
|
|
|
* -> btrfs_commit_transaction()
|
|
|
|
* -> btrfs_scrub_pause()
|
|
|
|
*/
|
|
|
|
scrub_pause_on(fs_info);
|
2017-02-16 05:28:29 +08:00
|
|
|
ret = btrfs_inc_block_group_ro(fs_info, cache);
|
2016-05-14 16:12:53 +08:00
|
|
|
if (!ret && is_dev_replace) {
|
|
|
|
/*
|
|
|
|
* If we are doing a device replace wait for any tasks
|
|
|
|
* that started dellaloc right before we set the block
|
|
|
|
* group to RO mode, as they might have just allocated
|
|
|
|
* an extent from it or decided they could do a nocow
|
|
|
|
* write. And if any such tasks did that, wait for their
|
|
|
|
* ordered extents to complete and then commit the
|
|
|
|
* current transaction, so that we can later see the new
|
|
|
|
* extent items in the extent tree - the ordered extents
|
|
|
|
* create delayed data references (for cow writes) when
|
|
|
|
* they complete, which will be run and insert the
|
|
|
|
* corresponding extent items into the extent tree when
|
|
|
|
* we commit the transaction they used when running
|
|
|
|
* inode.c:btrfs_finish_ordered_io(). We later use
|
|
|
|
* the commit root of the extent tree to find extents
|
|
|
|
* to copy from the srcdev into the tgtdev, and we don't
|
|
|
|
* want to miss any new extents.
|
|
|
|
*/
|
|
|
|
btrfs_wait_block_group_reservations(cache);
|
|
|
|
btrfs_wait_nocow_writers(cache);
|
2017-06-24 00:48:21 +08:00
|
|
|
ret = btrfs_wait_ordered_roots(fs_info, U64_MAX,
|
2016-05-14 16:12:53 +08:00
|
|
|
cache->key.objectid,
|
|
|
|
cache->key.offset);
|
|
|
|
if (ret > 0) {
|
|
|
|
struct btrfs_trans_handle *trans;
|
|
|
|
|
|
|
|
trans = btrfs_join_transaction(root);
|
|
|
|
if (IS_ERR(trans))
|
|
|
|
ret = PTR_ERR(trans);
|
|
|
|
else
|
2016-09-10 09:39:03 +08:00
|
|
|
ret = btrfs_commit_transaction(trans);
|
2016-05-14 16:12:53 +08:00
|
|
|
if (ret) {
|
|
|
|
scrub_pause_off(fs_info);
|
|
|
|
btrfs_put_block_group(cache);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2015-08-05 16:43:30 +08:00
|
|
|
scrub_pause_off(fs_info);
|
btrfs: Continue replace when set_block_ro failed
xfstests/011 failed in node with small_size filesystem.
Can be reproduced by following script:
DEV_LIST="/dev/vdd /dev/vde"
DEV_REPLACE="/dev/vdf"
do_test()
{
local mkfs_opt="$1"
local size="$2"
dmesg -c >/dev/null
umount $SCRATCH_MNT &>/dev/null
echo mkfs.btrfs -f $mkfs_opt "${DEV_LIST[*]}"
mkfs.btrfs -f $mkfs_opt "${DEV_LIST[@]}" || return 1
mount "${DEV_LIST[0]}" $SCRATCH_MNT
echo -n "Writing big files"
dd if=/dev/urandom of=$SCRATCH_MNT/t0 bs=1M count=1 >/dev/null 2>&1
for ((i = 1; i <= size; i++)); do
echo -n .
/bin/cp $SCRATCH_MNT/t0 $SCRATCH_MNT/t$i || return 1
done
echo
echo Start replace
btrfs replace start -Bf "${DEV_LIST[0]}" "$DEV_REPLACE" $SCRATCH_MNT || {
dmesg
return 1
}
return 0
}
# Set size to value near fs size
# for example, 1897 can trigger this bug in 2.6G device.
#
./do_test "-d raid1 -m raid1" 1897
System will report replace fail with following warning in dmesg:
[ 134.710853] BTRFS: dev_replace from /dev/vdd (devid 1) to /dev/vdf started
[ 135.542390] BTRFS: btrfs_scrub_dev(/dev/vdd, 1, /dev/vdf) failed -28
[ 135.543505] ------------[ cut here ]------------
[ 135.544127] WARNING: CPU: 0 PID: 4080 at fs/btrfs/dev-replace.c:428 btrfs_dev_replace_start+0x398/0x440()
[ 135.545276] Modules linked in:
[ 135.545681] CPU: 0 PID: 4080 Comm: btrfs Not tainted 4.3.0 #256
[ 135.546439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014
[ 135.547798] ffffffff81c5bfcf ffff88003cbb3d28 ffffffff817fe7b5 0000000000000000
[ 135.548774] ffff88003cbb3d60 ffffffff810a88f1 ffff88002b030000 00000000ffffffe4
[ 135.549774] ffff88003c080000 ffff88003c082588 ffff88003c28ab60 ffff88003cbb3d70
[ 135.550758] Call Trace:
[ 135.551086] [<ffffffff817fe7b5>] dump_stack+0x44/0x55
[ 135.551737] [<ffffffff810a88f1>] warn_slowpath_common+0x81/0xc0
[ 135.552487] [<ffffffff810a89e5>] warn_slowpath_null+0x15/0x20
[ 135.553211] [<ffffffff81448c88>] btrfs_dev_replace_start+0x398/0x440
[ 135.554051] [<ffffffff81412c3e>] btrfs_ioctl+0x1d2e/0x25c0
[ 135.554722] [<ffffffff8114c7ba>] ? __audit_syscall_entry+0xaa/0xf0
[ 135.555506] [<ffffffff8111ab36>] ? current_kernel_time64+0x56/0xa0
[ 135.556304] [<ffffffff81201e3d>] do_vfs_ioctl+0x30d/0x580
[ 135.557009] [<ffffffff8114c7ba>] ? __audit_syscall_entry+0xaa/0xf0
[ 135.557855] [<ffffffff810011d1>] ? do_audit_syscall_entry+0x61/0x70
[ 135.558669] [<ffffffff8120d1c1>] ? __fget_light+0x61/0x90
[ 135.559374] [<ffffffff81202124>] SyS_ioctl+0x74/0x80
[ 135.559987] [<ffffffff81809857>] entry_SYSCALL_64_fastpath+0x12/0x6f
[ 135.560842] ---[ end trace 2a5c1fc3205abbdd ]---
Reason:
When big data writen to fs, the whole free space will be allocated
for data chunk.
And operation as scrub need to set_block_ro(), and when there is
only one metadata chunk in system(or other metadata chunks
are all full), the function will try to allocate a new chunk,
and failed because no space in device.
Fix:
When set_block_ro failed for metadata chunk, it is not a problem
because scrub_lock paused commit_trancaction in same time, and
metadata are always cowed, so the on-the-fly writepages will not
write data into same place with scrub/replace.
Let replace continue in this case is no problem.
Tested by above script, and xfstests/011, plus 100 times xfstests/070.
Changelog v1->v2:
1: Add detail comments in source and commit-message.
2: Add dmesg detail into commit-message.
3: Limit return value of -ENOSPC to be passed.
All suggested by: Filipe Manana <fdmanana@gmail.com>
Suggested-by: Filipe Manana <fdmanana@gmail.com>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-11-17 18:46:17 +08:00
|
|
|
|
|
|
|
if (ret == 0) {
|
|
|
|
ro_set = 1;
|
|
|
|
} else if (ret == -ENOSPC) {
|
|
|
|
/*
|
|
|
|
* btrfs_inc_block_group_ro return -ENOSPC when it
|
|
|
|
* failed in creating new chunk for metadata.
|
|
|
|
* It is not a problem for scrub/replace, because
|
|
|
|
* metadata are always cowed, and our scrub paused
|
|
|
|
* commit_transactions.
|
|
|
|
*/
|
|
|
|
ro_set = 0;
|
|
|
|
} else {
|
2016-09-20 22:05:00 +08:00
|
|
|
btrfs_warn(fs_info,
|
2017-07-13 21:32:18 +08:00
|
|
|
"failed setting block group ro: %d", ret);
|
2015-08-05 16:43:30 +08:00
|
|
|
btrfs_put_block_group(cache);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2016-05-14 23:32:35 +08:00
|
|
|
btrfs_dev_replace_lock(&fs_info->dev_replace, 1);
|
2012-11-06 18:43:11 +08:00
|
|
|
dev_replace->cursor_right = found_key.offset + length;
|
|
|
|
dev_replace->cursor_left = found_key.offset;
|
|
|
|
dev_replace->item_needs_writeback = 1;
|
2016-05-14 23:32:35 +08:00
|
|
|
btrfs_dev_replace_unlock(&fs_info->dev_replace, 1);
|
2015-08-19 15:02:40 +08:00
|
|
|
ret = scrub_chunk(sctx, scrub_dev, chunk_offset, length,
|
2015-11-19 18:57:20 +08:00
|
|
|
found_key.offset, cache, is_dev_replace);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* flush, submit all pending read and write bios, afterwards
|
|
|
|
* wait for them.
