2019-05-24 04:04:05 -06:00
|
|
|
// SPDX-License-Identifier: GPL-2.0-or-later
|
2005-12-15 15:31:24 -07:00
|
|
|
/* -*- mode: c; c-basic-offset: 8; -*-
|
|
|
|
|
* vim: noexpandtab sw=8 ts=8 sts=0:
|
|
|
|
|
*
|
|
|
|
|
* dlmglue.c
|
|
|
|
|
*
|
|
|
|
|
* Code which implements an OCFS2 specific interface to our DLM.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2003, 2004 Oracle. All rights reserved.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <linux/types.h>
|
|
|
|
|
#include <linux/slab.h>
|
|
|
|
|
#include <linux/highmem.h>
|
|
|
|
|
#include <linux/mm.h>
|
|
|
|
|
#include <linux/kthread.h>
|
|
|
|
|
#include <linux/pagemap.h>
|
|
|
|
|
#include <linux/debugfs.h>
|
|
|
|
|
#include <linux/seq_file.h>
|
2008-05-13 14:45:15 -06:00
|
|
|
#include <linux/time.h>
|
2008-08-25 11:56:50 -06:00
|
|
|
#include <linux/quotaops.h>
|
2017-02-02 11:15:33 -07:00
|
|
|
#include <linux/sched/signal.h>
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
#define MLOG_MASK_PREFIX ML_DLM_GLUE
|
|
|
|
|
#include <cluster/masklog.h>
|
|
|
|
|
|
|
|
|
|
#include "ocfs2.h"
|
2008-01-25 18:02:21 -07:00
|
|
|
#include "ocfs2_lockingver.h"
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
#include "alloc.h"
|
2006-09-08 15:14:34 -06:00
|
|
|
#include "dcache.h"
|
2005-12-15 15:31:24 -07:00
|
|
|
#include "dlmglue.h"
|
|
|
|
|
#include "extent_map.h"
|
2006-11-15 00:48:42 -07:00
|
|
|
#include "file.h"
|
2005-12-15 15:31:24 -07:00
|
|
|
#include "heartbeat.h"
|
|
|
|
|
#include "inode.h"
|
|
|
|
|
#include "journal.h"
|
2008-01-29 18:37:32 -07:00
|
|
|
#include "stackglue.h"
|
2005-12-15 15:31:24 -07:00
|
|
|
#include "slot_map.h"
|
|
|
|
|
#include "super.h"
|
|
|
|
|
#include "uptodate.h"
|
2008-08-25 11:56:50 -06:00
|
|
|
#include "quota.h"
|
2009-08-17 21:19:58 -06:00
|
|
|
#include "refcounttree.h"
|
2016-03-24 07:38:37 -06:00
|
|
|
#include "acl.h"
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
#include "buffer_head_io.h"
|
|
|
|
|
|
|
|
|
|
struct ocfs2_mask_waiter {
|
|
|
|
|
struct list_head mw_item;
|
|
|
|
|
int mw_status;
|
|
|
|
|
struct completion mw_complete;
|
|
|
|
|
unsigned long mw_mask;
|
|
|
|
|
unsigned long mw_goal;
|
2008-05-13 14:45:15 -06:00
|
|
|
#ifdef CONFIG_OCFS2_FS_STATS
|
2010-12-29 00:26:03 -07:00
|
|
|
ktime_t mw_lock_start;
|
2008-05-13 14:45:15 -06:00
|
|
|
#endif
|
2005-12-15 15:31:24 -07:00
|
|
|
};
|
|
|
|
|
|
2006-09-12 22:49:13 -06:00
|
|
|
static struct ocfs2_super *ocfs2_get_dentry_osb(struct ocfs2_lock_res *lockres);
|
|
|
|
|
static struct ocfs2_super *ocfs2_get_inode_osb(struct ocfs2_lock_res *lockres);
|
2007-12-20 17:43:10 -07:00
|
|
|
static struct ocfs2_super *ocfs2_get_file_osb(struct ocfs2_lock_res *lockres);
|
2008-08-25 11:56:50 -06:00
|
|
|
static struct ocfs2_super *ocfs2_get_qinfo_osb(struct ocfs2_lock_res *lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
/*
|
2006-09-13 22:52:21 -06:00
|
|
|
* Return value from ->downconvert_worker functions.
|
2006-09-08 15:14:34 -06:00
|
|
|
*
|
2006-09-13 23:01:16 -06:00
|
|
|
* These control the precise actions of ocfs2_unblock_lock()
|
2006-09-08 15:14:34 -06:00
|
|
|
* and ocfs2_process_blocked_lock()
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
enum ocfs2_unblock_action {
|
|
|
|
|
UNBLOCK_CONTINUE = 0, /* Continue downconvert */
|
|
|
|
|
UNBLOCK_CONTINUE_POST = 1, /* Continue downconvert, fire
|
|
|
|
|
* ->post_unlock callback */
|
|
|
|
|
UNBLOCK_STOP_POST = 2, /* Do not downconvert, fire
|
|
|
|
|
* ->post_unlock() callback. */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct ocfs2_unblock_ctl {
|
|
|
|
|
int requeue;
|
|
|
|
|
enum ocfs2_unblock_action unblock_action;
|
|
|
|
|
};
|
|
|
|
|
|
2009-06-04 07:26:50 -06:00
|
|
|
/* Lockdep class keys */
|
2018-10-12 22:34:26 -06:00
|
|
|
#ifdef CONFIG_DEBUG_LOCK_ALLOC
|
2018-08-17 16:44:31 -06:00
|
|
|
static struct lock_class_key lockdep_keys[OCFS2_NUM_LOCK_TYPES];
|
2018-10-12 22:34:26 -06:00
|
|
|
#endif
|
2009-06-04 07:26:50 -06:00
|
|
|
|
2006-09-13 22:39:52 -06:00
|
|
|
static int ocfs2_check_meta_downconvert(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level);
|
|
|
|
|
static void ocfs2_set_meta_lvb(struct ocfs2_lock_res *lockres);
|
|
|
|
|
|
2006-09-13 22:52:21 -06:00
|
|
|
static int ocfs2_data_convert_worker(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int blocking);
|
|
|
|
|
|
|
|
|
|
static int ocfs2_dentry_convert_worker(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int blocking);
|
2006-09-08 15:14:34 -06:00
|
|
|
|
|
|
|
|
static void ocfs2_dentry_post_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-08-25 11:56:50 -06:00
|
|
|
static void ocfs2_set_qinfo_lvb(struct ocfs2_lock_res *lockres);
|
2007-04-26 01:29:35 -06:00
|
|
|
|
2009-08-17 21:19:58 -06:00
|
|
|
static int ocfs2_check_refcount_downconvert(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level);
|
|
|
|
|
static int ocfs2_refcount_convert_worker(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int blocking);
|
|
|
|
|
|
2007-04-26 01:29:35 -06:00
|
|
|
#define mlog_meta_lvb(__level, __lockres) ocfs2_dump_meta_lvb_info(__level, __PRETTY_FUNCTION__, __LINE__, __lockres)
|
|
|
|
|
|
|
|
|
|
/* This aids in debugging situations where a bad LVB might be involved. */
|
|
|
|
|
static void ocfs2_dump_meta_lvb_info(u64 level,
|
|
|
|
|
const char *function,
|
|
|
|
|
unsigned int line,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
2008-12-24 17:03:48 -07:00
|
|
|
struct ocfs2_meta_lvb *lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2007-04-26 01:29:35 -06:00
|
|
|
|
|
|
|
|
mlog(level, "LVB information for %s (called from %s:%u):\n",
|
|
|
|
|
lockres->l_name, function, line);
|
|
|
|
|
mlog(level, "version: %u, clusters: %u, generation: 0x%x\n",
|
|
|
|
|
lvb->lvb_version, be32_to_cpu(lvb->lvb_iclusters),
|
|
|
|
|
be32_to_cpu(lvb->lvb_igeneration));
|
|
|
|
|
mlog(level, "size: %llu, uid %u, gid %u, mode 0x%x\n",
|
|
|
|
|
(unsigned long long)be64_to_cpu(lvb->lvb_isize),
|
|
|
|
|
be32_to_cpu(lvb->lvb_iuid), be32_to_cpu(lvb->lvb_igid),
|
|
|
|
|
be16_to_cpu(lvb->lvb_imode));
|
|
|
|
|
mlog(level, "nlink %u, atime_packed 0x%llx, ctime_packed 0x%llx, "
|
|
|
|
|
"mtime_packed 0x%llx iattr 0x%x\n", be16_to_cpu(lvb->lvb_inlink),
|
|
|
|
|
(long long)be64_to_cpu(lvb->lvb_iatime_packed),
|
|
|
|
|
(long long)be64_to_cpu(lvb->lvb_ictime_packed),
|
|
|
|
|
(long long)be64_to_cpu(lvb->lvb_imtime_packed),
|
|
|
|
|
be32_to_cpu(lvb->lvb_iattr));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-09-12 22:24:53 -06:00
|
|
|
/*
|
|
|
|
|
* OCFS2 Lock Resource Operations
|
|
|
|
|
*
|
|
|
|
|
* These fine tune the behavior of the generic dlmglue locking infrastructure.
|
2006-09-14 15:44:51 -06:00
|
|
|
*
|
|
|
|
|
* The most basic of lock types can point ->l_priv to their respective
|
|
|
|
|
* struct ocfs2_super and allow the default actions to manage things.
|
|
|
|
|
*
|
|
|
|
|
* Right now, each lock type also needs to implement an init function,
|
|
|
|
|
* and trivial lock/unlock wrappers. ocfs2_simple_drop_lockres()
|
|
|
|
|
* should be called when the lock is no longer needed (i.e., object
|
|
|
|
|
* destruction time).
|
2006-09-12 22:24:53 -06:00
|
|
|
*/
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_lock_res_ops {
|
2006-09-12 22:49:13 -06:00
|
|
|
/*
|
|
|
|
|
* Translate an ocfs2_lock_res * into an ocfs2_super *. Define
|
|
|
|
|
* this callback if ->l_priv is not an ocfs2_super pointer
|
|
|
|
|
*/
|
|
|
|
|
struct ocfs2_super * (*get_osb)(struct ocfs2_lock_res *);
|
2006-09-13 23:01:16 -06:00
|
|
|
|
2006-09-14 15:44:51 -06:00
|
|
|
/*
|
2007-09-24 16:56:19 -06:00
|
|
|
* Optionally called in the downconvert thread after a
|
|
|
|
|
* successful downconvert. The lockres will not be referenced
|
|
|
|
|
* after this callback is called, so it is safe to free
|
|
|
|
|
* memory, etc.
|
2006-09-14 15:44:51 -06:00
|
|
|
*
|
|
|
|
|
* The exact semantics of when this is called are controlled
|
|
|
|
|
* by ->downconvert_worker()
|
|
|
|
|
*/
|
2006-09-08 15:14:34 -06:00
|
|
|
void (*post_unlock)(struct ocfs2_super *, struct ocfs2_lock_res *);
|
2006-09-12 22:24:53 -06:00
|
|
|
|
2006-09-13 22:10:12 -06:00
|
|
|
/*
|
|
|
|
|
* Allow a lock type to add checks to determine whether it is
|
|
|
|
|
* safe to downconvert a lock. Return 0 to re-queue the
|
|
|
|
|
* downconvert at a later time, nonzero to continue.
|
|
|
|
|
*
|
|
|
|
|
* For most locks, the default checks that there are no
|
|
|
|
|
* incompatible holders are sufficient.
|
|
|
|
|
*
|
|
|
|
|
* Called with the lockres spinlock held.
|
|
|
|
|
*/
|
|
|
|
|
int (*check_downconvert)(struct ocfs2_lock_res *, int);
|
|
|
|
|
|
2006-09-13 22:21:52 -06:00
|
|
|
/*
|
|
|
|
|
* Allows a lock type to populate the lock value block. This
|
|
|
|
|
* is called on downconvert, and when we drop a lock.
|
|
|
|
|
*
|
|
|
|
|
* Locks that want to use this should set LOCK_TYPE_USES_LVB
|
|
|
|
|
* in the flags field.
|
|
|
|
|
*
|
|
|
|
|
* Called with the lockres spinlock held.
|
|
|
|
|
*/
|
|
|
|
|
void (*set_lvb)(struct ocfs2_lock_res *);
|
|
|
|
|
|
2006-09-13 22:52:21 -06:00
|
|
|
/*
|
|
|
|
|
* Called from the downconvert thread when it is determined
|
|
|
|
|
* that a lock will be downconverted. This is called without
|
|
|
|
|
* any locks held so the function can do work that might
|
|
|
|
|
* schedule (syncing out data, etc).
|
|
|
|
|
*
|
|
|
|
|
* This should return any one of the ocfs2_unblock_action
|
|
|
|
|
* values, depending on what it wants the thread to do.
|
|
|
|
|
*/
|
|
|
|
|
int (*downconvert_worker)(struct ocfs2_lock_res *, int);
|
|
|
|
|
|
2006-09-12 22:24:53 -06:00
|
|
|
/*
|
|
|
|
|
* LOCK_TYPE_* flags which describe the specific requirements
|
|
|
|
|
* of a lock type. Descriptions of each individual flag follow.
|
|
|
|
|
*/
|
|
|
|
|
int flags;
|
2005-12-15 15:31:24 -07:00
|
|
|
};
|
|
|
|
|
|
2006-09-12 22:24:53 -06:00
|
|
|
/*
|
|
|
|
|
* Some locks want to "refresh" potentially stale data when a
|
|
|
|
|
* meaningful (PRMODE or EXMODE) lock level is first obtained. If this
|
|
|
|
|
* flag is set, the OCFS2_LOCK_NEEDS_REFRESH flag will be set on the
|
|
|
|
|
* individual lockres l_flags member from the ast function. It is
|
|
|
|
|
* expected that the locking wrapper will clear the
|
|
|
|
|
* OCFS2_LOCK_NEEDS_REFRESH flag when done.
|
|
|
|
|
*/
|
|
|
|
|
#define LOCK_TYPE_REQUIRES_REFRESH 0x1
|
|
|
|
|
|
2006-09-12 23:08:14 -06:00
|
|
|
/*
|
2006-09-13 22:21:52 -06:00
|
|
|
* Indicate that a lock type makes use of the lock value block. The
|
|
|
|
|
* ->set_lvb lock type callback must be defined.