|
|
|
|
* Note that in the dev replace case, a read request causes
|
|
|
|
* write requests that are submitted in the read completion
|
|
|
|
* worker. Therefore in the current situation, it is required
|
|
|
|
* that all write requests are flushed, so that all read and
|
|
|
|
* write requests are really completed when bios_in_flight
|
|
|
|
* changes to 0.
|
|
|
|
*/
|
2017-03-31 23:12:51 +08:00
|
|
|
sctx->flush_all_writes = true;
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_lock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
scrub_wr_submit(sctx);
|
2017-05-17 01:10:32 +08:00
|
|
|
mutex_unlock(&sctx->wr_lock);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
wait_event(sctx->list_wait,
|
|
|
|
atomic_read(&sctx->bios_in_flight) == 0);
|
2015-08-05 16:43:29 +08:00
|
|
|
|
|
|
|
scrub_pause_on(fs_info);
|
2014-02-19 19:24:17 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* must be called before we decrease @scrub_paused.
|
|
|
|
* make sure we don't block transaction commit while
|
|
|
|
* we are waiting pending workers finished.
|
|
|
|
*/
|
2012-11-06 18:43:11 +08:00
|
|
|
wait_event(sctx->list_wait,
|
|
|
|
atomic_read(&sctx->workers_pending) == 0);
|
2017-03-31 23:12:51 +08:00
|
|
|
sctx->flush_all_writes = false;
|
2014-02-19 19:24:17 +08:00
|
|
|
|
2015-08-05 16:43:29 +08:00
|
|
|
scrub_pause_off(fs_info);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
2016-05-15 02:44:40 +08:00
|
|
|
btrfs_dev_replace_lock(&fs_info->dev_replace, 1);
|
|
|
|
dev_replace->cursor_left = dev_replace->cursor_right;
|
|
|
|
dev_replace->item_needs_writeback = 1;
|
|
|
|
btrfs_dev_replace_unlock(&fs_info->dev_replace, 1);
|
|
|
|
|
btrfs: Continue replace when set_block_ro failed
xfstests/011 failed in node with small_size filesystem.
Can be reproduced by following script:
DEV_LIST="/dev/vdd /dev/vde"
DEV_REPLACE="/dev/vdf"
do_test()
{
local mkfs_opt="$1"
local size="$2"
dmesg -c >/dev/null
umount $SCRATCH_MNT &>/dev/null
echo mkfs.btrfs -f $mkfs_opt "${DEV_LIST[*]}"
mkfs.btrfs -f $mkfs_opt "${DEV_LIST[@]}" || return 1
mount "${DEV_LIST[0]}" $SCRATCH_MNT
echo -n "Writing big files"
dd if=/dev/urandom of=$SCRATCH_MNT/t0 bs=1M count=1 >/dev/null 2>&1
for ((i = 1; i <= size; i++)); do
echo -n .
/bin/cp $SCRATCH_MNT/t0 $SCRATCH_MNT/t$i || return 1
done
echo
echo Start replace
btrfs replace start -Bf "${DEV_LIST[0]}" "$DEV_REPLACE" $SCRATCH_MNT || {
dmesg
return 1
}
return 0
}
# Set size to value near fs size
# for example, 1897 can trigger this bug in 2.6G device.
#
./do_test "-d raid1 -m raid1" 1897
System will report replace fail with following warning in dmesg:
[ 134.710853] BTRFS: dev_replace from /dev/vdd (devid 1) to /dev/vdf started
[ 135.542390] BTRFS: btrfs_scrub_dev(/dev/vdd, 1, /dev/vdf) failed -28
[ 135.543505] ------------[ cut here ]------------
[ 135.544127] WARNING: CPU: 0 PID: 4080 at fs/btrfs/dev-replace.c:428 btrfs_dev_replace_start+0x398/0x440()
[ 135.545276] Modules linked in:
[ 135.545681] CPU: 0 PID: 4080 Comm: btrfs Not tainted 4.3.0 #256
[ 135.546439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014
[ 135.547798] ffffffff81c5bfcf ffff88003cbb3d28 ffffffff817fe7b5 0000000000000000
[ 135.548774] ffff88003cbb3d60 ffffffff810a88f1 ffff88002b030000 00000000ffffffe4
[ 135.549774] ffff88003c080000 ffff88003c082588 ffff88003c28ab60 ffff88003cbb3d70
[ 135.550758] Call Trace:
[ 135.551086] [<ffffffff817fe7b5>] dump_stack+0x44/0x55
[ 135.551737] [<ffffffff810a88f1>] warn_slowpath_common+0x81/0xc0
[ 135.552487] [<ffffffff810a89e5>] warn_slowpath_null+0x15/0x20
[ 135.553211] [<ffffffff81448c88>] btrfs_dev_replace_start+0x398/0x440
[ 135.554051] [<ffffffff81412c3e>] btrfs_ioctl+0x1d2e/0x25c0
[ 135.554722] [<ffffffff8114c7ba>] ? __audit_syscall_entry+0xaa/0xf0
[ 135.555506] [<ffffffff8111ab36>] ? current_kernel_time64+0x56/0xa0
[ 135.556304] [<ffffffff81201e3d>] do_vfs_ioctl+0x30d/0x580
[ 135.557009] [<ffffffff8114c7ba>] ? __audit_syscall_entry+0xaa/0xf0
[ 135.557855] [<ffffffff810011d1>] ? do_audit_syscall_entry+0x61/0x70
[ 135.558669] [<ffffffff8120d1c1>] ? __fget_light+0x61/0x90
[ 135.559374] [<ffffffff81202124>] SyS_ioctl+0x74/0x80
[ 135.559987] [<ffffffff81809857>] entry_SYSCALL_64_fastpath+0x12/0x6f
[ 135.560842] ---[ end trace 2a5c1fc3205abbdd ]---
Reason:
When big data writen to fs, the whole free space will be allocated
for data chunk.
And operation as scrub need to set_block_ro(), and when there is
only one metadata chunk in system(or other metadata chunks
are all full), the function will try to allocate a new chunk,
and failed because no space in device.
Fix:
When set_block_ro failed for metadata chunk, it is not a problem
because scrub_lock paused commit_trancaction in same time, and
metadata are always cowed, so the on-the-fly writepages will not
write data into same place with scrub/replace.
Let replace continue in this case is no problem.
Tested by above script, and xfstests/011, plus 100 times xfstests/070.
Changelog v1->v2:
1: Add detail comments in source and commit-message.
2: Add dmesg detail into commit-message.
3: Limit return value of -ENOSPC to be passed.
All suggested by: Filipe Manana <fdmanana@gmail.com>
Suggested-by: Filipe Manana <fdmanana@gmail.com>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-11-17 18:46:17 +08:00
|
|
|
if (ro_set)
|
2016-06-23 06:54:24 +08:00
|
|
|
btrfs_dec_block_group_ro(cache);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
2015-11-19 19:45:48 +08:00
|
|
|
/*
|
|
|
|
* We might have prevented the cleaner kthread from deleting
|
|
|
|
* this block group if it was already unused because we raced
|
|
|
|
* and set it to RO mode first. So add it back to the unused
|
|
|
|
* list, otherwise it might not ever be deleted unless a manual
|
|
|
|
* balance is triggered or it becomes used and unused again.
|
|
|
|
*/
|
|
|
|
spin_lock(&cache->lock);
|
|
|
|
if (!cache->removed && !cache->ro && cache->reserved == 0 &&
|
|
|
|
btrfs_block_group_used(&cache->item) == 0) {
|
|
|
|
spin_unlock(&cache->lock);
|
|
|
|
spin_lock(&fs_info->unused_bgs_lock);
|
|
|
|
if (list_empty(&cache->bg_list)) {
|
|
|
|
btrfs_get_block_group(cache);
|
|
|
|
list_add_tail(&cache->bg_list,
|
|
|
|
&fs_info->unused_bgs);
|
|
|
|
}
|
|
|
|
spin_unlock(&fs_info->unused_bgs_lock);
|
|
|
|
} else {
|
|
|
|
spin_unlock(&cache->lock);
|
|
|
|
}
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
btrfs_put_block_group(cache);
|
|
|
|
if (ret)
|
|
|
|
break;
|
2012-11-28 01:39:51 +08:00
|
|
|
if (is_dev_replace &&
|
|
|
|
atomic64_read(&dev_replace->num_write_errors) > 0) {
|
2012-11-06 18:43:11 +08:00
|
|
|
ret = -EIO;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (sctx->stat.malloc_errors > 0) {
|
|
|
|
ret = -ENOMEM;
|
|
|
|
break;
|
|
|
|
}
|
2014-06-19 10:42:51 +08:00
|
|
|
skip:
|
2011-03-08 21:14:00 +08:00
|
|
|
key.offset = found_key.offset + length;
|
2011-05-23 18:30:52 +08:00
|
|
|
btrfs_release_path(path);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
btrfs_free_path(path);
|
2011-06-03 16:09:26 +08:00
|
|
|
|
2015-08-05 16:43:30 +08:00
|
|
|
return ret;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-11-02 20:26:57 +08:00
|
|
|
static noinline_for_stack int scrub_supers(struct scrub_ctx *sctx,
|
|
|
|
struct btrfs_device *scrub_dev)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
u64 bytenr;
|
|
|
|
u64 gen;
|
|
|
|
int ret;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2016-06-23 06:54:23 +08:00
|
|
|
if (test_bit(BTRFS_FS_STATE_ERROR, &fs_info->fs_state))
|
2012-03-12 23:03:00 +08:00
|
|
|
return -EIO;
|
|
|
|
|
2014-07-24 11:37:09 +08:00
|
|
|
/* Seed devices of a new filesystem has their own generation. */
|
2016-06-23 06:54:23 +08:00
|
|
|
if (scrub_dev->fs_devices != fs_info->fs_devices)
|
2014-07-24 11:37:09 +08:00
|
|
|
gen = scrub_dev->generation;
|
|
|
|
else
|
2016-06-23 06:54:23 +08:00
|
|
|
gen = fs_info->last_trans_committed;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
for (i = 0; i < BTRFS_SUPER_MIRROR_MAX; i++) {
|
|
|
|
bytenr = btrfs_sb_offset(i);
|
2014-09-03 21:35:33 +08:00
|
|
|
if (bytenr + BTRFS_SUPER_INFO_SIZE >
|
|
|
|
scrub_dev->commit_total_bytes)
|
2011-03-08 21:14:00 +08:00
|
|
|
break;
|
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
ret = scrub_pages(sctx, bytenr, BTRFS_SUPER_INFO_SIZE, bytenr,
|
2012-11-02 20:26:57 +08:00
|
|
|
scrub_dev, BTRFS_EXTENT_FLAG_SUPER, gen, i,
|
2012-11-06 18:43:11 +08:00
|
|
|
NULL, 1, bytenr);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
}
|
2012-11-02 23:44:58 +08:00
|
|
|
wait_event(sctx->list_wait, atomic_read(&sctx->bios_in_flight) == 0);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* get a reference count on fs_info->scrub_workers. start worker if necessary
|
|
|
|
*/
|
2012-11-06 18:43:11 +08:00
|
|
|
static noinline_for_stack int scrub_workers_get(struct btrfs_fs_info *fs_info,
|
|
|
|
int is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
2015-02-17 01:34:01 +08:00
|
|
|
unsigned int flags = WQ_FREEZABLE | WQ_UNBOUND;
|
2014-02-28 10:46:17 +08:00
|
|
|
int max_active = fs_info->thread_pool_size;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2011-06-10 18:07:07 +08:00
|
|
|
if (fs_info->scrub_workers_refcnt == 0) {
|
2017-04-01 00:42:57 +08:00
|
|
|
fs_info->scrub_workers = btrfs_alloc_workqueue(fs_info, "scrub",
|
|
|
|
flags, is_dev_replace ? 1 : max_active, 4);
|
2015-06-12 20:36:58 +08:00
|
|
|
if (!fs_info->scrub_workers)
|
|
|
|
goto fail_scrub_workers;
|
|
|
|
|
2014-02-28 10:46:17 +08:00
|
|
|
fs_info->scrub_wr_completion_workers =
|
2016-06-10 04:22:11 +08:00
|
|
|
btrfs_alloc_workqueue(fs_info, "scrubwrc", flags,
|
2014-02-28 10:46:17 +08:00
|
|
|
max_active, 2);
|
2015-06-12 20:36:58 +08:00
|
|
|
if (!fs_info->scrub_wr_completion_workers)
|
|
|
|
goto fail_scrub_wr_completion_workers;
|
|
|
|
|
2014-02-28 10:46:17 +08:00
|
|
|
fs_info->scrub_nocow_workers =
|
2016-06-10 04:22:11 +08:00
|
|
|
btrfs_alloc_workqueue(fs_info, "scrubnc", flags, 1, 0);
|
2015-06-12 20:36:58 +08:00
|
|
|
if (!fs_info->scrub_nocow_workers)
|
|
|
|
goto fail_scrub_nocow_workers;
|
2015-06-04 20:09:15 +08:00
|
|
|
fs_info->scrub_parity_workers =
|
2016-06-10 04:22:11 +08:00
|
|
|
btrfs_alloc_workqueue(fs_info, "scrubparity", flags,
|
2015-06-04 20:09:15 +08:00
|
|
|
max_active, 2);
|
2015-06-12 20:36:58 +08:00
|
|
|
if (!fs_info->scrub_parity_workers)
|
|
|
|
goto fail_scrub_parity_workers;
|
2011-06-10 18:07:07 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
++fs_info->scrub_workers_refcnt;
|
2015-06-12 20:36:58 +08:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
fail_scrub_parity_workers:
|
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_nocow_workers);
|
|
|
|
fail_scrub_nocow_workers:
|
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_wr_completion_workers);
|
|
|
|
fail_scrub_wr_completion_workers:
|
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_workers);
|
|
|
|
fail_scrub_workers:
|
|
|
|
return -ENOMEM;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
2012-11-06 00:03:39 +08:00
|
|
|
static noinline_for_stack void scrub_workers_put(struct btrfs_fs_info *fs_info)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
2012-11-06 18:43:11 +08:00
|
|
|
if (--fs_info->scrub_workers_refcnt == 0) {
|
2014-02-28 10:46:17 +08:00
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_workers);
|
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_wr_completion_workers);
|
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_nocow_workers);
|
2015-06-04 20:09:15 +08:00
|
|
|
btrfs_destroy_workqueue(fs_info->scrub_parity_workers);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
WARN_ON(fs_info->scrub_workers_refcnt < 0);
|
|
|
|
}
|
|
|
|
|
2012-11-06 00:03:39 +08:00
|
|
|
int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start,
|
|
|
|
u64 end, struct btrfs_scrub_progress *progress,
|
2012-11-06 01:29:28 +08:00
|
|
|
int readonly, int is_dev_replace)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
int ret;
|
|
|
|
struct btrfs_device *dev;
|
2014-07-24 11:37:07 +08:00
|
|
|
struct rcu_string *name;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-06 00:03:39 +08:00
|
|
|
if (btrfs_fs_closing(fs_info))
|
2011-03-08 21:14:00 +08:00
|
|
|
return -EINVAL;
|
|
|
|
|
2016-06-15 21:22:56 +08:00
|
|
|
if (fs_info->nodesize > BTRFS_STRIPE_LEN) {
|
2012-03-28 02:21:27 +08:00
|
|
|
/*
|
|
|
|
* in this case scrub is unable to calculate the checksum
|
|
|
|
* the way scrub is implemented. Do not handle this
|
|
|
|
* situation at all because it won't ever happen.