|
2006-09-12 23:08:14 -06:00
|
|
|
*/
|
|
|
|
|
#define LOCK_TYPE_USES_LVB 0x2
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_inode_rw_lops = {
|
2006-09-12 22:49:13 -06:00
|
|
|
.get_osb = ocfs2_get_inode_osb,
|
2006-09-12 22:24:53 -06:00
|
|
|
.flags = 0,
|
2005-12-15 15:31:24 -07:00
|
|
|
};
|
|
|
|
|
|
2007-10-18 16:30:42 -06:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_inode_inode_lops = {
|
2006-09-12 22:49:13 -06:00
|
|
|
.get_osb = ocfs2_get_inode_osb,
|
2006-09-13 22:39:52 -06:00
|
|
|
.check_downconvert = ocfs2_check_meta_downconvert,
|
|
|
|
|
.set_lvb = ocfs2_set_meta_lvb,
|
2007-10-18 16:13:59 -06:00
|
|
|
.downconvert_worker = ocfs2_data_convert_worker,
|
2006-09-12 23:08:14 -06:00
|
|
|
.flags = LOCK_TYPE_REQUIRES_REFRESH|LOCK_TYPE_USES_LVB,
|
2005-12-15 15:31:24 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct ocfs2_lock_res_ops ocfs2_super_lops = {
|
2006-09-12 22:24:53 -06:00
|
|
|
.flags = LOCK_TYPE_REQUIRES_REFRESH,
|
2005-12-15 15:31:24 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct ocfs2_lock_res_ops ocfs2_rename_lops = {
|
2006-09-12 22:24:53 -06:00
|
|
|
.flags = 0,
|
2005-12-15 15:31:24 -07:00
|
|
|
};
|
|
|
|
|
|
2009-03-06 06:29:10 -07:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_nfs_sync_lops = {
|
|
|
|
|
.flags = 0,
|
|
|
|
|
};
|
|
|
|
|
|
2018-01-31 17:15:10 -07:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_trim_fs_lops = {
|
|
|
|
|
.flags = LOCK_TYPE_REQUIRES_REFRESH|LOCK_TYPE_USES_LVB,
|
|
|
|
|
};
|
|
|
|
|
|
2009-06-03 18:02:55 -06:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_orphan_scan_lops = {
|
|
|
|
|
.flags = LOCK_TYPE_REQUIRES_REFRESH|LOCK_TYPE_USES_LVB,
|
|
|
|
|
};
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_dentry_lops = {
|
2006-09-12 22:49:13 -06:00
|
|
|
.get_osb = ocfs2_get_dentry_osb,
|
2006-09-08 15:14:34 -06:00
|
|
|
.post_unlock = ocfs2_dentry_post_unlock,
|
2006-09-13 22:52:21 -06:00
|
|
|
.downconvert_worker = ocfs2_dentry_convert_worker,
|
2006-09-12 22:24:53 -06:00
|
|
|
.flags = 0,
|
2006-09-08 15:14:34 -06:00
|
|
|
};
|
|
|
|
|
|
2007-03-20 17:01:38 -06:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_inode_open_lops = {
|
|
|
|
|
.get_osb = ocfs2_get_inode_osb,
|
|
|
|
|
.flags = 0,
|
|
|
|
|
};
|
|
|
|
|
|
2007-12-20 17:43:10 -07:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_flock_lops = {
|
|
|
|
|
.get_osb = ocfs2_get_file_osb,
|
|
|
|
|
.flags = 0,
|
|
|
|
|
};
|
|
|
|
|
|
2008-08-25 11:56:50 -06:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_qinfo_lops = {
|
|
|
|
|
.set_lvb = ocfs2_set_qinfo_lvb,
|
|
|
|
|
.get_osb = ocfs2_get_qinfo_osb,
|
|
|
|
|
.flags = LOCK_TYPE_REQUIRES_REFRESH | LOCK_TYPE_USES_LVB,
|
|
|
|
|
};
|
|
|
|
|
|
2009-08-17 21:19:58 -06:00
|
|
|
static struct ocfs2_lock_res_ops ocfs2_refcount_block_lops = {
|
|
|
|
|
.check_downconvert = ocfs2_check_refcount_downconvert,
|
|
|
|
|
.downconvert_worker = ocfs2_refcount_convert_worker,
|
|
|
|
|
.flags = 0,
|
|
|
|
|
};
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static inline int ocfs2_is_inode_lock(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
return lockres->l_type == OCFS2_LOCK_TYPE_META ||
|
2007-03-20 17:01:38 -06:00
|
|
|
lockres->l_type == OCFS2_LOCK_TYPE_RW ||
|
|
|
|
|
lockres->l_type == OCFS2_LOCK_TYPE_OPEN;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2010-01-29 15:46:44 -07:00
|
|
|
static inline struct ocfs2_lock_res *ocfs2_lksb_to_lock_res(struct ocfs2_dlm_lksb *lksb)
|
2010-01-28 20:22:39 -07:00
|
|
|
{
|
|
|
|
|
return container_of(lksb, struct ocfs2_lock_res, l_lksb);
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static inline struct inode *ocfs2_lock_res_inode(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!ocfs2_is_inode_lock(lockres));
|
|
|
|
|
|
|
|
|
|
return (struct inode *) lockres->l_priv;
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
static inline struct ocfs2_dentry_lock *ocfs2_lock_res_dl(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(lockres->l_type != OCFS2_LOCK_TYPE_DENTRY);
|
|
|
|
|
|
|
|
|
|
return (struct ocfs2_dentry_lock *)lockres->l_priv;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-25 11:56:50 -06:00
|
|
|
static inline struct ocfs2_mem_dqinfo *ocfs2_lock_res_qinfo(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(lockres->l_type != OCFS2_LOCK_TYPE_QINFO);
|
|
|
|
|
|
|
|
|
|
return (struct ocfs2_mem_dqinfo *)lockres->l_priv;
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-17 21:19:58 -06:00
|
|
|
static inline struct ocfs2_refcount_tree *
|
|
|
|
|
ocfs2_lock_res_refcount_tree(struct ocfs2_lock_res *res)
|
|
|
|
|
{
|
|
|
|
|
return container_of(res, struct ocfs2_refcount_tree, rf_lockres);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-12 22:49:13 -06:00
|
|
|
static inline struct ocfs2_super *ocfs2_get_lockres_osb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
if (lockres->l_ops->get_osb)
|
|
|
|
|
return lockres->l_ops->get_osb(lockres);
|
|
|
|
|
|
|
|
|
|
return (struct ocfs2_super *)lockres->l_priv;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static int ocfs2_lock_create(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level,
|
2008-02-01 13:14:57 -07:00
|
|
|
u32 dlm_flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
static inline int ocfs2_may_continue_on_blocked_lock(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int wanted);
|
2009-06-04 07:26:50 -06:00
|
|
|
static void __ocfs2_cluster_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level, unsigned long caller_ip);
|
|
|
|
|
static inline void ocfs2_cluster_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level)
|
|
|
|
|
{
|
|
|
|
|
__ocfs2_cluster_unlock(osb, lockres, level, _RET_IP_);
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static inline void ocfs2_generic_handle_downconvert_action(struct ocfs2_lock_res *lockres);
|
|
|
|
|
static inline void ocfs2_generic_handle_convert_action(struct ocfs2_lock_res *lockres);
|
|
|
|
|
static inline void ocfs2_generic_handle_attach_action(struct ocfs2_lock_res *lockres);
|
|
|
|
|
static int ocfs2_generic_handle_bast(struct ocfs2_lock_res *lockres, int level);
|
|
|
|
|
static void ocfs2_schedule_blocked_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres);
|
|
|
|
|
static inline void ocfs2_recover_from_dlm_error(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int convert);
|
2009-02-03 13:37:14 -07:00
|
|
|
#define ocfs2_log_dlm_error(_func, _err, _lockres) do { \
|
|
|
|
|
if ((_lockres)->l_type != OCFS2_LOCK_TYPE_DENTRY) \
|
|
|
|
|
mlog(ML_ERROR, "DLM error %d while calling %s on resource %s\n", \
|
|
|
|
|
_err, _func, _lockres->l_name); \
|
|
|
|
|
else \
|
|
|
|
|
mlog(ML_ERROR, "DLM error %d while calling %s on resource %.*s%08x\n", \
|
|
|
|
|
_err, _func, OCFS2_DENTRY_LOCK_INO_START - 1, (_lockres)->l_name, \
|
|
|
|
|
(unsigned int)ocfs2_get_dentry_lock_ino(_lockres)); \
|
2005-12-15 15:31:24 -07:00
|
|
|
} while (0)
|
2007-09-24 16:56:19 -06:00
|
|
|
static int ocfs2_downconvert_thread(void *arg);
|
|
|
|
|
static void ocfs2_downconvert_on_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres);
|
2007-10-18 16:30:42 -06:00
|
|
|
static int ocfs2_inode_lock_update(struct inode *inode,
|
2005-12-15 15:31:24 -07:00
|
|
|
struct buffer_head **bh);
|
|
|
|
|
static void ocfs2_drop_osb_locks(struct ocfs2_super *osb);
|
|
|
|
|
static inline int ocfs2_highest_compat_lock_level(int level);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
static unsigned int ocfs2_prepare_downconvert(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level);
|
2007-12-20 17:43:10 -07:00
|
|
|
static int ocfs2_downconvert_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level,
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
int lvb,
|
|
|
|
|
unsigned int generation);
|
2007-12-20 17:43:10 -07:00
|
|
|
static int ocfs2_prepare_cancel_convert(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres);
|
|
|
|
|
static int ocfs2_cancel_convert(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
static void ocfs2_build_lock_name(enum ocfs2_lock_type type,
|
|
|
|
|
u64 blkno,
|
|
|
|
|
u32 generation,
|
|
|
|
|
char *name)
|
|
|
|
|
{
|
|
|
|
|
int len;
|
|
|
|
|
|
|
|
|
|
BUG_ON(type >= OCFS2_NUM_LOCK_TYPES);
|
|
|
|
|
|
2006-03-03 11:24:33 -07:00
|
|
|
len = snprintf(name, OCFS2_LOCK_ID_MAX_LEN, "%c%s%016llx%08x",
|
|
|
|
|
ocfs2_lock_type_char(type), OCFS2_LOCK_ID_PAD,
|
|
|
|
|
(long long)blkno, generation);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
BUG_ON(len != (OCFS2_LOCK_ID_MAX_LEN - 1));
|
|
|
|
|
|
|
|
|
|
mlog(0, "built lock resource with name: %s\n", name);
|
|
|
|
|
}
|
|
|
|
|
|
2006-06-27 03:53:55 -06:00
|
|
|
static DEFINE_SPINLOCK(ocfs2_dlm_tracking_lock);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
static void ocfs2_add_lockres_tracking(struct ocfs2_lock_res *res,
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug)
|
|
|
|
|
{
|
|
|
|
|
mlog(0, "Add tracking for lockres %s\n", res->l_name);
|
|
|
|
|
|
|
|
|
|
spin_lock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
list_add(&res->l_debug_list, &dlm_debug->d_lockres_tracking);
|
|
|
|
|
spin_unlock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_remove_lockres_tracking(struct ocfs2_lock_res *res)
|
|
|
|
|
{
|
|
|
|
|
spin_lock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
if (!list_empty(&res->l_debug_list))
|
|
|
|
|
list_del_init(&res->l_debug_list);
|
|
|
|
|
spin_unlock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-13 14:45:15 -06:00
|
|
|
#ifdef CONFIG_OCFS2_FS_STATS
|
|
|
|
|
static void ocfs2_init_lock_stats(struct ocfs2_lock_res *res)
|
|
|
|
|
{
|
|
|
|
|
res->l_lock_refresh = 0;
|
2019-07-11 21:53:09 -06:00
|
|
|
res->l_lock_wait = 0;
|
2010-12-29 00:26:03 -07:00
|
|
|
memset(&res->l_lock_prmode, 0, sizeof(struct ocfs2_lock_stats));
|
|
|
|
|
memset(&res->l_lock_exmode, 0, sizeof(struct ocfs2_lock_stats));
|
2008-05-13 14:45:15 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_update_lock_stats(struct ocfs2_lock_res *res, int level,
|
|
|
|
|
struct ocfs2_mask_waiter *mw, int ret)
|
|
|
|
|
{
|
2010-12-29 00:26:03 -07:00
|
|
|
u32 usec;
|
|
|
|
|
ktime_t kt;
|
|
|
|
|
struct ocfs2_lock_stats *stats;
|
|
|
|
|
|
|
|
|
|
if (level == LKM_PRMODE)
|
|
|
|
|
stats = &res->l_lock_prmode;
|
|
|
|
|
else if (level == LKM_EXMODE)
|
|
|
|
|
stats = &res->l_lock_exmode;
|
|
|
|
|
else
|
2008-05-13 14:45:15 -06:00
|
|
|
return;
|
|
|
|
|
|
2010-12-29 00:26:03 -07:00
|
|
|
kt = ktime_sub(ktime_get(), mw->mw_lock_start);
|
|
|
|
|
usec = ktime_to_us(kt);
|
|
|
|
|
|
|
|
|
|
stats->ls_gets++;
|
|
|
|
|
stats->ls_total += ktime_to_ns(kt);
|
|
|
|
|
/* overflow */
|
2011-12-12 15:40:51 -07:00
|
|
|
if (unlikely(stats->ls_gets == 0)) {
|
2010-12-29 00:26:03 -07:00
|
|
|
stats->ls_gets++;
|
|
|
|
|
stats->ls_total = ktime_to_ns(kt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stats->ls_max < usec)
|
|
|
|
|
stats->ls_max = usec;
|
|
|
|
|
|
2008-05-13 14:45:15 -06:00
|
|
|
if (ret)
|
2010-12-29 00:26:03 -07:00
|
|
|
stats->ls_fail++;
|
2019-07-11 21:53:02 -06:00
|
|
|
|
|
|
|
|
stats->ls_last = ktime_to_us(ktime_get_real());
|
2008-05-13 14:45:15 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_track_lock_refresh(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
lockres->l_lock_refresh++;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-11 21:53:09 -06:00
|
|
|
static inline void ocfs2_track_lock_wait(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_mask_waiter *mw;
|
|
|
|
|
|
|
|
|
|
if (list_empty(&lockres->l_mask_waiters)) {
|
|
|
|
|
lockres->l_lock_wait = 0;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mw = list_first_entry(&lockres->l_mask_waiters,
|
|
|
|
|
struct ocfs2_mask_waiter, mw_item);
|
|
|
|
|
lockres->l_lock_wait =
|
|
|
|
|
ktime_to_us(ktime_mono_to_real(mw->mw_lock_start));
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-13 14:45:15 -06:00
|
|
|
static inline void ocfs2_init_start_time(struct ocfs2_mask_waiter *mw)
|
|
|
|
|
{
|
2010-12-29 00:26:03 -07:00
|
|
|
mw->mw_lock_start = ktime_get();
|
2008-05-13 14:45:15 -06:00
|
|
|
}
|
|
|
|
|
#else
|
|
|
|
|
static inline void ocfs2_init_lock_stats(struct ocfs2_lock_res *res)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
static inline void ocfs2_update_lock_stats(struct ocfs2_lock_res *res,
|
|
|
|
|
int level, struct ocfs2_mask_waiter *mw, int ret)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
static inline void ocfs2_track_lock_refresh(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
}
|
2019-07-11 21:53:09 -06:00
|
|
|
static inline void ocfs2_track_lock_wait(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