|
|
|
|
*/
|
2013-12-21 00:37:06 +08:00
|
|
|
btrfs_err(fs_info,
|
|
|
|
"scrub: size assumption nodesize <= BTRFS_STRIPE_LEN (%d <= %d) fails",
|
2016-06-15 21:22:56 +08:00
|
|
|
fs_info->nodesize,
|
|
|
|
BTRFS_STRIPE_LEN);
|
2012-03-28 02:21:27 +08:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2016-06-15 21:22:56 +08:00
|
|
|
if (fs_info->sectorsize != PAGE_SIZE) {
|
2012-03-28 02:21:27 +08:00
|
|
|
/* not supported for data w/o checksums */
|
2016-07-04 12:34:39 +08:00
|
|
|
btrfs_err_rl(fs_info,
|
2016-09-20 22:05:00 +08:00
|
|
|
"scrub: size assumption sectorsize != PAGE_SIZE (%d != %lu) fails",
|
2016-06-15 21:22:56 +08:00
|
|
|
fs_info->sectorsize, PAGE_SIZE);
|
2011-03-08 21:14:00 +08:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2016-06-15 21:22:56 +08:00
|
|
|
if (fs_info->nodesize >
|
2012-11-02 21:58:04 +08:00
|
|
|
PAGE_SIZE * SCRUB_MAX_PAGES_PER_BLOCK ||
|
2016-06-15 21:22:56 +08:00
|
|
|
fs_info->sectorsize > PAGE_SIZE * SCRUB_MAX_PAGES_PER_BLOCK) {
|
2012-11-02 21:58:04 +08:00
|
|
|
/*
|
|
|
|
* would exhaust the array bounds of pagev member in
|
|
|
|
* struct scrub_block
|
|
|
|
*/
|
2016-09-20 22:05:00 +08:00
|
|
|
btrfs_err(fs_info,
|
|
|
|
"scrub: size assumption nodesize and sectorsize <= SCRUB_MAX_PAGES_PER_BLOCK (%d <= %d && %d <= %d) fails",
|
2016-06-15 21:22:56 +08:00
|
|
|
fs_info->nodesize,
|
2012-11-02 21:58:04 +08:00
|
|
|
SCRUB_MAX_PAGES_PER_BLOCK,
|
2016-06-15 21:22:56 +08:00
|
|
|
fs_info->sectorsize,
|
2012-11-02 21:58:04 +08:00
|
|
|
SCRUB_MAX_PAGES_PER_BLOCK);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-06 00:03:39 +08:00
|
|
|
mutex_lock(&fs_info->fs_devices->device_list_mutex);
|
|
|
|
dev = btrfs_find_device(fs_info, devid, NULL, NULL);
|
2017-12-04 12:54:54 +08:00
|
|
|
if (!dev || (test_bit(BTRFS_DEV_STATE_MISSING, &dev->dev_state) &&
|
|
|
|
!is_dev_replace)) {
|
2012-11-06 00:03:39 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
2011-03-08 21:14:00 +08:00
|
|
|
return -ENODEV;
|
|
|
|
}
|
|
|
|
|
2017-12-04 12:54:52 +08:00
|
|
|
if (!is_dev_replace && !readonly &&
|
|
|
|
!test_bit(BTRFS_DEV_STATE_WRITEABLE, &dev->dev_state)) {
|
2014-07-24 11:37:07 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
|
|
|
rcu_read_lock();
|
|
|
|
name = rcu_dereference(dev->name);
|
|
|
|
btrfs_err(fs_info, "scrub: device %s is not writable",
|
|
|
|
name->str);
|
|
|
|
rcu_read_unlock();
|
|
|
|
return -EROFS;
|
|
|
|
}
|
|
|
|
|
2013-10-12 02:11:12 +08:00
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
2017-12-04 12:54:53 +08:00
|
|
|
if (!test_bit(BTRFS_DEV_STATE_IN_FS_METADATA, &dev->dev_state) ||
|
2017-12-04 12:54:55 +08:00
|
|
|
test_bit(BTRFS_DEV_STATE_REPLACE_TGT, &dev->dev_state)) {
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
2012-11-06 00:03:39 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
|
|
|
return -EIO;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
|
|
|
|
Btrfs: fix lockdep deadlock warning due to dev_replace
Xfstests btrfs/011 complains about a deadlock warning,
[ 1226.649039] =========================================================
[ 1226.649039] [ INFO: possible irq lock inversion dependency detected ]
[ 1226.649039] 4.1.0+ #270 Not tainted
[ 1226.649039] ---------------------------------------------------------
[ 1226.652955] kswapd0/46 just changed the state of lock:
[ 1226.652955] (&delayed_node->mutex){+.+.-.}, at: [<ffffffff81458735>] __btrfs_release_delayed_node+0x45/0x1d0
[ 1226.652955] but this lock took another, RECLAIM_FS-unsafe lock in the past:
[ 1226.652955] (&fs_info->dev_replace.lock){+.+.+.}
and interrupts could create inverse lock ordering between them.
[ 1226.652955]
other info that might help us debug this:
[ 1226.652955] Chain exists of:
&delayed_node->mutex --> &found->groups_sem --> &fs_info->dev_replace.lock
[ 1226.652955] Possible interrupt unsafe locking scenario:
[ 1226.652955] CPU0 CPU1
[ 1226.652955] ---- ----
[ 1226.652955] lock(&fs_info->dev_replace.lock);
[ 1226.652955] local_irq_disable();
[ 1226.652955] lock(&delayed_node->mutex);
[ 1226.652955] lock(&found->groups_sem);
[ 1226.652955] <Interrupt>
[ 1226.652955] lock(&delayed_node->mutex);
[ 1226.652955]
*** DEADLOCK ***
Commit 084b6e7c7607 ("btrfs: Fix a lockdep warning when running xfstest.") tried
to fix a similar one that has the exactly same warning, but with that, we still
run to this.
The above lock chain comes from
btrfs_commit_transaction
->btrfs_run_delayed_items
...
->__btrfs_update_delayed_inode
...
->__btrfs_cow_block
...
->find_free_extent
->cache_block_group
->load_free_space_cache
->btrfs_readpages
->submit_one_bio
...
->__btrfs_map_block
->btrfs_dev_replace_lock
However, with high memory pressure, tasks which hold dev_replace.lock can
be interrupted by kswapd and then kswapd is intended to release memory occupied
by superblock, inodes and dentries, where we may call evict_inode, and it comes
to
[ 1226.652955] [<ffffffff81458735>] __btrfs_release_delayed_node+0x45/0x1d0
[ 1226.652955] [<ffffffff81459e74>] btrfs_remove_delayed_node+0x24/0x30
[ 1226.652955] [<ffffffff8140c5fe>] btrfs_evict_inode+0x34e/0x700
delayed_node->mutex may be acquired in __btrfs_release_delayed_node(), and it leads
to a ABBA deadlock.
To fix this, we can use "blocking rwlock" used in the case of extent_buffer, but
things are simpler here since we only needs read's spinlock to blocking lock.
With this, btrfs/011 no more produces warnings in dmesg.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2015-07-17 16:49:19 +08:00
|
|
|
btrfs_dev_replace_lock(&fs_info->dev_replace, 0);
|
2018-01-03 16:08:30 +08:00
|
|
|
if (dev->scrub_ctx ||
|
2012-11-06 20:15:27 +08:00
|
|
|
(!is_dev_replace &&
|
|
|
|
btrfs_dev_replace_is_ongoing(&fs_info->dev_replace))) {
|
Btrfs: fix lockdep deadlock warning due to dev_replace
Xfstests btrfs/011 complains about a deadlock warning,
[ 1226.649039] =========================================================
[ 1226.649039] [ INFO: possible irq lock inversion dependency detected ]
[ 1226.649039] 4.1.0+ #270 Not tainted
[ 1226.649039] ---------------------------------------------------------
[ 1226.652955] kswapd0/46 just changed the state of lock:
[ 1226.652955] (&delayed_node->mutex){+.+.-.}, at: [<ffffffff81458735>] __btrfs_release_delayed_node+0x45/0x1d0
[ 1226.652955] but this lock took another, RECLAIM_FS-unsafe lock in the past:
[ 1226.652955] (&fs_info->dev_replace.lock){+.+.+.}
and interrupts could create inverse lock ordering between them.
[ 1226.652955]
other info that might help us debug this:
[ 1226.652955] Chain exists of:
&delayed_node->mutex --> &found->groups_sem --> &fs_info->dev_replace.lock
[ 1226.652955] Possible interrupt unsafe locking scenario:
[ 1226.652955] CPU0 CPU1
[ 1226.652955] ---- ----
[ 1226.652955] lock(&fs_info->dev_replace.lock);
[ 1226.652955] local_irq_disable();
[ 1226.652955] lock(&delayed_node->mutex);
[ 1226.652955] lock(&found->groups_sem);
[ 1226.652955] <Interrupt>
[ 1226.652955] lock(&delayed_node->mutex);
[ 1226.652955]
*** DEADLOCK ***
Commit 084b6e7c7607 ("btrfs: Fix a lockdep warning when running xfstest.") tried
to fix a similar one that has the exactly same warning, but with that, we still
run to this.
The above lock chain comes from
btrfs_commit_transaction
->btrfs_run_delayed_items
...
->__btrfs_update_delayed_inode
...
->__btrfs_cow_block
...
->find_free_extent
->cache_block_group
->load_free_space_cache
->btrfs_readpages
->submit_one_bio
...
->__btrfs_map_block
->btrfs_dev_replace_lock
However, with high memory pressure, tasks which hold dev_replace.lock can
be interrupted by kswapd and then kswapd is intended to release memory occupied
by superblock, inodes and dentries, where we may call evict_inode, and it comes
to
[ 1226.652955] [<ffffffff81458735>] __btrfs_release_delayed_node+0x45/0x1d0
[ 1226.652955] [<ffffffff81459e74>] btrfs_remove_delayed_node+0x24/0x30
[ 1226.652955] [<ffffffff8140c5fe>] btrfs_evict_inode+0x34e/0x700
delayed_node->mutex may be acquired in __btrfs_release_delayed_node(), and it leads
to a ABBA deadlock.
To fix this, we can use "blocking rwlock" used in the case of extent_buffer, but
things are simpler here since we only needs read's spinlock to blocking lock.
With this, btrfs/011 no more produces warnings in dmesg.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2015-07-17 16:49:19 +08:00
|
|
|
btrfs_dev_replace_unlock(&fs_info->dev_replace, 0);
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
2012-11-06 00:03:39 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
2011-03-08 21:14:00 +08:00
|
|
|
return -EINPROGRESS;
|
|
|
|
}
|
Btrfs: fix lockdep deadlock warning due to dev_replace
Xfstests btrfs/011 complains about a deadlock warning,
[ 1226.649039] =========================================================
[ 1226.649039] [ INFO: possible irq lock inversion dependency detected ]
[ 1226.649039] 4.1.0+ #270 Not tainted
[ 1226.649039] ---------------------------------------------------------
[ 1226.652955] kswapd0/46 just changed the state of lock:
[ 1226.652955] (&delayed_node->mutex){+.+.-.}, at: [<ffffffff81458735>] __btrfs_release_delayed_node+0x45/0x1d0
[ 1226.652955] but this lock took another, RECLAIM_FS-unsafe lock in the past:
[ 1226.652955] (&fs_info->dev_replace.lock){+.+.+.}
and interrupts could create inverse lock ordering between them.
[ 1226.652955]
other info that might help us debug this:
[ 1226.652955] Chain exists of:
&delayed_node->mutex --> &found->groups_sem --> &fs_info->dev_replace.lock
[ 1226.652955] Possible interrupt unsafe locking scenario:
[ 1226.652955] CPU0 CPU1
[ 1226.652955] ---- ----
[ 1226.652955] lock(&fs_info->dev_replace.lock);
[ 1226.652955] local_irq_disable();
[ 1226.652955] lock(&delayed_node->mutex);
[ 1226.652955] lock(&found->groups_sem);
[ 1226.652955] <Interrupt>
[ 1226.652955] lock(&delayed_node->mutex);
[ 1226.652955]
*** DEADLOCK ***
Commit 084b6e7c7607 ("btrfs: Fix a lockdep warning when running xfstest.") tried
to fix a similar one that has the exactly same warning, but with that, we still
run to this.
The above lock chain comes from
btrfs_commit_transaction
->btrfs_run_delayed_items
...
->__btrfs_update_delayed_inode
...
->__btrfs_cow_block
...
->find_free_extent
->cache_block_group
->load_free_space_cache
->btrfs_readpages
->submit_one_bio
...
->__btrfs_map_block
->btrfs_dev_replace_lock
However, with high memory pressure, tasks which hold dev_replace.lock can
be interrupted by kswapd and then kswapd is intended to release memory occupied
by superblock, inodes and dentries, where we may call evict_inode, and it comes
to
[ 1226.652955] [<ffffffff81458735>] __btrfs_release_delayed_node+0x45/0x1d0
[ 1226.652955] [<ffffffff81459e74>] btrfs_remove_delayed_node+0x24/0x30
[ 1226.652955] [<ffffffff8140c5fe>] btrfs_evict_inode+0x34e/0x700
delayed_node->mutex may be acquired in __btrfs_release_delayed_node(), and it leads
to a ABBA deadlock.
To fix this, we can use "blocking rwlock" used in the case of extent_buffer, but
things are simpler here since we only needs read's spinlock to blocking lock.
With this, btrfs/011 no more produces warnings in dmesg.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2015-07-17 16:49:19 +08:00
|
|
|
btrfs_dev_replace_unlock(&fs_info->dev_replace, 0);
|
2013-10-12 02:11:12 +08:00
|
|
|
|
|
|
|
ret = scrub_workers_get(fs_info, is_dev_replace);
|
|
|
|
if (ret) {
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2012-11-06 01:29:28 +08:00
|
|
|
sctx = scrub_setup_ctx(dev, is_dev_replace);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (IS_ERR(sctx)) {
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
2012-11-06 00:03:39 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
|
|
|
scrub_workers_put(fs_info);
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
return PTR_ERR(sctx);
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
sctx->readonly = readonly;
|
2018-01-03 16:08:30 +08:00
|
|
|
dev->scrub_ctx = sctx;
|
2013-12-04 21:15:19 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2013-12-04 21:15:19 +08:00
|
|
|
/*
|
|
|
|
* checking @scrub_pause_req here, we can avoid
|
|
|
|
* race between committing transaction and scrubbing.
|
|
|
|
*/
|
2013-12-04 21:16:53 +08:00
|
|
|
__scrub_blocked_if_needed(fs_info);
|
2011-03-08 21:14:00 +08:00
|
|
|
atomic_inc(&fs_info->scrubs_running);
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
if (!is_dev_replace) {
|
2013-10-25 19:12:02 +08:00
|
|
|
/*
|
|
|
|
* by holding device list mutex, we can
|
|
|
|
* kick off writing super in log tree sync.
|
|
|
|
*/
|
2013-12-04 21:15:19 +08:00
|
|
|
mutex_lock(&fs_info->fs_devices->device_list_mutex);
|
2012-11-06 18:43:11 +08:00
|
|
|
ret = scrub_supers(sctx, dev);
|
2013-12-04 21:15:19 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
if (!ret)
|
2012-11-06 18:43:11 +08:00
|
|
|
ret = scrub_enumerate_chunks(sctx, dev, start, end,
|
|
|
|
is_dev_replace);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
wait_event(sctx->list_wait, atomic_read(&sctx->bios_in_flight) == 0);
|
2011-03-08 21:14:00 +08:00
|
|
|
atomic_dec(&fs_info->scrubs_running);
|
|
|
|
wake_up(&fs_info->scrub_pause_wait);
|
|
|
|
|
2012-11-02 23:44:58 +08:00
|
|
|
wait_event(sctx->list_wait, atomic_read(&sctx->workers_pending) == 0);
|
2011-06-14 02:04:15 +08:00
|
|
|
|
2011-03-08 21:14:00 +08:00
|
|
|
if (progress)
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
memcpy(progress, &sctx->stat, sizeof(*progress));
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
2018-01-03 16:08:30 +08:00
|
|
|
dev->scrub_ctx = NULL;
|
2013-10-12 02:11:12 +08:00
|
|
|
scrub_workers_put(fs_info);
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
|
2015-02-10 05:14:24 +08:00
|
|
|
scrub_put_ctx(sctx);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2016-06-23 06:54:24 +08:00
|
|
|
void btrfs_scrub_pause(struct btrfs_fs_info *fs_info)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
atomic_inc(&fs_info->scrub_pause_req);
|
|
|
|
while (atomic_read(&fs_info->scrubs_paused) !=
|
|
|
|
atomic_read(&fs_info->scrubs_running)) {
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
wait_event(fs_info->scrub_pause_wait,
|
|
|
|
atomic_read(&fs_info->scrubs_paused) ==
|
|
|
|
atomic_read(&fs_info->scrubs_running));
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
}
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
}
|
|
|
|
|
2016-06-23 06:54:24 +08:00
|
|
|
void btrfs_scrub_continue(struct btrfs_fs_info *fs_info)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
atomic_dec(&fs_info->scrub_pause_req);
|
|
|
|
wake_up(&fs_info->scrub_pause_wait);
|
|
|
|
}
|
|
|
|
|
2012-11-06 00:03:39 +08:00
|
|
|
int btrfs_scrub_cancel(struct btrfs_fs_info *fs_info)
|
2011-03-08 21:14:00 +08:00
|
|
|
{
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
if (!atomic_read(&fs_info->scrubs_running)) {
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
return -ENOTCONN;
|
|
|
|
}
|
|
|
|
|
|
|
|
atomic_inc(&fs_info->scrub_cancel_req);
|
|
|
|
while (atomic_read(&fs_info->scrubs_running)) {
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
wait_event(fs_info->scrub_pause_wait,
|
|
|
|
atomic_read(&fs_info->scrubs_running) == 0);
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
}
|
|
|
|
atomic_dec(&fs_info->scrub_cancel_req);
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2012-11-06 00:03:39 +08:00
|
|
|
int btrfs_scrub_cancel_dev(struct btrfs_fs_info *fs_info,
|
|
|
|
struct btrfs_device *dev)
|
2012-03-02 00:24:58 +08:00
|
|
|
{
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
2018-01-03 16:08:30 +08:00
|
|
|
sctx = dev->scrub_ctx;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (!sctx) {
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
return -ENOTCONN;
|
|
|
|
}
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
atomic_inc(&sctx->cancel_req);
|
2018-01-03 16:08:30 +08:00
|
|
|
while (dev->scrub_ctx) {
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
wait_event(fs_info->scrub_pause_wait,
|
2018-01-03 16:08:30 +08:00
|
|
|
dev->scrub_ctx == NULL);
|
2011-03-08 21:14:00 +08:00
|
|
|
mutex_lock(&fs_info->scrub_lock);
|
|
|
|
}
|
|
|
|
mutex_unlock(&fs_info->scrub_lock);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
2012-03-28 02:21:26 +08:00
|
|
|
|
2016-06-23 06:54:24 +08:00
|
|
|
int btrfs_scrub_progress(struct btrfs_fs_info *fs_info, u64 devid,
|
2011-03-08 21:14:00 +08:00
|
|
|
struct btrfs_scrub_progress *progress)
|
|
|
|
{
|
|
|
|
struct btrfs_device *dev;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
struct scrub_ctx *sctx = NULL;
|
2011-03-08 21:14:00 +08:00
|
|
|
|
2016-06-23 06:54:23 +08:00
|
|
|
mutex_lock(&fs_info->fs_devices->device_list_mutex);
|
|
|
|
dev = btrfs_find_device(fs_info, devid, NULL, NULL);
|
2011-03-08 21:14:00 +08:00
|
|
|
if (dev)
|
2018-01-03 16:08:30 +08:00
|
|
|
sctx = dev->scrub_ctx;
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
if (sctx)
|
|
|
|
memcpy(progress, &sctx->stat, sizeof(*progress));
|
2016-06-23 06:54:23 +08:00
|
|
|
mutex_unlock(&fs_info->fs_devices->device_list_mutex);
|
2011-03-08 21:14:00 +08:00
|
|
|
|
Btrfs: rename the scrub context structure
The device replace procedure makes use of the scrub code. The scrub
code is the most efficient code to read the allocated data of a disk,
i.e. it reads sequentially in order to avoid disk head movements, it
skips unallocated blocks, it uses read ahead mechanisms, and it
contains all the code to detect and repair defects.