}
|
2008-05-13 14:45:15 -06:00
|
|
|
static inline void ocfs2_init_start_time(struct ocfs2_mask_waiter *mw)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static void ocfs2_lock_res_init_common(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *res,
|
|
|
|
|
enum ocfs2_lock_type type,
|
|
|
|
|
struct ocfs2_lock_res_ops *ops,
|
|
|
|
|
void *priv)
|
|
|
|
|
{
|
|
|
|
|
res->l_type = type;
|
|
|
|
|
res->l_ops = ops;
|
|
|
|
|
res->l_priv = priv;
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
res->l_level = DLM_LOCK_IV;
|
|
|
|
|
res->l_requested = DLM_LOCK_IV;
|
|
|
|
|
res->l_blocking = DLM_LOCK_IV;
|
2005-12-15 15:31:24 -07:00
|
|
|
res->l_action = OCFS2_AST_INVALID;
|
|
|
|
|
res->l_unlock_action = OCFS2_UNLOCK_INVALID;
|
|
|
|
|
|
|
|
|
|
res->l_flags = OCFS2_LOCK_INITIALIZED;
|
|
|
|
|
|
|
|
|
|
ocfs2_add_lockres_tracking(res, osb->osb_dlm_debug);
|
2008-05-13 14:45:15 -06:00
|
|
|
|
|
|
|
|
ocfs2_init_lock_stats(res);
|
2009-06-04 07:26:50 -06:00
|
|
|
#ifdef CONFIG_DEBUG_LOCK_ALLOC
|
|
|
|
|
if (type != OCFS2_LOCK_TYPE_OPEN)
|
|
|
|
|
lockdep_init_map(&res->l_lockdep_map, ocfs2_lock_type_strings[type],
|
|
|
|
|
&lockdep_keys[type], 0);
|
|
|
|
|
else
|
|
|
|
|
res->l_lockdep_map.key = NULL;
|
|
|
|
|
#endif
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_lock_res_init_once(struct ocfs2_lock_res *res)
|
|
|
|
|
{
|
|
|
|
|
/* This also clears out the lock status block */
|
|
|
|
|
memset(res, 0, sizeof(struct ocfs2_lock_res));
|
|
|
|
|
spin_lock_init(&res->l_lock);
|
|
|
|
|
init_waitqueue_head(&res->l_event);
|
|
|
|
|
INIT_LIST_HEAD(&res->l_blocked_list);
|
|
|
|
|
INIT_LIST_HEAD(&res->l_mask_waiters);
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
INIT_LIST_HEAD(&res->l_holders);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_inode_lock_res_init(struct ocfs2_lock_res *res,
|
|
|
|
|
enum ocfs2_lock_type type,
|
2006-09-22 18:28:19 -06:00
|
|
|
unsigned int generation,
|
2005-12-15 15:31:24 -07:00
|
|
|
struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res_ops *ops;
|
|
|
|
|
|
|
|
|
|
switch(type) {
|
|
|
|
|
case OCFS2_LOCK_TYPE_RW:
|
|
|
|
|
ops = &ocfs2_inode_rw_lops;
|
|
|
|
|
break;
|
|
|
|
|
case OCFS2_LOCK_TYPE_META:
|
2007-10-18 16:30:42 -06:00
|
|
|
ops = &ocfs2_inode_inode_lops;
|
2005-12-15 15:31:24 -07:00
|
|
|
break;
|
2007-03-20 17:01:38 -06:00
|
|
|
case OCFS2_LOCK_TYPE_OPEN:
|
|
|
|
|
ops = &ocfs2_inode_open_lops;
|
|
|
|
|
break;
|
2005-12-15 15:31:24 -07:00
|
|
|
default:
|
|
|
|
|
mlog_bug_on_msg(1, "type: %d\n", type);
|
|
|
|
|
ops = NULL; /* thanks, gcc */
|
|
|
|
|
break;
|
|
|
|
|
};
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
ocfs2_build_lock_name(type, OCFS2_I(inode)->ip_blkno,
|
2006-09-22 18:28:19 -06:00
|
|
|
generation, res->l_name);
|
2006-09-08 15:14:34 -06:00
|
|
|
ocfs2_lock_res_init_common(OCFS2_SB(inode->i_sb), res, type, ops, inode);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-12 22:49:13 -06:00
|
|
|
static struct ocfs2_super *ocfs2_get_inode_osb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct inode *inode = ocfs2_lock_res_inode(lockres);
|
|
|
|
|
|
|
|
|
|
return OCFS2_SB(inode->i_sb);
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-25 11:56:50 -06:00
|
|
|
static struct ocfs2_super *ocfs2_get_qinfo_osb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_mem_dqinfo *info = lockres->l_priv;
|
|
|
|
|
|
|
|
|
|
return OCFS2_SB(info->dqi_gi.dqi_sb);
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-20 17:43:10 -07:00
|
|
|
static struct ocfs2_super *ocfs2_get_file_osb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_file_private *fp = lockres->l_priv;
|
|
|
|
|
|
|
|
|
|
return OCFS2_SB(fp->fp_file->f_mapping->host->i_sb);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
static __u64 ocfs2_get_dentry_lock_ino(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
__be64 inode_blkno_be;
|
|
|
|
|
|
|
|
|
|
memcpy(&inode_blkno_be, &lockres->l_name[OCFS2_DENTRY_LOCK_INO_START],
|
|
|
|
|
sizeof(__be64));
|
|
|
|
|
|
|
|
|
|
return be64_to_cpu(inode_blkno_be);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-12 22:49:13 -06:00
|
|
|
static struct ocfs2_super *ocfs2_get_dentry_osb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dentry_lock *dl = lockres->l_priv;
|
|
|
|
|
|
|
|
|
|
return OCFS2_SB(dl->dl_inode->i_sb);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
void ocfs2_dentry_lock_res_init(struct ocfs2_dentry_lock *dl,
|
|
|
|
|
u64 parent, struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
int len;
|
|
|
|
|
u64 inode_blkno = OCFS2_I(inode)->ip_blkno;
|
|
|
|
|
__be64 inode_blkno_be = cpu_to_be64(inode_blkno);
|
|
|
|
|
struct ocfs2_lock_res *lockres = &dl->dl_lockres;
|
|
|
|
|
|
|
|
|
|
ocfs2_lock_res_init_once(lockres);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Unfortunately, the standard lock naming scheme won't work
|
|
|
|
|
* here because we have two 16 byte values to use. Instead,
|
|
|
|
|
* we'll stuff the inode number as a binary value. We still
|
|
|
|
|
* want error prints to show something without garbling the
|
|
|
|
|
* display, so drop a null byte in there before the inode
|
|
|
|
|
* number. A future version of OCFS2 will likely use all
|
|
|
|
|
* binary lock names. The stringified names have been a
|
|
|
|
|
* tremendous aid in debugging, but now that the debugfs
|
|
|
|
|
* interface exists, we can mangle things there if need be.
|
|
|
|
|
*
|
|
|
|
|
* NOTE: We also drop the standard "pad" value (the total lock
|
|
|
|
|
* name size stays the same though - the last part is all
|
|
|
|
|
* zeros due to the memset in ocfs2_lock_res_init_once()
|
|
|
|
|
*/
|
|
|
|
|
len = snprintf(lockres->l_name, OCFS2_DENTRY_LOCK_INO_START,
|
|
|
|
|
"%c%016llx",
|
|
|
|
|
ocfs2_lock_type_char(OCFS2_LOCK_TYPE_DENTRY),
|
|
|
|
|
(long long)parent);
|
|
|
|
|
|
|
|
|
|
BUG_ON(len != (OCFS2_DENTRY_LOCK_INO_START - 1));
|
|
|
|
|
|
|
|
|
|
memcpy(&lockres->l_name[OCFS2_DENTRY_LOCK_INO_START], &inode_blkno_be,
|
|
|
|
|
sizeof(__be64));
|
|
|
|
|
|
|
|
|
|
ocfs2_lock_res_init_common(OCFS2_SB(inode->i_sb), lockres,
|
|
|
|
|
OCFS2_LOCK_TYPE_DENTRY, &ocfs2_dentry_lops,
|
|
|
|
|
dl);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_super_lock_res_init(struct ocfs2_lock_res *res,
|
|
|
|
|
struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
/* Superblock lockres doesn't come from a slab so we call init
|
|
|
|
|
* once on it manually. */
|
|
|
|
|
ocfs2_lock_res_init_once(res);
|
2006-09-08 15:14:34 -06:00
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_SUPER, OCFS2_SUPER_BLOCK_BLKNO,
|
|
|
|
|
0, res->l_name);
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_lock_res_init_common(osb, res, OCFS2_LOCK_TYPE_SUPER,
|
|
|
|
|
&ocfs2_super_lops, osb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_rename_lock_res_init(struct ocfs2_lock_res *res,
|
|
|
|
|
struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
/* Rename lockres doesn't come from a slab so we call init
|
|
|
|
|
* once on it manually. */
|
|
|
|
|
ocfs2_lock_res_init_once(res);
|
2006-09-08 15:14:34 -06:00
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_RENAME, 0, 0, res->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(osb, res, OCFS2_LOCK_TYPE_RENAME,
|
2005-12-15 15:31:24 -07:00
|
|
|
&ocfs2_rename_lops, osb);
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-06 06:29:10 -07:00
|
|
|
static void ocfs2_nfs_sync_lock_res_init(struct ocfs2_lock_res *res,
|
|
|
|
|
struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
/* nfs_sync lockres doesn't come from a slab so we call init
|
|
|
|
|
* once on it manually. */
|
|
|
|
|
ocfs2_lock_res_init_once(res);
|
|
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_NFS_SYNC, 0, 0, res->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(osb, res, OCFS2_LOCK_TYPE_NFS_SYNC,
|
|
|
|
|
&ocfs2_nfs_sync_lops, osb);
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-25 21:29:30 -06:00
|
|
|
static void ocfs2_nfs_sync_lock_init(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
ocfs2_nfs_sync_lock_res_init(&osb->osb_nfs_sync_lockres, osb);
|
|
|
|
|
init_rwsem(&osb->nfs_sync_rwlock);
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-31 17:15:10 -07:00
|
|
|
void ocfs2_trim_fs_lock_res_init(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_trim_fs_lockres;
|
|
|
|
|
|
2019-03-05 16:41:45 -07:00
|
|
|
/* Only one trimfs thread are allowed to work at the same time. */
|
|
|
|
|
mutex_lock(&osb->obs_trim_fs_mutex);
|
|
|
|
|
|
2018-01-31 17:15:10 -07:00
|
|
|
ocfs2_lock_res_init_once(lockres);
|
|
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_TRIM_FS, 0, 0, lockres->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(osb, lockres, OCFS2_LOCK_TYPE_TRIM_FS,
|
|
|
|
|
&ocfs2_trim_fs_lops, osb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_trim_fs_lock_res_uninit(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_trim_fs_lockres;
|
|
|
|
|
|
|
|
|
|
ocfs2_simple_drop_lockres(osb, lockres);
|
|
|
|
|
ocfs2_lock_res_free(lockres);
|
2019-03-05 16:41:45 -07:00
|
|
|
|
|
|
|
|
mutex_unlock(&osb->obs_trim_fs_mutex);
|
2018-01-31 17:15:10 -07:00
|
|
|
}
|
|
|
|
|
|
2009-06-03 18:02:55 -06:00
|
|
|
static void ocfs2_orphan_scan_lock_res_init(struct ocfs2_lock_res *res,
|
|
|
|
|
struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
ocfs2_lock_res_init_once(res);
|
|
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_ORPHAN_SCAN, 0, 0, res->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(osb, res, OCFS2_LOCK_TYPE_ORPHAN_SCAN,
|
|
|
|
|
&ocfs2_orphan_scan_lops, osb);
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-20 17:43:10 -07:00
|
|
|
void ocfs2_file_lock_res_init(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_file_private *fp)
|
|
|
|
|
{
|
|
|
|
|
struct inode *inode = fp->fp_file->f_mapping->host;
|
|
|
|
|
struct ocfs2_inode_info *oi = OCFS2_I(inode);
|
|
|
|
|
|
|
|
|
|
ocfs2_lock_res_init_once(lockres);
|
|
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_FLOCK, oi->ip_blkno,
|
|
|
|
|
inode->i_generation, lockres->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(OCFS2_SB(inode->i_sb), lockres,
|
|
|
|
|
OCFS2_LOCK_TYPE_FLOCK, &ocfs2_flock_lops,
|
|
|
|
|
fp);
|
|
|
|
|
lockres->l_flags |= OCFS2_LOCK_NOCACHE;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-25 11:56:50 -06:00
|
|
|
void ocfs2_qinfo_lock_res_init(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_mem_dqinfo *info)
|
|
|
|
|
{
|
|
|
|
|
ocfs2_lock_res_init_once(lockres);
|
|
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_QINFO, info->dqi_gi.dqi_type,
|
|
|
|
|
0, lockres->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(OCFS2_SB(info->dqi_gi.dqi_sb), lockres,
|
|
|
|
|
OCFS2_LOCK_TYPE_QINFO, &ocfs2_qinfo_lops,
|
|
|
|
|
info);
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-17 21:19:58 -06:00
|
|
|
void ocfs2_refcount_lock_res_init(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_super *osb, u64 ref_blkno,
|
|
|
|
|
unsigned int generation)
|
|
|
|
|
{
|
|
|
|
|
ocfs2_lock_res_init_once(lockres);
|
|
|
|
|
ocfs2_build_lock_name(OCFS2_LOCK_TYPE_REFCOUNT, ref_blkno,
|
|
|
|
|
generation, lockres->l_name);
|
|
|
|
|
ocfs2_lock_res_init_common(osb, lockres, OCFS2_LOCK_TYPE_REFCOUNT,
|
|
|
|
|
&ocfs2_refcount_block_lops, osb);
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
void ocfs2_lock_res_free(struct ocfs2_lock_res *res)
|
|
|
|
|
{
|
|
|
|
|
if (!(res->l_flags & OCFS2_LOCK_INITIALIZED))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
ocfs2_remove_lockres_tracking(res);
|
|
|
|
|
|
|
|
|
|
mlog_bug_on_msg(!list_empty(&res->l_blocked_list),
|
|
|
|
|
"Lockres %s is on the blocked list\n",
|
|
|
|
|
res->l_name);
|
|
|
|
|
mlog_bug_on_msg(!list_empty(&res->l_mask_waiters),
|
|
|
|
|
"Lockres %s has mask waiters pending\n",
|
|
|
|
|
res->l_name);
|
|
|
|
|
mlog_bug_on_msg(spin_is_locked(&res->l_lock),
|
|
|
|
|
"Lockres %s is locked\n",
|
|
|
|
|
res->l_name);
|
|
|
|
|
mlog_bug_on_msg(res->l_ro_holders,
|
|
|
|
|
"Lockres %s has %u ro holders\n",
|
|
|
|
|
res->l_name, res->l_ro_holders);
|
|
|
|
|
mlog_bug_on_msg(res->l_ex_holders,
|
|
|
|
|
"Lockres %s has %u ex holders\n",
|
|
|
|
|
res->l_name, res->l_ex_holders);
|
|
|
|
|
|
|
|
|
|
/* Need to clear out the lock status block for the dlm */
|
|
|
|
|
memset(&res->l_lksb, 0, sizeof(res->l_lksb));
|
|
|
|
|
|
|
|
|
|
res->l_flags = 0UL;
|
|
|
|
|
}
|
|
|
|
|
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
/*
|
|
|
|
|
* Keep a list of processes who have interest in a lockres.
|
|
|
|
|
* Note: this is now only uesed for check recursive cluster locking.
|
|
|
|
|
*/
|
|
|
|
|
static inline void ocfs2_add_holder(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_lock_holder *oh)
|
|
|
|
|
{
|
|
|
|
|
INIT_LIST_HEAD(&oh->oh_list);
|
|
|
|
|
oh->oh_owner_pid = get_pid(task_pid(current));
|
|
|
|
|
|
|
|
|
|
spin_lock(&lockres->l_lock);
|
|
|
|
|
list_add_tail(&oh->oh_list, &lockres->l_holders);
|
|
|
|
|
spin_unlock(&lockres->l_lock);
|
|
|
|
|
}
|
|
|
|
|
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
static struct ocfs2_lock_holder *
|
|
|
|
|
ocfs2_pid_holder(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct pid *pid)
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_holder *oh;
|
|
|
|
|
|
|
|
|
|
spin_lock(&lockres->l_lock);
|
|
|
|
|
list_for_each_entry(oh, &lockres->l_holders, oh_list) {
|
|
|
|
|
if (oh->oh_owner_pid == pid) {
|
|
|
|
|
spin_unlock(&lockres->l_lock);
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
return oh;
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
spin_unlock(&lockres->l_lock);
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
return NULL;
|
|
|
|
|
}
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
static inline void ocfs2_remove_holder(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_lock_holder *oh)
|
|
|
|
|
{
|
|
|
|
|
spin_lock(&lockres->l_lock);
|
|
|
|
|
list_del(&oh->oh_list);
|
|
|
|
|
spin_unlock(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
put_pid(oh->oh_owner_pid);
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
}
|
|
|
|
|
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static inline void ocfs2_inc_holders(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!lockres);
|
|
|
|
|
|
|
|
|
|
switch(level) {
|
2008-02-01 13:14:57 -07:00
|
|
|
case DLM_LOCK_EX:
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_ex_holders++;
|
|
|
|
|
break;
|
2008-02-01 13:14:57 -07:00
|
|
|
case DLM_LOCK_PR:
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_ro_holders++;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
BUG();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_dec_holders(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!lockres);
|
|
|
|
|
|
|
|
|
|
switch(level) {
|
2008-02-01 13:14:57 -07:00
|
|
|
case DLM_LOCK_EX:
|
2005-12-15 15:31:24 -07:00
|
|
|
BUG_ON(!lockres->l_ex_holders);
|
|
|
|
|
lockres->l_ex_holders--;
|
|
|
|
|
break;
|
2008-02-01 13:14:57 -07:00
|
|
|
case DLM_LOCK_PR:
|
2005-12-15 15:31:24 -07:00
|
|
|
BUG_ON(!lockres->l_ro_holders);
|
|
|
|
|
lockres->l_ro_holders--;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
BUG();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* WARNING: This function lives in a world where the only three lock
|
|
|
|
|
* levels are EX, PR, and NL. It *will* have to be adjusted when more
|
|
|
|
|
* lock types are added. */
|
|
|
|
|
static inline int ocfs2_highest_compat_lock_level(int level)
|
|
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int new_level = DLM_LOCK_EX;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
if (level == DLM_LOCK_EX)
|
|
|
|
|
new_level = DLM_LOCK_NL;
|
|
|
|
|
else if (level == DLM_LOCK_PR)
|
|
|
|
|
new_level = DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
return new_level;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void lockres_set_flags(struct ocfs2_lock_res *lockres,
|
|
|
|
|
unsigned long newflags)
|
|
|
|
|
{
|
2007-05-17 08:03:13 -06:00
|
|
|
struct ocfs2_mask_waiter *mw, *tmp;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
lockres->l_flags = newflags;
|
|
|
|
|
|
2007-05-17 08:03:13 -06:00
|
|
|
list_for_each_entry_safe(mw, tmp, &lockres->l_mask_waiters, mw_item) {
|
2005-12-15 15:31:24 -07:00
|
|
|
if ((lockres->l_flags & mw->mw_mask) != mw->mw_goal)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
list_del_init(&mw->mw_item);
|
|
|
|
|
mw->mw_status = 0;
|
|
|
|
|
complete(&mw->mw_complete);
|
2019-07-11 21:53:09 -06:00
|
|
|
ocfs2_track_lock_wait(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
static void lockres_or_flags(struct ocfs2_lock_res *lockres, unsigned long or)
|
|
|
|
|
{
|
|
|
|
|
lockres_set_flags(lockres, lockres->l_flags | or);
|
|
|
|
|
}
|
|
|
|
|
static void lockres_clear_flags(struct ocfs2_lock_res *lockres,
|
|
|
|
|
unsigned long clear)
|
|
|
|
|
{
|
|
|
|
|
lockres_set_flags(lockres, lockres->l_flags & ~clear);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_generic_handle_downconvert_action(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_BUSY));
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_ATTACHED));
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_BLOCKED));
|
2008-02-01 13:14:57 -07:00
|
|
|
BUG_ON(lockres->l_blocking <= DLM_LOCK_NL);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
lockres->l_level = lockres->l_requested;
|
|
|
|
|
if (lockres->l_level <=
|
|
|
|
|
ocfs2_highest_compat_lock_level(lockres->l_blocking)) {
|
2008-02-01 13:14:57 -07:00
|
|
|
lockres->l_blocking = DLM_LOCK_NL;
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BLOCKED);
|
|
|
|
|
}
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_generic_handle_convert_action(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_BUSY));
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_ATTACHED));
|
|
|
|
|
|
|
|
|
|
/* Convert from RO to EX doesn't really need anything as our
|
|
|
|
|
* information is already up to data. Convert from NL to
|
|
|
|
|
* *anything* however should mark ourselves as needing an
|
|
|
|
|
* update */
|
2008-02-01 13:14:57 -07:00
|
|
|
if (lockres->l_level == DLM_LOCK_NL &&
|
2006-09-12 22:24:53 -06:00
|
|
|
lockres->l_ops->flags & LOCK_TYPE_REQUIRES_REFRESH)
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_NEEDS_REFRESH);
|
|
|
|
|
|
|
|
|
|
lockres->l_level = lockres->l_requested;
|
2010-01-21 11:50:03 -07:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* We set the OCFS2_LOCK_UPCONVERT_FINISHING flag before clearing
|
|
|
|
|
* the OCFS2_LOCK_BUSY flag to prevent the dc thread from
|
|
|
|
|
* downconverting the lock before the upconvert has fully completed.
|
2014-12-10 16:41:59 -07:00
|
|
|
* Do not prevent the dc thread from downconverting if NONBLOCK lock
|
|
|
|
|
* had already returned.
|
2010-01-21 11:50:03 -07:00
|
|
|
*/
|
2014-12-10 16:41:59 -07:00
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_NONBLOCK_FINISHED))
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_UPCONVERT_FINISHING);
|
|
|
|
|
else
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_NONBLOCK_FINISHED);
|
2010-01-21 11:50:03 -07:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_generic_handle_attach_action(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
2007-10-26 16:20:36 -06:00
|
|
|
BUG_ON((!(lockres->l_flags & OCFS2_LOCK_BUSY)));
|
2005-12-15 15:31:24 -07:00
|
|
|
BUG_ON(lockres->l_flags & OCFS2_LOCK_ATTACHED);
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
if (lockres->l_requested > DLM_LOCK_NL &&
|
2006-09-12 22:24:53 -06:00
|
|
|
!(lockres->l_flags & OCFS2_LOCK_LOCAL) &&
|
|
|
|
|
lockres->l_ops->flags & LOCK_TYPE_REQUIRES_REFRESH)
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_NEEDS_REFRESH);
|
|
|
|
|
|
|
|
|
|
lockres->l_level = lockres->l_requested;
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_ATTACHED);
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_generic_handle_bast(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level)
|
|
|
|
|
{
|
|
|
|
|
int needs_downconvert = 0;
|
|
|
|
|
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
if (level > lockres->l_blocking) {
|
|
|
|
|
/* only schedule a downconvert if we haven't already scheduled
|
|
|
|
|
* one that goes low enough to satisfy the level we're
|
|
|
|
|
* blocking. this also catches the case where we get
|
|
|
|
|
* duplicate BASTs */
|
|
|
|
|
if (ocfs2_highest_compat_lock_level(level) <
|
|
|
|
|
ocfs2_highest_compat_lock_level(lockres->l_blocking))
|
|
|
|
|
needs_downconvert = 1;
|
|
|
|
|
|
|
|
|
|
lockres->l_blocking = level;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, block %d, level %d, l_block %d, dwn %d\n",
|
|
|
|
|
lockres->l_name, level, lockres->l_level, lockres->l_blocking,
|
|
|
|
|
needs_downconvert);
|
|
|
|
|
|
2010-01-21 11:50:02 -07:00
|
|
|
if (needs_downconvert)
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BLOCKED);
|
2011-03-07 01:43:21 -07:00
|
|
|
mlog(0, "needs_downconvert = %d\n", needs_downconvert);
|
2005-12-15 15:31:24 -07:00
|
|
|
return needs_downconvert;
|
|
|
|
|
}
|
|
|
|
|
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
/*
|
|
|
|
|
* OCFS2_LOCK_PENDING and l_pending_gen.
|
|
|
|
|
*
|
|
|
|
|
* Why does OCFS2_LOCK_PENDING exist? To close a race between setting
|
|
|
|
|
* OCFS2_LOCK_BUSY and calling ocfs2_dlm_lock(). See ocfs2_unblock_lock()
|
|
|
|
|
* for more details on the race.
|
|
|
|
|
*
|
|
|
|
|
* OCFS2_LOCK_PENDING closes the race quite nicely. However, it introduces
|
|
|
|
|
* a race on itself. In o2dlm, we can get the ast before ocfs2_dlm_lock()
|
|
|
|
|
* returns. The ast clears OCFS2_LOCK_BUSY, and must therefore clear
|
|
|
|
|
* OCFS2_LOCK_PENDING at the same time. When ocfs2_dlm_lock() returns,
|
|
|
|
|
* the caller is going to try to clear PENDING again. If nothing else is
|
|
|
|
|
* happening, __lockres_clear_pending() sees PENDING is unset and does
|
|
|
|
|
* nothing.
|
|
|
|
|
*
|
|
|
|
|
* But what if another path (eg downconvert thread) has just started a
|
|
|
|
|
* new locking action? The other path has re-set PENDING. Our path
|
|
|
|
|
* cannot clear PENDING, because that will re-open the original race
|
|
|
|
|
* window.
|
|
|
|
|
*
|
|
|
|
|
* [Example]
|
|
|
|
|
*
|
|
|
|
|
* ocfs2_meta_lock()
|
|
|
|
|
* ocfs2_cluster_lock()
|
|
|
|
|
* set BUSY
|
|
|
|
|
* set PENDING
|
|
|
|
|
* drop l_lock
|
|
|
|
|
* ocfs2_dlm_lock()
|
|
|
|
|
* ocfs2_locking_ast() ocfs2_downconvert_thread()
|
|
|
|
|
* clear PENDING ocfs2_unblock_lock()
|
|
|
|
|
* take_l_lock
|
|
|
|
|
* !BUSY
|
|
|
|
|
* ocfs2_prepare_downconvert()
|
|
|
|
|
* set BUSY
|
|
|
|
|
* set PENDING
|
|
|
|
|
* drop l_lock
|
|
|
|
|
* take l_lock
|
|
|
|
|
* clear PENDING
|
|
|
|
|
* drop l_lock
|
|
|
|
|
* <window>
|
|
|
|
|
* ocfs2_dlm_lock()
|
|
|
|
|
*
|
|
|
|
|
* So as you can see, we now have a window where l_lock is not held,
|
|
|
|
|
* PENDING is not set, and ocfs2_dlm_lock() has not been called.
|
|
|
|
|
*
|
|
|
|
|
* The core problem is that ocfs2_cluster_lock() has cleared the PENDING
|
|
|
|
|
* set by ocfs2_prepare_downconvert(). That wasn't nice.
|
|
|
|
|
*
|
|
|
|
|
* To solve this we introduce l_pending_gen. A call to
|
|
|
|
|
* lockres_clear_pending() will only do so when it is passed a generation
|
|
|
|
|
* number that matches the lockres. lockres_set_pending() will return the
|
|
|
|
|
* current generation number. When ocfs2_cluster_lock() goes to clear
|
|
|
|
|
* PENDING, it passes the generation it got from set_pending(). In our
|
|
|
|
|
* example above, the generation numbers will *not* match. Thus,
|
|
|
|
|
* ocfs2_cluster_lock() will not clear the PENDING set by
|
|
|
|
|
* ocfs2_prepare_downconvert().
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* Unlocked version for ocfs2_locking_ast() */
|
|
|
|
|
static void __lockres_clear_pending(struct ocfs2_lock_res *lockres,
|
|
|
|
|
unsigned int generation,
|
|
|
|
|
struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The ast and locking functions can race us here. The winner
|
|
|
|
|
* will clear pending, the loser will not.
|
|
|
|
|
*/
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_PENDING) ||
|
|
|
|
|
(lockres->l_pending_gen != generation))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_PENDING);
|
|
|
|
|
lockres->l_pending_gen++;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The downconvert thread may have skipped us because we
|
|
|
|
|
* were PENDING. Wake it up.
|
|
|
|
|
*/
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BLOCKED)
|
|
|
|
|
ocfs2_wake_downconvert_thread(osb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Locked version for callers of ocfs2_dlm_lock() */
|
|
|
|
|
static void lockres_clear_pending(struct ocfs2_lock_res *lockres,
|
|
|
|
|
unsigned int generation,
|
|
|
|
|
struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
__lockres_clear_pending(lockres, generation, osb);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static unsigned int lockres_set_pending(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_BUSY));
|
|
|
|
|
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_PENDING);
|
|
|
|
|
|
|
|
|
|
return lockres->l_pending_gen;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-29 15:46:44 -07:00
|
|
|
static void ocfs2_blocking_ast(struct ocfs2_dlm_lksb *lksb, int level)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2010-01-28 20:22:39 -07:00
|
|
|
struct ocfs2_lock_res *lockres = ocfs2_lksb_to_lock_res(lksb);
|
2006-09-12 22:58:23 -06:00
|
|
|
struct ocfs2_super *osb = ocfs2_get_lockres_osb(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
int needs_downconvert;
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
BUG_ON(level <= DLM_LOCK_NL);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "BAST fired for lockres %s, blocking %d, level %d, "
|
|
|
|
|
"type %s\n", lockres->l_name, level, lockres->l_level,
|
2006-09-12 22:58:23 -06:00
|
|
|
ocfs2_lock_type_string(lockres->l_type));
|
|
|
|
|
|
2007-12-20 17:43:10 -07:00
|
|
|
/*
|
|
|
|
|
* We can skip the bast for locks which don't enable caching -
|
|
|
|
|
* they'll be dropped at the earliest possible time anyway.