This commit is a first preparation step to adapt the scrub code to
be shareable for the device replace procedure.
The block device will be removed from the scrub context state
structure in a later step. It used to be the source block device.
The scrub code as it is used for the device replace procedure reads
the source data from whereever it is optimal. The source device might
even be gone (disconnected, for instance due to a hardware failure).
Or the drive can be so faulty so that the device replace procedure
tries to avoid access to the faulty source drive as much as possible,
and only if all other mirrors are damaged, as a last resort, the
source disk is accessed.
The modified scrub code operates as if it would handle the source
drive and thereby generates an exact copy of the source disk on the
target disk, even if the source disk is not present at all. Therefore
the block device pointer to the source disk is removed in a later
patch, and therefore the context structure is renamed (this is the
goal of the current patch) to reflect that no source block device
scope is there anymore.
Summary:
This first preparation step consists of a textual substitution of the
term "dev" to the term "ctx" whereever the scrub context is used.
Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2012-11-02 16:58:09 +08:00
|
|
|
return dev ? (sctx ? 0 : -ENOTCONN) : -ENODEV;
|
2011-03-08 21:14:00 +08:00
|
|
|
}
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
static void scrub_remap_extent(struct btrfs_fs_info *fs_info,
|
|
|
|
u64 extent_logical, u64 extent_len,
|
|
|
|
u64 *extent_physical,
|
|
|
|
struct btrfs_device **extent_dev,
|
|
|
|
int *extent_mirror_num)
|
|
|
|
{
|
|
|
|
u64 mapped_length;
|
|
|
|
struct btrfs_bio *bbio = NULL;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
mapped_length = extent_len;
|
2016-10-27 15:27:36 +08:00
|
|
|
ret = btrfs_map_block(fs_info, BTRFS_MAP_READ, extent_logical,
|
2012-11-06 18:43:11 +08:00
|
|
|
&mapped_length, &bbio, 0);
|
|
|
|
if (ret || !bbio || mapped_length < extent_len ||
|
|
|
|
!bbio->stripes[0].dev->bdev) {
|
2015-01-20 15:11:34 +08:00
|
|
|
btrfs_put_bbio(bbio);
|
2012-11-06 18:43:11 +08:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
*extent_physical = bbio->stripes[0].physical;
|
|
|
|
*extent_mirror_num = bbio->mirror_num;
|
|
|
|
*extent_dev = bbio->stripes[0].dev;
|
2015-01-20 15:11:34 +08:00
|
|
|
btrfs_put_bbio(bbio);
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static int copy_nocow_pages(struct scrub_ctx *sctx, u64 logical, u64 len,
|
|
|
|
int mirror_num, u64 physical_for_dev_replace)
|
|
|
|
{
|
|
|
|
struct scrub_copy_nocow_ctx *nocow_ctx;
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
nocow_ctx = kzalloc(sizeof(*nocow_ctx), GFP_NOFS);
|
|
|
|
if (!nocow_ctx) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
|
|
|
scrub_pending_trans_workers_inc(sctx);
|
|
|
|
|
|
|
|
nocow_ctx->sctx = sctx;
|
|
|
|
nocow_ctx->logical = logical;
|
|
|
|
nocow_ctx->len = len;
|
|
|
|
nocow_ctx->mirror_num = mirror_num;
|
|
|
|
nocow_ctx->physical_for_dev_replace = physical_for_dev_replace;
|
Btrfs: fix task hang under heavy compressed write
This has been reported and discussed for a long time, and this hang occurs in
both 3.15 and 3.16.
Btrfs now migrates to use kernel workqueue, but it introduces this hang problem.
Btrfs has a kind of work queued as an ordered way, which means that its
ordered_func() must be processed in the way of FIFO, so it usually looks like --
normal_work_helper(arg)
work = container_of(arg, struct btrfs_work, normal_work);
work->func() <---- (we name it work X)
for ordered_work in wq->ordered_list
ordered_work->ordered_func()
ordered_work->ordered_free()
The hang is a rare case, first when we find free space, we get an uncached block
group, then we go to read its free space cache inode for free space information,
so it will
file a readahead request
btrfs_readpages()
for page that is not in page cache
__do_readpage()
submit_extent_page()
btrfs_submit_bio_hook()
btrfs_bio_wq_end_io()
submit_bio()
end_workqueue_bio() <--(ret by the 1st endio)
queue a work(named work Y) for the 2nd
also the real endio()
So the hang occurs when work Y's work_struct and work X's work_struct happens
to share the same address.
A bit more explanation,
A,B,C -- struct btrfs_work
arg -- struct work_struct
kthread:
worker_thread()
pick up a work_struct from @worklist
process_one_work(arg)
worker->current_work = arg; <-- arg is A->normal_work
worker->current_func(arg)
normal_work_helper(arg)
A = container_of(arg, struct btrfs_work, normal_work);
A->func()
A->ordered_func()
A->ordered_free() <-- A gets freed
B->ordered_func()
submit_compressed_extents()
find_free_extent()
load_free_space_inode()
... <-- (the above readhead stack)
end_workqueue_bio()
btrfs_queue_work(work C)
B->ordered_free()
As if work A has a high priority in wq->ordered_list and there are more ordered
works queued after it, such as B->ordered_func(), its memory could have been
freed before normal_work_helper() returns, which means that kernel workqueue
code worker_thread() still has worker->current_work pointer to be work
A->normal_work's, ie. arg's address.
Meanwhile, work C is allocated after work A is freed, work C->normal_work
and work A->normal_work are likely to share the same address(I confirmed this
with ftrace output, so I'm not just guessing, it's rare though).
When another kthread picks up work C->normal_work to process, and finds our
kthread is processing it(see find_worker_executing_work()), it'll think
work C as a collision and skip then, which ends up nobody processing work C.
So the situation is that our kthread is waiting forever on work C.
Besides, there're other cases that can lead to deadlock, but the real problem
is that all btrfs workqueue shares one work->func, -- normal_work_helper,
so this makes each workqueue to have its own helper function, but only a
wraper pf normal_work_helper.
With this patch, I no long hit the above hang.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Chris Mason <clm@fb.com>
2014-08-15 23:36:53 +08:00
|
|
|
btrfs_init_work(&nocow_ctx->work, btrfs_scrubnc_helper,
|
|
|
|
copy_nocow_pages_worker, NULL, NULL);
|
2013-09-13 04:58:28 +08:00
|
|
|
INIT_LIST_HEAD(&nocow_ctx->inodes);
|
2014-02-28 10:46:17 +08:00
|
|
|
btrfs_queue_work(fs_info->scrub_nocow_workers,
|
|
|
|
&nocow_ctx->work);
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-09-13 04:58:28 +08:00
|
|
|
static int record_inode_for_nocow(u64 inum, u64 offset, u64 root, void *ctx)
|
|
|
|
{
|
|
|
|
struct scrub_copy_nocow_ctx *nocow_ctx = ctx;
|
|
|
|
struct scrub_nocow_inode *nocow_inode;
|
|
|
|
|
|
|
|
nocow_inode = kzalloc(sizeof(*nocow_inode), GFP_NOFS);
|
|
|
|
if (!nocow_inode)
|
|
|
|
return -ENOMEM;
|
|
|
|
nocow_inode->inum = inum;
|
|
|
|
nocow_inode->offset = offset;
|
|
|
|
nocow_inode->root = root;
|
|
|
|
list_add_tail(&nocow_inode->list, &nocow_ctx->inodes);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define COPY_COMPLETE 1
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
static void copy_nocow_pages_worker(struct btrfs_work *work)
|
|
|
|
{
|
|
|
|
struct scrub_copy_nocow_ctx *nocow_ctx =
|
|
|
|
container_of(work, struct scrub_copy_nocow_ctx, work);
|
|
|
|
struct scrub_ctx *sctx = nocow_ctx->sctx;
|
2016-06-23 06:54:23 +08:00
|
|
|
struct btrfs_fs_info *fs_info = sctx->fs_info;
|
|
|
|
struct btrfs_root *root = fs_info->extent_root;
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 logical = nocow_ctx->logical;
|
|
|
|
u64 len = nocow_ctx->len;
|
|
|
|
int mirror_num = nocow_ctx->mirror_num;
|
|
|
|
u64 physical_for_dev_replace = nocow_ctx->physical_for_dev_replace;
|
|
|
|
int ret;
|
|
|
|
struct btrfs_trans_handle *trans = NULL;
|
|
|
|
struct btrfs_path *path;
|
|
|
|
int not_written = 0;
|
|
|
|
|
|
|
|
path = btrfs_alloc_path();
|
|
|
|
if (!path) {
|
|
|
|
spin_lock(&sctx->stat_lock);
|
|
|
|
sctx->stat.malloc_errors++;
|
|
|
|
spin_unlock(&sctx->stat_lock);
|
|
|
|
not_written = 1;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
trans = btrfs_join_transaction(root);
|
|
|
|
if (IS_ERR(trans)) {
|
|
|
|
not_written = 1;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = iterate_inodes_from_logical(logical, fs_info, path,
|
btrfs: add a flag to iterate_inodes_from_logical to find all extent refs for uncompressed extents
The LOGICAL_INO ioctl provides a backward mapping from extent bytenr and
offset (encoded as a single logical address) to a list of extent refs.
LOGICAL_INO complements TREE_SEARCH, which provides the forward mapping
(extent ref -> extent bytenr and offset, or logical address). These are
useful capabilities for programs that manipulate extents and extent
references from userspace (e.g. dedup and defrag utilities).
When the extents are uncompressed (and not encrypted and not other),
check_extent_in_eb performs filtering of the extent refs to remove any
extent refs which do not contain the same extent offset as the 'logical'
parameter's extent offset. This prevents LOGICAL_INO from returning
references to more than a single block.
To find the set of extent references to an uncompressed extent from [a, b),
userspace has to run a loop like this pseudocode:
for (i = a; i < b; ++i)
extent_ref_set += LOGICAL_INO(i);
At each iteration of the loop (up to 32768 iterations for a 128M extent),
data we are interested in is collected in the kernel, then deleted by
the filter in check_extent_in_eb.
When the extents are compressed (or encrypted or other), the 'logical'
parameter must be an extent bytenr (the 'a' parameter in the loop).
No filtering by extent offset is done (or possible?) so the result is
the complete set of extent refs for the entire extent. This removes
the need for the loop, since we get all the extent refs in one call.
Add an 'ignore_offset' argument to iterate_inodes_from_logical,
[...several levels of function call graph...], and check_extent_in_eb, so
that we can disable the extent offset filtering for uncompressed extents.
This flag can be set by an improved version of the LOGICAL_INO ioctl to
get either behavior as desired.
There is no functional change in this patch. The new flag is always
false.
Signed-off-by: Zygo Blaxell <ce3g8jdj@umail.furryterror.org>
Reviewed-by: David Sterba <dsterba@suse.com>
[ minor coding style fixes ]
Signed-off-by: David Sterba <dsterba@suse.com>
2017-09-23 01:58:45 +08:00
|
|
|
record_inode_for_nocow, nocow_ctx, false);
|
2012-11-06 18:43:11 +08:00
|
|
|
if (ret != 0 && ret != -ENOENT) {
|
2016-09-20 22:05:00 +08:00
|
|
|
btrfs_warn(fs_info,
|
|
|
|
"iterate_inodes_from_logical() failed: log %llu, phys %llu, len %llu, mir %u, ret %d",
|
|
|
|
logical, physical_for_dev_replace, len, mirror_num,
|
|
|
|
ret);
|
2012-11-06 18:43:11 +08:00
|
|
|
not_written = 1;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2016-09-10 09:39:03 +08:00
|
|
|
btrfs_end_transaction(trans);
|
2013-09-13 04:58:28 +08:00
|
|
|
trans = NULL;
|
|
|
|
while (!list_empty(&nocow_ctx->inodes)) {
|
|
|
|
struct scrub_nocow_inode *entry;
|
|
|
|
entry = list_first_entry(&nocow_ctx->inodes,
|
|
|
|
struct scrub_nocow_inode,
|
|
|
|
list);
|
|
|
|
list_del_init(&entry->list);
|
|
|
|
ret = copy_nocow_pages_for_inode(entry->inum, entry->offset,
|
|
|
|
entry->root, nocow_ctx);
|
|
|
|
kfree(entry);
|
|
|
|
if (ret == COPY_COMPLETE) {
|
|
|
|
ret = 0;
|
|
|
|
break;
|
|
|
|
} else if (ret) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2012-11-06 18:43:11 +08:00
|
|
|
out:
|
2013-09-13 04:58:28 +08:00
|
|
|
while (!list_empty(&nocow_ctx->inodes)) {
|
|
|
|
struct scrub_nocow_inode *entry;
|
|
|
|
entry = list_first_entry(&nocow_ctx->inodes,
|
|
|
|
struct scrub_nocow_inode,
|
|
|
|
list);
|
|
|
|
list_del_init(&entry->list);
|
|
|
|
kfree(entry);
|
|
|
|
}
|
2012-11-06 18:43:11 +08:00
|
|
|
if (trans && !IS_ERR(trans))
|
2016-09-10 09:39:03 +08:00
|
|
|
btrfs_end_transaction(trans);
|
2012-11-06 18:43:11 +08:00
|
|
|
if (not_written)
|
|
|
|
btrfs_dev_replace_stats_inc(&fs_info->dev_replace.
|
|
|
|
num_uncorrectable_read_errors);
|
|
|
|
|
|
|
|
btrfs_free_path(path);
|
|
|
|
kfree(nocow_ctx);
|
|
|
|
|
|
|
|
scrub_pending_trans_workers_dec(sctx);
|
|
|
|
}
|
|
|
|
|
2017-02-20 19:51:05 +08:00
|
|
|
static int check_extent_to_block(struct btrfs_inode *inode, u64 start, u64 len,
|
2014-11-10 15:36:08 +08:00
|
|
|
u64 logical)
|
|
|
|
{
|
|
|
|
struct extent_state *cached_state = NULL;
|
|
|
|
struct btrfs_ordered_extent *ordered;
|
|
|
|
struct extent_io_tree *io_tree;
|
|
|
|
struct extent_map *em;
|
|
|
|
u64 lockstart = start, lockend = start + len - 1;
|
|
|
|
int ret = 0;
|
|
|
|
|
2017-02-20 19:51:05 +08:00
|
|
|
io_tree = &inode->io_tree;
|
2014-11-10 15:36:08 +08:00
|
|
|
|
2015-12-03 21:30:40 +08:00
|
|
|
lock_extent_bits(io_tree, lockstart, lockend, &cached_state);
|
2017-02-20 19:51:05 +08:00
|
|
|
ordered = btrfs_lookup_ordered_range(inode, lockstart, len);
|
2014-11-10 15:36:08 +08:00
|
|
|
if (ordered) {
|
|
|
|
btrfs_put_ordered_extent(ordered);
|
|
|
|
ret = 1;
|
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
|
|
|
|
em = btrfs_get_extent(inode, NULL, 0, start, len, 0);
|
|
|
|
if (IS_ERR(em)) {
|
|
|
|
ret = PTR_ERR(em);
|
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This extent does not actually cover the logical extent anymore,
|
|
|
|
* move on to the next inode.
|
|
|
|
*/
|
|
|
|
if (em->block_start > logical ||
|
|
|
|
em->block_start + em->block_len < logical + len) {
|
|
|
|
free_extent_map(em);
|
|
|
|
ret = 1;
|
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
free_extent_map(em);
|
|
|
|
|
|
|
|
out_unlock:
|
2017-12-13 04:43:52 +08:00
|
|
|
unlock_extent_cached(io_tree, lockstart, lockend, &cached_state);
|
2014-11-10 15:36:08 +08:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-09-13 04:58:28 +08:00
|
|
|
static int copy_nocow_pages_for_inode(u64 inum, u64 offset, u64 root,
|
|
|
|
struct scrub_copy_nocow_ctx *nocow_ctx)
|
2012-11-06 18:43:11 +08:00
|
|
|
{
|
2016-06-23 06:54:56 +08:00
|
|
|
struct btrfs_fs_info *fs_info = nocow_ctx->sctx->fs_info;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_key key;
|
2013-06-27 18:50:59 +08:00
|
|
|
struct inode *inode;
|
|
|
|
struct page *page;
|
2012-11-06 18:43:11 +08:00
|
|
|
struct btrfs_root *local_root;
|
2013-09-13 04:58:28 +08:00
|
|
|
struct extent_io_tree *io_tree;
|
2012-11-06 18:43:11 +08:00
|
|
|
u64 physical_for_dev_replace;
|
2014-11-10 15:36:08 +08:00
|
|
|
u64 nocow_ctx_logical;
|
2013-09-13 04:58:28 +08:00
|
|
|
u64 len = nocow_ctx->len;
|
2013-06-27 18:50:59 +08:00
|
|
|
unsigned long index;
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
int srcu_index;
|
2013-09-13 04:58:28 +08:00
|
|
|
int ret = 0;
|
|
|
|
int err = 0;
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
key.objectid = root;
|
|
|
|
key.type = BTRFS_ROOT_ITEM_KEY;
|
|
|
|
key.offset = (u64)-1;
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
|
|
|
|
srcu_index = srcu_read_lock(&fs_info->subvol_srcu);
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
local_root = btrfs_read_fs_root_no_name(fs_info, &key);
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
if (IS_ERR(local_root)) {
|
|
|
|
srcu_read_unlock(&fs_info->subvol_srcu, srcu_index);
|
2012-11-06 18:43:11 +08:00
|
|
|
return PTR_ERR(local_root);
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
}
|
2012-11-06 18:43:11 +08:00
|
|
|
|
|
|
|
key.type = BTRFS_INODE_ITEM_KEY;
|
|
|
|
key.objectid = inum;
|
|
|
|
key.offset = 0;
|
|
|
|
inode = btrfs_iget(fs_info->sb, &key, local_root, NULL);
|
Btrfs: fix race between snapshot deletion and getting inode
While running snapshot testscript created by Mitch and David,
the race between autodefrag and snapshot deletion can lead to
corruption of dead_root list so that we can get crash on
btrfs_clean_old_snapshots().