|
|
|
|
|
*/
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_NOCACHE)
|
|
|
|
|
return;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
needs_downconvert = ocfs2_generic_handle_bast(lockres, level);
|
|
|
|
|
if (needs_downconvert)
|
|
|
|
|
ocfs2_schedule_blocked_lock(osb, lockres);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
wake_up(&lockres->l_event);
|
|
|
|
|
|
2007-09-24 16:56:19 -06:00
|
|
|
ocfs2_wake_downconvert_thread(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2010-01-29 15:46:44 -07:00
|
|
|
static void ocfs2_locking_ast(struct ocfs2_dlm_lksb *lksb)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2010-01-28 20:22:39 -07:00
|
|
|
struct ocfs2_lock_res *lockres = ocfs2_lksb_to_lock_res(lksb);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
struct ocfs2_super *osb = ocfs2_get_lockres_osb(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
unsigned long flags;
|
2008-01-30 17:52:53 -07:00
|
|
|
int status;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
|
2008-01-30 17:52:53 -07:00
|
|
|
status = ocfs2_dlm_lock_status(&lockres->l_lksb);
|
|
|
|
|
|
|
|
|
|
if (status == -EAGAIN) {
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (status) {
|
2008-02-01 13:16:57 -07:00
|
|
|
mlog(ML_ERROR, "lockres %s: lksb status value of %d!\n",
|
2008-01-30 17:52:53 -07:00
|
|
|
lockres->l_name, status);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "AST fired for lockres %s, action %d, unlock %d, "
|
|
|
|
|
"level %d => %d\n", lockres->l_name, lockres->l_action,
|
|
|
|
|
lockres->l_unlock_action, lockres->l_level, lockres->l_requested);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
switch(lockres->l_action) {
|
|
|
|
|
case OCFS2_AST_ATTACH:
|
|
|
|
|
ocfs2_generic_handle_attach_action(lockres);
|
2006-09-12 22:34:35 -06:00
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_LOCAL);
|
2005-12-15 15:31:24 -07:00
|
|
|
break;
|
|
|
|
|
case OCFS2_AST_CONVERT:
|
|
|
|
|
ocfs2_generic_handle_convert_action(lockres);
|
|
|
|
|
break;
|
|
|
|
|
case OCFS2_AST_DOWNCONVERT:
|
|
|
|
|
ocfs2_generic_handle_downconvert_action(lockres);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_ERROR, "lockres %s: AST fired with invalid action: %u, "
|
|
|
|
|
"flags 0x%lx, unlock: %u\n",
|
2006-09-12 22:34:35 -06:00
|
|
|
lockres->l_name, lockres->l_action, lockres->l_flags,
|
|
|
|
|
lockres->l_unlock_action);
|
2005-12-15 15:31:24 -07:00
|
|
|
BUG();
|
|
|
|
|
}
|
2008-01-30 17:52:53 -07:00
|
|
|
out:
|
2005-12-15 15:31:24 -07:00
|
|
|
/* set it to something invalid so if we get called again we
|
|
|
|
|
* can catch it. */
|
|
|
|
|
lockres->l_action = OCFS2_AST_INVALID;
|
|
|
|
|
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
/* Did we try to cancel this lock? Clear that state */
|
|
|
|
|
if (lockres->l_unlock_action == OCFS2_UNLOCK_CANCEL_CONVERT)
|
|
|
|
|
lockres->l_unlock_action = OCFS2_UNLOCK_INVALID;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* We may have beaten the locking functions here. We certainly
|
|
|
|
|
* know that dlm_lock() has been called :-)
|
|
|
|
|
* Because we can't have two lock calls in flight at once, we
|
|
|
|
|
* can use lockres->l_pending_gen.
|
|
|
|
|
*/
|
|
|
|
|
__lockres_clear_pending(lockres, lockres->l_pending_gen, osb);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
wake_up(&lockres->l_event);
|
2006-09-08 15:14:34 -06:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2010-01-29 18:19:06 -07:00
|
|
|
static void ocfs2_unlock_ast(struct ocfs2_dlm_lksb *lksb, int error)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = ocfs2_lksb_to_lock_res(lksb);
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "UNLOCK AST fired for lockres %s, action = %d\n",
|
|
|
|
|
lockres->l_name, lockres->l_unlock_action);
|
2010-01-29 18:19:06 -07:00
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if (error) {
|
|
|
|
|
mlog(ML_ERROR, "Dlm passes error %d for lock %s, "
|
|
|
|
|
"unlock_action %d\n", error, lockres->l_name,
|
|
|
|
|
lockres->l_unlock_action);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch(lockres->l_unlock_action) {
|
|
|
|
|
case OCFS2_UNLOCK_CANCEL_CONVERT:
|
|
|
|
|
mlog(0, "Cancel convert success for %s\n", lockres->l_name);
|
|
|
|
|
lockres->l_action = OCFS2_AST_INVALID;
|
|
|
|
|
/* Downconvert thread may have requeued this lock, we
|
|
|
|
|
* need to wake it. */
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BLOCKED)
|
|
|
|
|
ocfs2_wake_downconvert_thread(ocfs2_get_lockres_osb(lockres));
|
|
|
|
|
break;
|
|
|
|
|
case OCFS2_UNLOCK_DROP_LOCK:
|
|
|
|
|
lockres->l_level = DLM_LOCK_IV;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
BUG();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
lockres->l_unlock_action = OCFS2_UNLOCK_INVALID;
|
|
|
|
|
wake_up(&lockres->l_event);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This is the filesystem locking protocol. It provides the lock handling
|
|
|
|
|
* hooks for the underlying DLM. It has a maximum version number.
|
|
|
|
|
* The version number allows interoperability with systems running at
|
|
|
|
|
* the same major number and an equal or smaller minor number.
|
|
|
|
|
*
|
|
|
|
|
* Whenever the filesystem does new things with locks (adds or removes a
|
|
|
|
|
* lock, orders them differently, does different things underneath a lock),
|
|
|
|
|
* the version must be changed. The protocol is negotiated when joining
|
|
|
|
|
* the dlm domain. A node may join the domain if its major version is
|
|
|
|
|
* identical to all other nodes and its minor version is greater than
|
|
|
|
|
* or equal to all other nodes. When its minor version is greater than
|
|
|
|
|
* the other nodes, it will run at the minor version specified by the
|
|
|
|
|
* other nodes.
|
|
|
|
|
*
|
|
|
|
|
* If a locking change is made that will not be compatible with older
|
|
|
|
|
* versions, the major number must be increased and the minor version set
|
|
|
|
|
* to zero. If a change merely adds a behavior that can be disabled when
|
|
|
|
|
* speaking to older versions, the minor version must be increased. If a
|
|
|
|
|
* change adds a fully backwards compatible change (eg, LVB changes that
|
|
|
|
|
* are just ignored by older versions), the version does not need to be
|
|
|
|
|
* updated.
|
|
|
|
|
*/
|
|
|
|
|
static struct ocfs2_locking_protocol lproto = {
|
|
|
|
|
.lp_max_version = {
|
|
|
|
|
.pv_major = OCFS2_LOCKING_PROTOCOL_MAJOR,
|
|
|
|
|
.pv_minor = OCFS2_LOCKING_PROTOCOL_MINOR,
|
|
|
|
|
},
|
|
|
|
|
.lp_lock_ast = ocfs2_locking_ast,
|
|
|
|
|
.lp_blocking_ast = ocfs2_blocking_ast,
|
|
|
|
|
.lp_unlock_ast = ocfs2_unlock_ast,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void ocfs2_set_locking_protocol(void)
|
|
|
|
|
{
|
|
|
|
|
ocfs2_stack_glue_set_max_proto_version(&lproto.lp_max_version);
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
static inline void ocfs2_recover_from_dlm_error(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int convert)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BUSY);
|
2010-01-21 11:50:03 -07:00
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_UPCONVERT_FINISHING);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (convert)
|
|
|
|
|
lockres->l_action = OCFS2_AST_INVALID;
|
|
|
|
|
else
|
|
|
|
|
lockres->l_unlock_action = OCFS2_UNLOCK_INVALID;
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
wake_up(&lockres->l_event);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Note: If we detect another process working on the lock (i.e.,
|
|
|
|
|
* OCFS2_LOCK_BUSY), we'll bail out returning 0. It's up to the caller
|
|
|
|
|
* to do the right thing in that case.
|
|
|
|
|
*/
|
|
|
|
|
static int ocfs2_lock_create(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level,
|
2008-02-01 13:14:57 -07:00
|
|
|
u32 dlm_flags)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
unsigned long flags;
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
unsigned int gen;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
mlog(0, "lock %s, level = %d, flags = %u\n", lockres->l_name, level,
|
2005-12-15 15:31:24 -07:00
|
|
|
dlm_flags);
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if ((lockres->l_flags & OCFS2_LOCK_ATTACHED) ||
|
|
|
|
|
(lockres->l_flags & OCFS2_LOCK_BUSY)) {
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lockres->l_action = OCFS2_AST_ATTACH;
|
|
|
|
|
lockres->l_requested = level;
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BUSY);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
gen = lockres_set_pending(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2008-02-01 15:39:35 -07:00
|
|
|
ret = ocfs2_dlm_lock(osb->cconn,
|
2008-02-01 13:15:37 -07:00
|
|
|
level,
|
|
|
|
|
&lockres->l_lksb,
|
|
|
|
|
dlm_flags,
|
|
|
|
|
lockres->l_name,
|
2010-01-28 20:22:39 -07:00
|
|
|
OCFS2_LOCK_ID_MAX_LEN - 1);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
lockres_clear_pending(lockres, gen, osb);
|
2008-02-01 13:15:37 -07:00
|
|
|
if (ret) {
|
|
|
|
|
ocfs2_log_dlm_error("ocfs2_dlm_lock", ret, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_recover_from_dlm_error(lockres, 1);
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-01 13:15:37 -07:00
|
|
|
mlog(0, "lock %s, return from ocfs2_dlm_lock\n", lockres->l_name);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
bail:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline int ocfs2_check_wait_flag(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int flag)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
ret = lockres->l_flags & flag;
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_wait_on_busy_lock(struct ocfs2_lock_res *lockres)
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
wait_event(lockres->l_event,
|
|
|
|
|
!ocfs2_check_wait_flag(lockres, OCFS2_LOCK_BUSY));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ocfs2_wait_on_refreshing_lock(struct ocfs2_lock_res *lockres)
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
wait_event(lockres->l_event,
|
|
|
|
|
!ocfs2_check_wait_flag(lockres, OCFS2_LOCK_REFRESHING));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* predict what lock level we'll be dropping down to on behalf
|
|
|
|
|
* of another node, and return true if the currently wanted
|
|
|
|
|
* level will be compatible with it. */
|
|
|
|
|
static inline int ocfs2_may_continue_on_blocked_lock(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int wanted)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!(lockres->l_flags & OCFS2_LOCK_BLOCKED));
|
|
|
|
|
|
|
|
|
|
return wanted <= ocfs2_highest_compat_lock_level(lockres->l_blocking);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_init_mask_waiter(struct ocfs2_mask_waiter *mw)
|
|
|
|
|
{
|
|
|
|
|
INIT_LIST_HEAD(&mw->mw_item);
|
|
|
|
|
init_completion(&mw->mw_complete);
|
2008-05-13 14:45:15 -06:00
|
|
|
ocfs2_init_start_time(mw);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_wait_for_mask(struct ocfs2_mask_waiter *mw)
|
|
|
|
|
{
|
|
|
|
|
wait_for_completion(&mw->mw_complete);
|
|
|
|
|
/* Re-arm the completion in case we want to wait on it again */
|
2013-11-14 15:32:02 -07:00
|
|
|
reinit_completion(&mw->mw_complete);
|
2005-12-15 15:31:24 -07:00
|
|
|
return mw->mw_status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void lockres_add_mask_waiter(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_mask_waiter *mw,
|
|
|
|
|
unsigned long mask,
|
|
|
|
|
unsigned long goal)
|
|
|
|
|
{
|
|
|
|
|
BUG_ON(!list_empty(&mw->mw_item));
|
|
|
|
|
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
list_add_tail(&mw->mw_item, &lockres->l_mask_waiters);
|
|
|
|
|
mw->mw_mask = mask;
|
|
|
|
|
mw->mw_goal = goal;
|
2019-07-11 21:53:09 -06:00
|
|
|
ocfs2_track_lock_wait(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* returns 0 if the mw that was removed was already satisfied, -EBUSY
|
|
|
|
|
* if the mask still hadn't reached its goal */
|
2014-12-10 16:41:59 -07:00
|
|
|
static int __lockres_remove_mask_waiter(struct ocfs2_lock_res *lockres,
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_mask_waiter *mw)
|
|
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
2014-12-10 16:41:59 -07:00
|
|
|
assert_spin_locked(&lockres->l_lock);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (!list_empty(&mw->mw_item)) {
|
|
|
|
|
if ((lockres->l_flags & mw->mw_mask) != mw->mw_goal)
|
|
|
|
|
ret = -EBUSY;
|
|
|
|
|
|
|
|
|
|
list_del_init(&mw->mw_item);
|
|
|
|
|
init_completion(&mw->mw_complete);
|
2019-07-11 21:53:09 -06:00
|
|
|
ocfs2_track_lock_wait(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
2014-12-10 16:41:59 -07:00
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int lockres_remove_mask_waiter(struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_mask_waiter *mw)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
ret = __lockres_remove_mask_waiter(lockres, mw);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-20 17:43:10 -07:00
|
|
|
static int ocfs2_wait_for_mask_interruptible(struct ocfs2_mask_waiter *mw,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
ret = wait_for_completion_interruptible(&mw->mw_complete);
|
|
|
|
|
if (ret)
|
|
|
|
|
lockres_remove_mask_waiter(lockres, mw);
|
|
|
|
|
else
|
|
|
|
|
ret = mw->mw_status;
|
|
|
|
|
/* Re-arm the completion in case we want to wait on it again */
|
2013-11-14 15:32:02 -07:00
|
|
|
reinit_completion(&mw->mw_complete);
|
2007-12-20 17:43:10 -07:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2009-06-04 07:26:50 -06:00
|
|
|
static int __ocfs2_cluster_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level,
|
|
|
|
|
u32 lkm_flags,
|
|
|
|
|
int arg_flags,
|
|
|
|
|
int l_subclass,
|
|
|
|
|
unsigned long caller_ip)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
struct ocfs2_mask_waiter mw;
|
|
|
|
|
int wait, catch_signals = !(osb->s_mount_opt & OCFS2_MOUNT_NOINTR);
|
|
|
|
|
int ret = 0; /* gcc doesn't realize wait = 1 guarantees ret is set */
|
|
|
|
|
unsigned long flags;
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
unsigned int gen;
|
2008-01-30 17:52:53 -07:00
|
|
|
int noqueue_attempted = 0;
|
2014-12-10 16:41:59 -07:00
|
|
|
int dlm_locked = 0;
|
ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock
NFS on a 2 node ocfs2 cluster each node exporting dir. The lock causing
the hang is the global bit map inode lock. Node 1 is master, has the
lock granted in PR mode; Node 2 is in the converting list (PR -> EX).
There are no holders of the lock on the master node so it should
downconvert to NL and grant EX to node 2 but that does not happen.
BLOCKED + QUEUED in lock res are set and it is on osb blocked list.
Threads are waiting in __ocfs2_cluster_lock on BLOCKED. One thread
wants EX, rest want PR. So it is as though the downconvert thread needs
to be kicked to complete the conv.
The hang is caused by an EX req coming into __ocfs2_cluster_lock on the
heels of a PR req after it sets BUSY (drops l_lock, releasing EX
thread), forcing the incoming EX to wait on BUSY without doing anything.
PR has called ocfs2_dlm_lock, which sets the node 1 lock from NL -> PR,
queues ast.
At this time, upconvert (PR ->EX) arrives from node 2, finds conflict
with node 1 lock in PR, so the lock res is put on dlm thread's dirty
listt.
After ret from ocf2_dlm_lock, PR thread now waits behind EX on BUSY till
awoken by ast.
Now it is dlm_thread that serially runs dlm_shuffle_lists, ast, bast, in
that order. dlm_shuffle_lists ques a bast on behalf of node 2 (which
will be run by dlm_thread right after the ast). ast does its part, sets
UPCONVERT_FINISHING, clears BUSY and wakes its waiters. Next,
dlm_thread runs bast. It sets BLOCKED and kicks dc thread. dc thread
runs ocfs2_unblock_lock, but since UPCONVERT_FINISHING set, skips doing
anything and reques.
Inside of __ocfs2_cluster_lock, since EX has been waiting on BUSY ahead
of PR, it wakes up first, finds BLOCKED set and skips doing anything but
clearing UPCONVERT_FINISHING (which was actually "meant" for the PR
thread), and this time waits on BLOCKED. Next, the PR thread comes out
of wait but since UPCONVERT_FINISHING is not set, it skips updating the
l_ro_holders and goes straight to wait on BLOCKED. So there, we have a
hang! Threads in __ocfs2_cluster_lock wait on BLOCKED, lock res in osb
blocked list. Only when dc thread is awoken, it will run
ocfs2_unblock_lock and things will unhang.
One way to fix this is to wake the dc thread on the flag after clearing
UPCONVERT_FINISHING
Orabug: 20933419
Signed-off-by: Tariq Saeed <tariq.x.saeed@oracle.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Reviewed-by: Wengang Wang <wen.gang.wang@oracle.com>
Reviewed-by: Mark Fasheh <mfasheh@suse.de>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <joseph.qi@huawei.com>
Cc: Eric Ren <zren@suse.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-21 17:40:39 -07:00
|
|
|
int kick_dc = 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2015-04-14 16:43:49 -06:00
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_INITIALIZED)) {
|
|
|
|
|
mlog_errno(-EINVAL);
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_init_mask_waiter(&mw);
|
|
|
|
|
|
2006-09-12 23:08:14 -06:00
|
|
|
if (lockres->l_ops->flags & LOCK_TYPE_USES_LVB)
|
2008-02-01 13:14:57 -07:00
|
|
|
lkm_flags |= DLM_LKF_VALBLK;
|
2006-09-12 23:08:14 -06:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
again:
|
|
|
|
|
wait = 0;
|
|
|
|
|
|
2010-01-21 11:50:03 -07:00
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (catch_signals && signal_pending(current)) {
|
|
|
|
|
ret = -ERESTARTSYS;
|
2010-01-21 11:50:03 -07:00
|
|
|
goto unlock;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mlog_bug_on_msg(lockres->l_flags & OCFS2_LOCK_FREEING,
|
|
|
|
|
"Cluster lock called on freeing lockres %s! flags "
|
|
|
|
|
"0x%lx\n", lockres->l_name, lockres->l_flags);
|
|
|
|
|
|
|
|
|
|
/* We only compare against the currently granted level
|
|
|
|
|
* here. If the lock is blocked waiting on a downconvert,
|
|
|
|
|
* we'll get caught below. */
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BUSY &&
|
|
|
|
|
level > lockres->l_level) {
|
|
|
|
|
/* is someone sitting in dlm_lock? If so, wait on
|
|
|
|
|
* them. */
|
|
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_BUSY, 0);
|
|
|
|
|
wait = 1;
|
|
|
|
|
goto unlock;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-21 11:50:03 -07:00
|
|
|
if (lockres->l_flags & OCFS2_LOCK_UPCONVERT_FINISHING) {
|
|
|
|
|
/*
|
|
|
|
|
* We've upconverted. If the lock now has a level we can
|
|
|
|
|
* work with, we take it. If, however, the lock is not at the
|
|
|
|
|
* required level, we go thru the full cycle. One way this could
|
|
|
|
|
* happen is if a process requesting an upconvert to PR is
|
|
|
|
|
* closely followed by another requesting upconvert to an EX.
|
|
|
|
|
* If the process requesting EX lands here, we want it to
|
|
|
|
|
* continue attempting to upconvert and let the process
|
|
|
|
|
* requesting PR take the lock.
|
|
|
|
|
* If multiple processes request upconvert to PR, the first one
|
|
|
|
|
* here will take the lock. The others will have to go thru the
|
|
|
|
|
* OCFS2_LOCK_BLOCKED check to ensure that there is no pending
|
|
|
|
|
* downconvert request.
|
|
|
|
|
*/
|
|
|
|
|
if (level <= lockres->l_level)
|
|
|
|
|
goto update_holders;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BLOCKED &&
|
|
|
|
|
!ocfs2_may_continue_on_blocked_lock(lockres, level)) {
|
|
|
|
|
/* is the lock is currently blocked on behalf of
|
|
|
|
|
* another node */
|
|
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_BLOCKED, 0);
|
|
|
|
|
wait = 1;
|
|
|
|
|
goto unlock;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (level > lockres->l_level) {
|
2008-01-30 17:52:53 -07:00
|
|
|
if (noqueue_attempted > 0) {
|
|
|
|
|
ret = -EAGAIN;
|
|
|
|
|
goto unlock;
|
|
|
|
|
}
|
|
|
|
|
if (lkm_flags & DLM_LKF_NOQUEUE)
|
|
|
|
|
noqueue_attempted = 1;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (lockres->l_action != OCFS2_AST_INVALID)
|
|
|
|
|
mlog(ML_ERROR, "lockres %s has action %u pending\n",
|
|
|
|
|
lockres->l_name, lockres->l_action);
|
|
|
|
|
|
2007-10-05 13:09:05 -06:00
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_ATTACHED)) {
|
|
|
|
|
lockres->l_action = OCFS2_AST_ATTACH;
|
2008-02-01 13:14:57 -07:00
|
|
|
lkm_flags &= ~DLM_LKF_CONVERT;
|
2007-10-05 13:09:05 -06:00
|
|
|
} else {
|
|
|
|
|
lockres->l_action = OCFS2_AST_CONVERT;
|
2008-02-01 13:14:57 -07:00
|
|
|
lkm_flags |= DLM_LKF_CONVERT;
|
2007-10-05 13:09:05 -06:00
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_requested = level;
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BUSY);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
gen = lockres_set_pending(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
BUG_ON(level == DLM_LOCK_IV);
|
|
|
|
|
BUG_ON(level == DLM_LOCK_NL);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, convert from %d to %d\n",
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_name, lockres->l_level, level);
|
|
|
|
|
|
|
|
|
|
/* call dlm_lock to upgrade lock now */
|
2008-02-01 15:39:35 -07:00
|
|
|
ret = ocfs2_dlm_lock(osb->cconn,
|
2008-02-01 13:15:37 -07:00
|
|
|
level,
|
|
|
|
|
&lockres->l_lksb,
|
|
|
|
|
lkm_flags,
|
|
|
|
|
lockres->l_name,
|
2010-01-28 20:22:39 -07:00
|
|
|
OCFS2_LOCK_ID_MAX_LEN - 1);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
lockres_clear_pending(lockres, gen, osb);
|
2008-02-01 13:15:37 -07:00
|
|
|
if (ret) {
|
|
|
|
|
if (!(lkm_flags & DLM_LKF_NOQUEUE) ||
|
|
|
|
|
(ret != -EAGAIN)) {
|
2008-01-29 18:37:32 -07:00
|
|
|
ocfs2_log_dlm_error("ocfs2_dlm_lock",
|
2008-02-01 13:15:37 -07:00
|
|
|
ret, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
ocfs2_recover_from_dlm_error(lockres, 1);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2014-12-10 16:41:59 -07:00
|
|
|
dlm_locked = 1;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2009-01-07 19:09:16 -07:00
|
|
|
mlog(0, "lock %s, successful return from ocfs2_dlm_lock\n",
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_name);
|
|
|
|
|
|
|
|
|
|
/* At this point we've gone inside the dlm and need to
|
|
|
|
|
* complete our work regardless. */
|
|
|
|
|
catch_signals = 0;
|
|
|
|
|
|
|
|
|
|
/* wait for busy to clear and carry on */
|
|
|
|
|
goto again;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-21 11:50:03 -07:00
|
|
|
update_holders:
|
2005-12-15 15:31:24 -07:00
|
|
|
/* Ok, if we get here then we're good to go. */
|
|
|
|
|
ocfs2_inc_holders(lockres, level);
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
unlock:
|
2010-01-21 11:50:03 -07:00
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_UPCONVERT_FINISHING);
|
|
|
|
|
|
ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock
NFS on a 2 node ocfs2 cluster each node exporting dir. The lock causing
the hang is the global bit map inode lock. Node 1 is master, has the
lock granted in PR mode; Node 2 is in the converting list (PR -> EX).
There are no holders of the lock on the master node so it should
downconvert to NL and grant EX to node 2 but that does not happen.
BLOCKED + QUEUED in lock res are set and it is on osb blocked list.
Threads are waiting in __ocfs2_cluster_lock on BLOCKED. One thread
wants EX, rest want PR. So it is as though the downconvert thread needs
to be kicked to complete the conv.
The hang is caused by an EX req coming into __ocfs2_cluster_lock on the
heels of a PR req after it sets BUSY (drops l_lock, releasing EX
thread), forcing the incoming EX to wait on BUSY without doing anything.
PR has called ocfs2_dlm_lock, which sets the node 1 lock from NL -> PR,
queues ast.
At this time, upconvert (PR ->EX) arrives from node 2, finds conflict
with node 1 lock in PR, so the lock res is put on dlm thread's dirty
listt.
After ret from ocf2_dlm_lock, PR thread now waits behind EX on BUSY till
awoken by ast.
Now it is dlm_thread that serially runs dlm_shuffle_lists, ast, bast, in
that order. dlm_shuffle_lists ques a bast on behalf of node 2 (which
will be run by dlm_thread right after the ast). ast does its part, sets
UPCONVERT_FINISHING, clears BUSY and wakes its waiters. Next,
dlm_thread runs bast. It sets BLOCKED and kicks dc thread. dc thread
runs ocfs2_unblock_lock, but since UPCONVERT_FINISHING set, skips doing
anything and reques.
Inside of __ocfs2_cluster_lock, since EX has been waiting on BUSY ahead
of PR, it wakes up first, finds BLOCKED set and skips doing anything but
clearing UPCONVERT_FINISHING (which was actually "meant" for the PR
thread), and this time waits on BLOCKED. Next, the PR thread comes out
of wait but since UPCONVERT_FINISHING is not set, it skips updating the
l_ro_holders and goes straight to wait on BLOCKED. So there, we have a
hang! Threads in __ocfs2_cluster_lock wait on BLOCKED, lock res in osb
blocked list. Only when dc thread is awoken, it will run
ocfs2_unblock_lock and things will unhang.
One way to fix this is to wake the dc thread on the flag after clearing
UPCONVERT_FINISHING
Orabug: 20933419
Signed-off-by: Tariq Saeed <tariq.x.saeed@oracle.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Reviewed-by: Wengang Wang <wen.gang.wang@oracle.com>
Reviewed-by: Mark Fasheh <mfasheh@suse.de>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <joseph.qi@huawei.com>
Cc: Eric Ren <zren@suse.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-21 17:40:39 -07:00
|
|
|
/* ocfs2_unblock_lock reques on seeing OCFS2_LOCK_UPCONVERT_FINISHING */
|
|
|
|
|
kick_dc = (lockres->l_flags & OCFS2_LOCK_BLOCKED);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock
NFS on a 2 node ocfs2 cluster each node exporting dir. The lock causing
the hang is the global bit map inode lock. Node 1 is master, has the
lock granted in PR mode; Node 2 is in the converting list (PR -> EX).
There are no holders of the lock on the master node so it should
downconvert to NL and grant EX to node 2 but that does not happen.
BLOCKED + QUEUED in lock res are set and it is on osb blocked list.
Threads are waiting in __ocfs2_cluster_lock on BLOCKED. One thread
wants EX, rest want PR. So it is as though the downconvert thread needs
to be kicked to complete the conv.
The hang is caused by an EX req coming into __ocfs2_cluster_lock on the
heels of a PR req after it sets BUSY (drops l_lock, releasing EX
thread), forcing the incoming EX to wait on BUSY without doing anything.
PR has called ocfs2_dlm_lock, which sets the node 1 lock from NL -> PR,
queues ast.
At this time, upconvert (PR ->EX) arrives from node 2, finds conflict
with node 1 lock in PR, so the lock res is put on dlm thread's dirty
listt.
After ret from ocf2_dlm_lock, PR thread now waits behind EX on BUSY till
awoken by ast.
Now it is dlm_thread that serially runs dlm_shuffle_lists, ast, bast, in
that order. dlm_shuffle_lists ques a bast on behalf of node 2 (which
will be run by dlm_thread right after the ast). ast does its part, sets
UPCONVERT_FINISHING, clears BUSY and wakes its waiters. Next,
dlm_thread runs bast. It sets BLOCKED and kicks dc thread. dc thread
runs ocfs2_unblock_lock, but since UPCONVERT_FINISHING set, skips doing
anything and reques.
Inside of __ocfs2_cluster_lock, since EX has been waiting on BUSY ahead
of PR, it wakes up first, finds BLOCKED set and skips doing anything but
clearing UPCONVERT_FINISHING (which was actually "meant" for the PR
thread), and this time waits on BLOCKED. Next, the PR thread comes out
of wait but since UPCONVERT_FINISHING is not set, it skips updating the
l_ro_holders and goes straight to wait on BLOCKED. So there, we have a
hang! Threads in __ocfs2_cluster_lock wait on BLOCKED, lock res in osb
blocked list. Only when dc thread is awoken, it will run
ocfs2_unblock_lock and things will unhang.