And besides autodefrag, scrub also does the same thing, ie. read
root first and get inode.
Here is the story(take autodefrag as an example):
(1) when we delete a snapshot or subvolume, it will set its root's
refs to zero and do a iput() on its own inode, and if this inode happens
to be the only active in-meory one in root's inode rbtree, it will add
itself to the global dead_roots list for later cleanup.
(2) after (1), the autodefrag thread may read another inode for defrag
and the inode is just in the deleted snapshot/subvolume, but all of these
are without checking if the root is still valid(refs > 0). So the end up
result is adding the deleted snapshot/subvolume's root to the global
dead_roots list AGAIN.
Fortunately, we already have a srcu lock to avoid the race, ie. subvol_srcu.
So all we need to do is to take the lock to protect 'read root and get inode',
since we synchronize to wait for the rcu grace period before adding something
to the global dead_roots list.
Reported-by: Mitch Harder <mitch.harder@sabayonlinux.org>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-01-29 11:22:10 +08:00
|
|
|
srcu_read_unlock(&fs_info->subvol_srcu, srcu_index);
|
2012-11-06 18:43:11 +08:00
|
|
|
if (IS_ERR(inode))
|
|
|
|
return PTR_ERR(inode);
|
|
|
|
|
2013-06-27 18:51:00 +08:00
|
|
|
/* Avoid truncate/dio/punch hole.. */
|
2016-01-23 04:40:57 +08:00
|
|
|
inode_lock(inode);
|
2013-06-27 18:51:00 +08:00
|
|
|
inode_dio_wait(inode);
|
|
|
|
|
2012-11-06 18:43:11 +08:00
|
|
|
physical_for_dev_replace = nocow_ctx->physical_for_dev_replace;
|
2013-09-13 04:58:28 +08:00
|
|
|
io_tree = &BTRFS_I(inode)->io_tree;
|
2014-11-10 15:36:08 +08:00
|
|
|
nocow_ctx_logical = nocow_ctx->logical;
|
2013-09-13 04:58:28 +08:00
|
|
|
|
2017-02-20 19:51:05 +08:00
|
|
|
ret = check_extent_to_block(BTRFS_I(inode), offset, len,
|
|
|
|
nocow_ctx_logical);
|
2014-11-10 15:36:08 +08:00
|
|
|
if (ret) {
|
|
|
|
ret = ret > 0 ? 0 : ret;
|
|
|
|
goto out;
|
2013-09-13 04:58:28 +08:00
|
|
|
}
|
|
|
|
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
while (len >= PAGE_SIZE) {
|
|
|
|
index = offset >> PAGE_SHIFT;
|
2013-06-27 18:51:00 +08:00
|
|
|
again:
|
2012-11-06 18:43:11 +08:00
|
|
|
page = find_or_create_page(inode->i_mapping, index, GFP_NOFS);
|
|
|
|
if (!page) {
|
2013-12-21 00:37:06 +08:00
|
|
|
btrfs_err(fs_info, "find_or_create_page() failed");
|
2012-11-06 18:43:11 +08:00
|
|
|
ret = -ENOMEM;
|
2013-06-27 18:50:59 +08:00
|
|
|
goto out;
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (PageUptodate(page)) {
|
|
|
|
if (PageDirty(page))
|
|
|
|
goto next_page;
|
|
|
|
} else {
|
|
|
|
ClearPageError(page);
|
2014-11-10 15:36:08 +08:00
|
|
|
err = extent_read_full_page(io_tree, page,
|
2013-09-13 04:58:28 +08:00
|
|
|
btrfs_get_extent,
|
|
|
|
nocow_ctx->mirror_num);
|
2013-06-27 18:50:59 +08:00
|
|
|
if (err) {
|
|
|
|
ret = err;
|
2012-11-06 18:43:11 +08:00
|
|
|
goto next_page;
|
|
|
|
}
|
2013-06-27 18:51:00 +08:00
|
|
|
|
2013-06-27 18:50:58 +08:00
|
|
|
lock_page(page);
|
2013-06-27 18:51:00 +08:00
|
|
|
/*
|
|
|
|
* If the page has been remove from the page cache,
|
|
|
|
* the data on it is meaningless, because it may be
|
|
|
|
* old one, the new data may be written into the new
|
|
|
|
* page in the page cache.
|
|
|
|
*/
|
|
|
|
if (page->mapping != inode->i_mapping) {
|
2013-09-13 04:58:28 +08:00
|
|
|
unlock_page(page);
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
put_page(page);
|
2013-06-27 18:51:00 +08:00
|
|
|
goto again;
|
|
|
|
}
|
2012-11-06 18:43:11 +08:00
|
|
|
if (!PageUptodate(page)) {
|
|
|
|
ret = -EIO;
|
|
|
|
goto next_page;
|
|
|
|
}
|
|
|
|
}
|
2014-11-10 15:36:08 +08:00
|
|
|
|
2017-02-20 19:51:05 +08:00
|
|
|
ret = check_extent_to_block(BTRFS_I(inode), offset, len,
|
2014-11-10 15:36:08 +08:00
|
|
|
nocow_ctx_logical);
|
|
|
|
if (ret) {
|
|
|
|
ret = ret > 0 ? 0 : ret;
|
|
|
|
goto next_page;
|
|
|
|
}
|
|
|
|
|
2013-06-27 18:50:59 +08:00
|
|
|
err = write_page_nocow(nocow_ctx->sctx,
|
|
|
|
physical_for_dev_replace, page);
|
|
|
|
if (err)
|
|
|
|
ret = err;
|
2012-11-06 18:43:11 +08:00
|
|
|
next_page:
|
2013-06-27 18:50:59 +08:00
|
|
|
unlock_page(page);
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
put_page(page);
|
2013-06-27 18:50:59 +08:00
|
|
|
|
|
|
|
if (ret)
|
|
|
|
break;
|
|
|
|
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
offset += PAGE_SIZE;
|
|
|
|
physical_for_dev_replace += PAGE_SIZE;
|
|
|
|
nocow_ctx_logical += PAGE_SIZE;
|
|
|
|
len -= PAGE_SIZE;
|
2012-11-06 18:43:11 +08:00
|
|
|
}
|
2013-09-13 04:58:28 +08:00
|
|
|
ret = COPY_COMPLETE;
|
2013-06-27 18:50:59 +08:00
|
|
|
out:
|
2016-01-23 04:40:57 +08:00
|
|
|
inode_unlock(inode);
|
2013-06-27 18:50:59 +08:00
|
|
|
iput(inode);
|
2012-11-06 18:43:11 +08:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int write_page_nocow(struct scrub_ctx *sctx,
|
|
|
|
u64 physical_for_dev_replace, struct page *page)
|
|
|
|
{
|
|
|
|
struct bio *bio;
|
|
|
|
struct btrfs_device *dev;
|
|
|
|
int ret;
|
|
|
|
|
2017-05-17 01:10:32 +08:00
|
|
|
dev = sctx->wr_tgtdev;
|
2012-11-06 18:43:11 +08:00
|
|
|
if (!dev)
|
|
|
|
return -EIO;
|
|
|
|
if (!dev->bdev) {
|
2016-06-23 06:54:56 +08:00
|
|
|
btrfs_warn_rl(dev->fs_info,
|
2015-10-08 17:01:36 +08:00
|
|
|
"scrub write_page_nocow(bdev == NULL) is unexpected");
|
2012-11-06 18:43:11 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
2017-06-12 23:29:41 +08:00
|
|
|
bio = btrfs_io_bio_alloc(1);
|
2013-10-12 06:44:27 +08:00
|
|
|
bio->bi_iter.bi_size = 0;
|
|
|
|
bio->bi_iter.bi_sector = physical_for_dev_replace >> 9;
|
2017-08-24 01:10:32 +08:00
|
|
|
bio_set_dev(bio, dev->bdev);
|
2016-11-01 21:40:10 +08:00
|
|
|
bio->bi_opf = REQ_OP_WRITE | REQ_SYNC;
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 20:29:47 +08:00
|
|
|
ret = bio_add_page(bio, page, PAGE_SIZE, 0);
|
|
|
|
if (ret != PAGE_SIZE) {
|
2012-11-06 18:43:11 +08:00
|
|
|
leave_with_eio:
|
|
|
|
bio_put(bio);
|
|
|
|
btrfs_dev_stat_inc_and_print(dev, BTRFS_DEV_STAT_WRITE_ERRS);
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2016-06-06 03:31:41 +08:00
|
|
|
if (btrfsic_submit_bio_wait(bio))
|
2012-11-06 18:43:11 +08:00
|
|
|
goto leave_with_eio;
|
|
|
|
|
|
|
|
bio_put(bio);
|
|
|
|
return 0;
|
|
|
|
}
|