One way to fix this is to wake the dc thread on the flag after clearing
UPCONVERT_FINISHING
Orabug: 20933419
Signed-off-by: Tariq Saeed <tariq.x.saeed@oracle.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Reviewed-by: Wengang Wang <wen.gang.wang@oracle.com>
Reviewed-by: Mark Fasheh <mfasheh@suse.de>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <joseph.qi@huawei.com>
Cc: Eric Ren <zren@suse.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-21 17:40:39 -07:00
|
|
|
if (kick_dc)
|
|
|
|
|
ocfs2_wake_downconvert_thread(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
out:
|
|
|
|
|
/*
|
|
|
|
|
* This is helping work around a lock inversion between the page lock
|
|
|
|
|
* and dlm locks. One path holds the page lock while calling aops
|
|
|
|
|
* which block acquiring dlm locks. The voting thread holds dlm
|
|
|
|
|
* locks while acquiring page locks while down converting data locks.
|
|
|
|
|
* This block is helping an aop path notice the inversion and back
|
|
|
|
|
* off to unlock its page lock before trying the dlm lock again.
|
|
|
|
|
*/
|
|
|
|
|
if (wait && arg_flags & OCFS2_LOCK_NONBLOCK &&
|
|
|
|
|
mw.mw_mask & (OCFS2_LOCK_BUSY|OCFS2_LOCK_BLOCKED)) {
|
|
|
|
|
wait = 0;
|
2014-12-10 16:41:59 -07:00
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if (__lockres_remove_mask_waiter(lockres, &mw)) {
|
|
|
|
|
if (dlm_locked)
|
|
|
|
|
lockres_or_flags(lockres,
|
|
|
|
|
OCFS2_LOCK_NONBLOCK_FINISHED);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
ret = -EAGAIN;
|
2014-12-10 16:41:59 -07:00
|
|
|
} else {
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
goto again;
|
2014-12-10 16:41:59 -07:00
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
if (wait) {
|
|
|
|
|
ret = ocfs2_wait_for_mask(&mw);
|
|
|
|
|
if (ret == 0)
|
|
|
|
|
goto again;
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
}
|
2008-05-13 14:45:15 -06:00
|
|
|
ocfs2_update_lock_stats(lockres, level, &mw, ret);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2009-06-04 07:26:50 -06:00
|
|
|
#ifdef CONFIG_DEBUG_LOCK_ALLOC
|
|
|
|
|
if (!ret && lockres->l_lockdep_map.key != NULL) {
|
|
|
|
|
if (level == DLM_LOCK_PR)
|
|
|
|
|
rwsem_acquire_read(&lockres->l_lockdep_map, l_subclass,
|
|
|
|
|
!!(arg_flags & OCFS2_META_LOCK_NOQUEUE),
|
|
|
|
|
caller_ip);
|
|
|
|
|
else
|
|
|
|
|
rwsem_acquire(&lockres->l_lockdep_map, l_subclass,
|
|
|
|
|
!!(arg_flags & OCFS2_META_LOCK_NOQUEUE),
|
|
|
|
|
caller_ip);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2005-12-15 15:31:24 -07:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2009-06-04 07:26:50 -06:00
|
|
|
static inline int ocfs2_cluster_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level,
|
|
|
|
|
u32 lkm_flags,
|
|
|
|
|
int arg_flags)
|
|
|
|
|
{
|
|
|
|
|
return __ocfs2_cluster_lock(osb, lockres, level, lkm_flags, arg_flags,
|
|
|
|
|
0, _RET_IP_);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void __ocfs2_cluster_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level,
|
|
|
|
|
unsigned long caller_ip)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
ocfs2_dec_holders(lockres, level);
|
2007-09-24 16:56:19 -06:00
|
|
|
ocfs2_downconvert_on_unlock(osb, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
2009-06-04 07:26:50 -06:00
|
|
|
#ifdef CONFIG_DEBUG_LOCK_ALLOC
|
|
|
|
|
if (lockres->l_lockdep_map.key != NULL)
|
|
|
|
|
rwsem_release(&lockres->l_lockdep_map, 1, caller_ip);
|
|
|
|
|
#endif
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2006-11-19 19:24:28 -07:00
|
|
|
static int ocfs2_create_new_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int ex,
|
|
|
|
|
int local)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
unsigned long flags;
|
2008-02-01 13:14:57 -07:00
|
|
|
u32 lkm_flags = local ? DLM_LKF_LOCAL : 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
BUG_ON(lockres->l_flags & OCFS2_LOCK_ATTACHED);
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_LOCAL);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2006-09-22 18:28:19 -06:00
|
|
|
return ocfs2_lock_create(osb, lockres, level, lkm_flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Grants us an EX lock on the data and metadata resources, skipping
|
|
|
|
|
* the normal cluster directory lookup. Use this ONLY on newly created
|
|
|
|
|
* inodes which other nodes can't possibly see, and which haven't been
|
|
|
|
|
* hashed in the inode hash yet. This can give us a good performance
|
|
|
|
|
* increase as it'll skip the network broadcast normally associated
|
|
|
|
|
* with creating a new lock resource. */
|
|
|
|
|
int ocfs2_create_new_inode_locks(struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
2006-09-08 15:14:34 -06:00
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
BUG_ON(!ocfs2_inode_is_new(inode));
|
|
|
|
|
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "Inode %llu\n", (unsigned long long)OCFS2_I(inode)->ip_blkno);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
/* NOTE: That we don't increment any of the holder counts, nor
|
|
|
|
|
* do we add anything to a journal handle. Since this is
|
|
|
|
|
* supposed to be a new inode which the cluster doesn't know
|
|
|
|
|
* about yet, there is no need to. As far as the LVB handling
|
|
|
|
|
* is concerned, this is basically like acquiring an EX lock
|
|
|
|
|
* on a resource which has an invalid one -- we'll set it
|
|
|
|
|
* valid when we release the EX. */
|
|
|
|
|
|
2006-09-22 18:28:19 -06:00
|
|
|
ret = ocfs2_create_new_lock(osb, &OCFS2_I(inode)->ip_rw_lockres, 1, 1);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (ret) {
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-22 18:28:19 -06:00
|
|
|
/*
|
2008-02-01 13:14:57 -07:00
|
|
|
* We don't want to use DLM_LKF_LOCAL on a meta data lock as they
|
2006-09-22 18:28:19 -06:00
|
|
|
* don't use a generation in their lock names.
|
|
|
|
|
*/
|
2007-10-18 16:30:42 -06:00
|
|
|
ret = ocfs2_create_new_lock(osb, &OCFS2_I(inode)->ip_inode_lockres, 1, 0);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (ret) {
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
2007-03-20 17:01:38 -06:00
|
|
|
ret = ocfs2_create_new_lock(osb, &OCFS2_I(inode)->ip_open_lockres, 0, 0);
|
2016-07-26 16:21:35 -06:00
|
|
|
if (ret)
|
2007-03-20 17:01:38 -06:00
|
|
|
mlog_errno(ret);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
bail:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int ocfs2_rw_lock(struct inode *inode, int write)
|
|
|
|
|
{
|
|
|
|
|
int status, level;
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
2006-12-05 18:56:35 -07:00
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "inode %llu take %s RW lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno,
|
2005-12-15 15:31:24 -07:00
|
|
|
write ? "EXMODE" : "PRMODE");
|
|
|
|
|
|
2011-03-07 01:43:21 -07:00
|
|
|
if (ocfs2_mount_local(osb))
|
2006-12-05 18:56:35 -07:00
|
|
|
return 0;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres = &OCFS2_I(inode)->ip_rw_lockres;
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
level = write ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2018-04-05 17:18:33 -06:00
|
|
|
status = ocfs2_cluster_lock(osb, lockres, level, 0, 0);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-31 17:15:17 -07:00
|
|
|
int ocfs2_try_rw_lock(struct inode *inode, int write)
|
|
|
|
|
{
|
|
|
|
|
int status, level;
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
|
|
|
|
|
|
|
|
|
mlog(0, "inode %llu try to take %s RW lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno,
|
|
|
|
|
write ? "EXMODE" : "PRMODE");
|
|
|
|
|
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
lockres = &OCFS2_I(inode)->ip_rw_lockres;
|
|
|
|
|
|
|
|
|
|
level = write ? DLM_LOCK_EX : DLM_LOCK_PR;
|
|
|
|
|
|
|
|
|
|
status = ocfs2_cluster_lock(osb, lockres, level, DLM_LKF_NOQUEUE, 0);
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
void ocfs2_rw_unlock(struct inode *inode, int write)
|
|
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = write ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_lock_res *lockres = &OCFS2_I(inode)->ip_rw_lockres;
|
2006-12-05 18:56:35 -07:00
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "inode %llu drop %s RW lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno,
|
2005-12-15 15:31:24 -07:00
|
|
|
write ? "EXMODE" : "PRMODE");
|
|
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
if (!ocfs2_mount_local(osb))
|
2018-04-05 17:18:33 -06:00
|
|
|
ocfs2_cluster_unlock(osb, lockres, level);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2007-03-20 17:01:38 -06:00
|
|
|
/*
|
|
|
|
|
* ocfs2_open_lock always get PR mode lock.
|
|
|
|
|
*/
|
|
|
|
|
int ocfs2_open_lock(struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
int status = 0;
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
|
|
|
|
|
|
|
|
|
mlog(0, "inode %llu take PRMODE open lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno);
|
|
|
|
|
|
2011-05-27 10:34:19 -06:00
|
|
|
if (ocfs2_is_hard_readonly(osb) || ocfs2_mount_local(osb))
|
2007-03-20 17:01:38 -06:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
lockres = &OCFS2_I(inode)->ip_open_lockres;
|
|
|
|
|
|
2018-04-05 17:18:33 -06:00
|
|
|
status = ocfs2_cluster_lock(osb, lockres, DLM_LOCK_PR, 0, 0);
|
2007-03-20 17:01:38 -06:00
|
|
|
if (status < 0)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int ocfs2_try_open_lock(struct inode *inode, int write)
|
|
|
|
|
{
|
|
|
|
|
int status = 0, level;
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
|
|
|
|
|
|
|
|
|
mlog(0, "inode %llu try to take %s open lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno,
|
|
|
|
|
write ? "EXMODE" : "PRMODE");
|
|
|
|
|
|
2011-05-27 10:34:19 -06:00
|
|
|
if (ocfs2_is_hard_readonly(osb)) {
|
|
|
|
|
if (write)
|
|
|
|
|
status = -EROFS;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
2007-03-20 17:01:38 -06:00
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
lockres = &OCFS2_I(inode)->ip_open_lockres;
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
level = write ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2007-03-20 17:01:38 -06:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The file system may already holding a PRMODE/EXMODE open lock.
|
2008-02-01 13:14:57 -07:00
|
|
|
* Since we pass DLM_LKF_NOQUEUE, the request won't block waiting on
|
2007-03-20 17:01:38 -06:00
|
|
|
* other nodes and the -EAGAIN will indicate to the caller that
|
|
|
|
|
* this inode is still in use.
|
|
|
|
|
*/
|
2018-04-05 17:18:33 -06:00
|
|
|
status = ocfs2_cluster_lock(osb, lockres, level, DLM_LKF_NOQUEUE, 0);
|
2007-03-20 17:01:38 -06:00
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* ocfs2_open_unlock unlock PR and EX mode open locks.
|
|
|
|
|
*/
|
|
|
|
|
void ocfs2_open_unlock(struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &OCFS2_I(inode)->ip_open_lockres;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
|
|
|
|
|
|
|
|
|
mlog(0, "inode %llu drop open lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno);
|
|
|
|
|
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
if(lockres->l_ro_holders)
|
2018-04-05 17:18:33 -06:00
|
|
|
ocfs2_cluster_unlock(osb, lockres, DLM_LOCK_PR);
|
2007-03-20 17:01:38 -06:00
|
|
|
if(lockres->l_ex_holders)
|
2018-04-05 17:18:33 -06:00
|
|
|
ocfs2_cluster_unlock(osb, lockres, DLM_LOCK_EX);
|
2007-03-20 17:01:38 -06:00
|
|
|
|
|
|
|
|
out:
|
2011-03-07 01:43:21 -07:00
|
|
|
return;
|
2007-03-20 17:01:38 -06:00
|
|
|
}
|
|
|
|
|
|
2007-12-20 17:43:10 -07:00
|
|
|
static int ocfs2_flock_handle_signal(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int level)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct ocfs2_super *osb = ocfs2_get_lockres_osb(lockres);
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
struct ocfs2_mask_waiter mw;
|
|
|
|
|
|
|
|
|
|
ocfs2_init_mask_waiter(&mw);
|
|
|
|
|
|
|
|
|
|
retry_cancel:
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BUSY) {
|
|
|
|
|
ret = ocfs2_prepare_cancel_convert(osb, lockres);
|
|
|
|
|
if (ret) {
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
ret = ocfs2_cancel_convert(osb, lockres);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
goto retry_cancel;
|
|
|
|
|
}
|
|
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_BUSY, 0);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
ocfs2_wait_for_mask(&mw);
|
|
|
|
|
goto retry_cancel;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = -ERESTARTSYS;
|
|
|
|
|
/*
|
|
|
|
|
* We may still have gotten the lock, in which case there's no
|
|
|
|
|
* point to restarting the syscall.
|
|
|
|
|
*/
|
|
|
|
|
if (lockres->l_level == level)
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
mlog(0, "Cancel returning %d. flags: 0x%lx, level: %d, act: %d\n", ret,
|
|
|
|
|
lockres->l_flags, lockres->l_level, lockres->l_action);
|
|
|
|
|
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* ocfs2_file_lock() and ocfs2_file_unlock() map to a single pair of
|
|
|
|
|
* flock() calls. The locking approach this requires is sufficiently
|
|
|
|
|
* different from all other cluster lock types that we implement a
|
tree-wide: Assorted spelling fixes
In particular, several occurances of funny versions of 'success',
'unknown', 'therefore', 'acknowledge', 'argument', 'achieve', 'address',
'beginning', 'desirable', 'separate' and 'necessary' are fixed.
Signed-off-by: Daniel Mack <daniel@caiaq.de>
Cc: Joe Perches <joe@perches.com>
Cc: Junio C Hamano <gitster@pobox.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2010-02-02 17:01:28 -07:00
|
|
|
* separate path to the "low-level" dlm calls. In particular:
|
2007-12-20 17:43:10 -07:00
|
|
|
*
|
|
|
|
|
* - No optimization of lock levels is done - we take at exactly
|
|
|
|
|
* what's been requested.
|
|
|
|
|
*
|
|
|
|
|
* - No lock caching is employed. We immediately downconvert to
|
|
|
|
|
* no-lock at unlock time. This also means flock locks never go on
|
|
|
|
|
* the blocking list).
|
|
|
|
|
*
|
|
|
|
|
* - Since userspace can trivially deadlock itself with flock, we make
|
|
|
|
|
* sure to allow cancellation of a misbehaving applications flock()
|
|
|
|
|
* request.
|
|
|
|
|
*
|
|
|
|
|
* - Access to any flock lockres doesn't require concurrency, so we
|
|
|
|
|
* can simplify the code by requiring the caller to guarantee
|
|
|
|
|
* serialization of dlmglue flock calls.
|
|
|
|
|
*/
|
|
|
|
|
int ocfs2_file_lock(struct file *file, int ex, int trylock)
|
|
|
|
|
{
|
2008-07-10 10:25:39 -06:00
|
|
|
int ret, level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
|
|
|
|
unsigned int lkm_flags = trylock ? DLM_LKF_NOQUEUE : 0;
|
2007-12-20 17:43:10 -07:00
|
|
|
unsigned long flags;
|
|
|
|
|
struct ocfs2_file_private *fp = file->private_data;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &fp->fp_flock;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(file->f_mapping->host->i_sb);
|
|
|
|
|
struct ocfs2_mask_waiter mw;
|
|
|
|
|
|
|
|
|
|
ocfs2_init_mask_waiter(&mw);
|
|
|
|
|
|
|
|
|
|
if ((lockres->l_flags & OCFS2_LOCK_BUSY) ||
|
2008-02-01 13:14:57 -07:00
|
|
|
(lockres->l_level > DLM_LOCK_NL)) {
|
2007-12-20 17:43:10 -07:00
|
|
|
mlog(ML_ERROR,
|
|
|
|
|
"File lock \"%s\" has busy or locked state: flags: 0x%lx, "
|
|
|
|
|
"level: %u\n", lockres->l_name, lockres->l_flags,
|
|
|
|
|
lockres->l_level);
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_ATTACHED)) {
|
|
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_BUSY, 0);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Get the lock at NLMODE to start - that way we
|
|
|
|
|
* can cancel the upconvert request if need be.
|
|
|
|
|
*/
|
2008-07-10 10:25:39 -06:00
|
|
|
ret = ocfs2_lock_create(osb, lockres, DLM_LOCK_NL, 0);
|
2007-12-20 17:43:10 -07:00
|
|
|
if (ret < 0) {
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = ocfs2_wait_for_mask(&mw);
|
|
|
|
|
if (ret) {
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lockres->l_action = OCFS2_AST_CONVERT;
|
2008-07-10 10:25:39 -06:00
|
|
|
lkm_flags |= DLM_LKF_CONVERT;
|
2007-12-20 17:43:10 -07:00
|
|
|
lockres->l_requested = level;
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
|
|
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_BUSY, 0);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2008-02-01 15:39:35 -07:00
|
|
|
ret = ocfs2_dlm_lock(osb->cconn, level, &lockres->l_lksb, lkm_flags,
|
2010-01-28 20:22:39 -07:00
|
|
|
lockres->l_name, OCFS2_LOCK_ID_MAX_LEN - 1);
|
2008-02-01 13:15:37 -07:00
|
|
|
if (ret) {
|
|
|
|
|
if (!trylock || (ret != -EAGAIN)) {
|
2008-01-29 18:37:32 -07:00
|
|
|
ocfs2_log_dlm_error("ocfs2_dlm_lock", ret, lockres);
|
2007-12-20 17:43:10 -07:00
|
|
|
ret = -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ocfs2_recover_from_dlm_error(lockres, 1);
|
|
|
|
|
lockres_remove_mask_waiter(lockres, &mw);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = ocfs2_wait_for_mask_interruptible(&mw, lockres);
|
|
|
|
|
if (ret == -ERESTARTSYS) {
|
|
|
|
|
/*
|
|
|
|
|
* Userspace can cause deadlock itself with
|
|
|
|
|
* flock(). Current behavior locally is to allow the
|
|
|
|
|
* deadlock, but abort the system call if a signal is
|
|
|
|
|
* received. We follow this example, otherwise a
|
|
|
|
|
* poorly written program could sit in kernel until
|
|
|
|
|
* reboot.
|
|
|
|
|
*
|
|
|
|
|
* Handling this is a bit more complicated for Ocfs2
|
|
|
|
|
* though. We can't exit this function with an
|
|
|
|
|
* outstanding lock request, so a cancel convert is
|
|
|
|
|
* required. We intentionally overwrite 'ret' - if the
|
|
|
|
|
* cancel fails and the lock was granted, it's easier
|
tree-wide: fix assorted typos all over the place
That is "success", "unknown", "through", "performance", "[re|un]mapping"
, "access", "default", "reasonable", "[con]currently", "temperature"
, "channel", "[un]used", "application", "example","hierarchy", "therefore"
, "[over|under]flow", "contiguous", "threshold", "enough" and others.
Signed-off-by: André Goddard Rosa <andre.goddard@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2009-11-14 08:09:05 -07:00
|
|
|
* to just bubble success back up to the user.
|
2007-12-20 17:43:10 -07:00
|
|
|
*/
|
|
|
|
|
ret = ocfs2_flock_handle_signal(lockres, level);
|
2008-01-30 17:52:53 -07:00
|
|
|
} else if (!ret && (level > lockres->l_level)) {
|
|
|
|
|
/* Trylock failed asynchronously */
|
|
|
|
|
BUG_ON(!trylock);
|
|
|
|
|
ret = -EAGAIN;
|
2007-12-20 17:43:10 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
|
|
|
|
|
mlog(0, "Lock: \"%s\" ex: %d, trylock: %d, returns: %d\n",
|
|
|
|
|
lockres->l_name, ex, trylock, ret);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_file_unlock(struct file *file)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
unsigned int gen;
|
2007-12-20 17:43:10 -07:00
|
|
|
unsigned long flags;
|
|
|
|
|
struct ocfs2_file_private *fp = file->private_data;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &fp->fp_flock;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(file->f_mapping->host->i_sb);
|
|
|
|
|
struct ocfs2_mask_waiter mw;
|
|
|
|
|
|
|
|
|
|
ocfs2_init_mask_waiter(&mw);
|
|
|
|
|
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_ATTACHED))
|
|
|
|
|
return;
|
|
|
|
|
|
2008-07-10 10:25:39 -06:00
|
|
|
if (lockres->l_level == DLM_LOCK_NL)
|
2007-12-20 17:43:10 -07:00
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
mlog(0, "Unlock: \"%s\" flags: 0x%lx, level: %d, act: %d\n",
|
|
|
|
|
lockres->l_name, lockres->l_flags, lockres->l_level,
|
|
|
|
|
lockres->l_action);
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
/*
|
|
|
|
|
* Fake a blocking ast for the downconvert code.
|
|
|
|
|
*/
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BLOCKED);
|
2008-02-01 13:14:57 -07:00
|
|
|
lockres->l_blocking = DLM_LOCK_EX;
|
2007-12-20 17:43:10 -07:00
|
|
|
|
2008-07-10 10:25:39 -06:00
|
|
|
gen = ocfs2_prepare_downconvert(lockres, DLM_LOCK_NL);
|
2007-12-20 17:43:10 -07:00
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_BUSY, 0);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2008-07-10 10:25:39 -06:00
|
|
|
ret = ocfs2_downconvert_lock(osb, lockres, DLM_LOCK_NL, 0, gen);
|
2007-12-20 17:43:10 -07:00
|
|
|
if (ret) {
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = ocfs2_wait_for_mask(&mw);
|
|
|
|
|
if (ret)
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
}
|
|
|
|
|
|
2007-09-24 16:56:19 -06:00
|
|
|
static void ocfs2_downconvert_on_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
int kick = 0;
|
|
|
|
|
|
|
|
|
|
/* If we know that another node is waiting on our lock, kick
|
2007-09-24 16:56:19 -06:00
|
|
|
* the downconvert thread * pre-emptively when we reach a release
|
2005-12-15 15:31:24 -07:00
|
|
|
* condition. */
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BLOCKED) {
|
|
|
|
|
switch(lockres->l_blocking) {
|
2008-02-01 13:14:57 -07:00
|
|
|
case DLM_LOCK_EX:
|
2005-12-15 15:31:24 -07:00
|
|
|
if (!lockres->l_ex_holders && !lockres->l_ro_holders)
|
|
|
|
|
kick = 1;
|
|
|
|
|
break;
|
2008-02-01 13:14:57 -07:00
|
|
|
case DLM_LOCK_PR:
|
2005-12-15 15:31:24 -07:00
|
|
|
if (!lockres->l_ex_holders)
|
|
|
|
|
kick = 1;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
BUG();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (kick)
|
2007-09-24 16:56:19 -06:00
|
|
|
ocfs2_wake_downconvert_thread(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#define OCFS2_SEC_BITS 34
|
|
|
|
|
#define OCFS2_SEC_SHIFT (64 - 34)
|
|
|
|
|
#define OCFS2_NSEC_MASK ((1ULL << OCFS2_SEC_SHIFT) - 1)
|
|
|
|
|
|
|
|
|
|
/* LVB only has room for 64 bits of time here so we pack it for
|
|
|
|
|
* now. */
|
2018-11-02 16:48:23 -06:00
|
|
|
static u64 ocfs2_pack_timespec(struct timespec64 *spec)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
u64 res;
|
2018-11-02 16:48:23 -06:00
|
|
|
u64 sec = clamp_t(time64_t, spec->tv_sec, 0, 0x3ffffffffull);
|
2005-12-15 15:31:24 -07:00
|
|
|
u32 nsec = spec->tv_nsec;
|
|
|
|
|
|
|
|
|
|
res = (sec << OCFS2_SEC_SHIFT) | (nsec & OCFS2_NSEC_MASK);
|
|
|
|
|
|
|
|
|
|
return res;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Call this with the lockres locked. I am reasonably sure we don't
|
|
|
|
|
* need ip_lock in this function as anyone who would be changing those
|
2007-10-18 16:30:42 -06:00
|
|
|
* values is supposed to be blocked in ocfs2_inode_lock right now. */
|
2005-12-15 15:31:24 -07:00
|
|
|
static void __ocfs2_stuff_meta_lvb(struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_inode_info *oi = OCFS2_I(inode);
|
2007-10-18 16:30:42 -06:00
|
|
|
struct ocfs2_lock_res *lockres = &oi->ip_inode_lockres;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_meta_lvb *lvb;
|
|
|
|
|
|
2008-12-24 17:03:48 -07:00
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-09-22 18:28:19 -06:00
|
|
|
/*
|
|
|
|
|
* Invalidate the LVB of a deleted inode - this way other
|
|
|
|
|
* nodes are forced to go to disk and discover the new inode
|
|
|
|
|
* status.
|
|
|
|
|
*/
|
|
|
|
|
if (oi->ip_flags & OCFS2_INODE_DELETED) {
|
|
|
|
|
lvb->lvb_version = 0;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-12 16:22:18 -06:00
|
|
|
lvb->lvb_version = OCFS2_LVB_VERSION;
|
2005-12-15 15:31:24 -07:00
|
|
|
lvb->lvb_isize = cpu_to_be64(i_size_read(inode));
|
|
|
|
|
lvb->lvb_iclusters = cpu_to_be32(oi->ip_clusters);
|
2013-01-31 17:59:23 -07:00
|
|
|
lvb->lvb_iuid = cpu_to_be32(i_uid_read(inode));
|
|
|
|
|
lvb->lvb_igid = cpu_to_be32(i_gid_read(inode));
|
2005-12-15 15:31:24 -07:00
|
|
|
lvb->lvb_imode = cpu_to_be16(inode->i_mode);
|
|
|
|
|
lvb->lvb_inlink = cpu_to_be16(inode->i_nlink);
|
|
|
|
|
lvb->lvb_iatime_packed =
|
2018-11-02 16:48:23 -06:00
|
|
|
cpu_to_be64(ocfs2_pack_timespec(&inode->i_atime));
|
2005-12-15 15:31:24 -07:00
|
|
|
lvb->lvb_ictime_packed =
|
2018-11-02 16:48:23 -06:00
|
|
|
cpu_to_be64(ocfs2_pack_timespec(&inode->i_ctime));
|
2005-12-15 15:31:24 -07:00
|
|
|
lvb->lvb_imtime_packed =
|
2018-11-02 16:48:23 -06:00
|
|
|
cpu_to_be64(ocfs2_pack_timespec(&inode->i_mtime));
|
2006-07-03 18:27:12 -06:00
|
|
|
lvb->lvb_iattr = cpu_to_be32(oi->ip_attr);
|
2007-09-07 14:58:15 -06:00
|
|
|
lvb->lvb_idynfeatures = cpu_to_be16(oi->ip_dyn_features);
|
2006-09-12 16:35:49 -06:00
|
|
|
lvb->lvb_igeneration = cpu_to_be32(inode->i_generation);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-09-22 18:28:19 -06:00
|
|
|
out:
|
2005-12-15 15:31:24 -07:00
|
|
|
mlog_meta_lvb(0, lockres);
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-02 16:48:23 -06:00
|
|
|
static void ocfs2_unpack_timespec(struct timespec64 *spec,
|
2005-12-15 15:31:24 -07:00
|
|
|
u64 packed_time)
|
|
|
|
|
{
|
|
|
|
|
spec->tv_sec = packed_time >> OCFS2_SEC_SHIFT;
|
|
|
|
|
spec->tv_nsec = packed_time & OCFS2_NSEC_MASK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_refresh_inode_from_lvb(struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_inode_info *oi = OCFS2_I(inode);
|
2007-10-18 16:30:42 -06:00
|
|
|
struct ocfs2_lock_res *lockres = &oi->ip_inode_lockres;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_meta_lvb *lvb;
|
|
|
|
|
|
|
|
|
|
mlog_meta_lvb(0, lockres);
|
|
|
|
|
|
2008-12-24 17:03:48 -07:00
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
/* We're safe here without the lockres lock... */
|
|
|
|
|
spin_lock(&oi->ip_lock);
|
|
|
|
|
oi->ip_clusters = be32_to_cpu(lvb->lvb_iclusters);
|
|
|
|
|
i_size_write(inode, be64_to_cpu(lvb->lvb_isize));
|
|
|
|
|
|
2006-07-03 18:27:12 -06:00
|
|
|
oi->ip_attr = be32_to_cpu(lvb->lvb_iattr);
|
2007-09-07 14:58:15 -06:00
|
|
|
oi->ip_dyn_features = be16_to_cpu(lvb->lvb_idynfeatures);
|
2006-07-03 18:27:12 -06:00
|
|
|
ocfs2_set_inode_flags(inode);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* fast-symlinks are a special case */
|
|
|
|
|
if (S_ISLNK(inode->i_mode) && !oi->ip_clusters)
|
|
|
|
|
inode->i_blocks = 0;
|
|
|
|
|
else
|
2007-03-22 17:53:23 -06:00
|
|
|
inode->i_blocks = ocfs2_inode_sector_count(inode);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2013-01-31 17:59:23 -07:00
|
|
|
i_uid_write(inode, be32_to_cpu(lvb->lvb_iuid));
|
|
|
|
|
i_gid_write(inode, be32_to_cpu(lvb->lvb_igid));
|
2005-12-15 15:31:24 -07:00
|
|
|
inode->i_mode = be16_to_cpu(lvb->lvb_imode);
|
2011-10-28 06:13:29 -06:00
|
|
|
set_nlink(inode, be16_to_cpu(lvb->lvb_inlink));
|
2018-11-02 16:48:23 -06:00
|
|
|
ocfs2_unpack_timespec(&inode->i_atime,
|
2005-12-15 15:31:24 -07:00
|
|
|
be64_to_cpu(lvb->lvb_iatime_packed));
|
2018-11-02 16:48:23 -06:00
|
|
|
ocfs2_unpack_timespec(&inode->i_mtime,
|
2005-12-15 15:31:24 -07:00
|
|
|
be64_to_cpu(lvb->lvb_imtime_packed));
|
2018-11-02 16:48:23 -06:00
|
|
|
ocfs2_unpack_timespec(&inode->i_ctime,
|
2005-12-15 15:31:24 -07:00
|
|
|
be64_to_cpu(lvb->lvb_ictime_packed));
|
|
|
|
|
spin_unlock(&oi->ip_lock);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-12 16:35:49 -06:00
|
|
|
static inline int ocfs2_meta_lvb_is_trustable(struct inode *inode,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2008-12-24 17:03:48 -07:00
|
|
|
struct ocfs2_meta_lvb *lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2009-06-19 16:14:13 -06:00
|
|
|
if (ocfs2_dlm_lvb_valid(&lockres->l_lksb)
|
|
|
|
|
&& lvb->lvb_version == OCFS2_LVB_VERSION
|
2006-09-12 16:35:49 -06:00
|
|
|
&& be32_to_cpu(lvb->lvb_igeneration) == inode->i_generation)
|
2005-12-15 15:31:24 -07:00
|
|
|
return 1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Determine whether a lock resource needs to be refreshed, and
|
|
|
|
|
* arbitrate who gets to refresh it.
|
|
|
|
|
*
|
|
|
|
|
* 0 means no refresh needed.
|
|
|
|
|
*
|
|
|
|
|
* > 0 means you need to refresh this and you MUST call
|
|
|
|
|
* ocfs2_complete_lock_res_refresh afterwards. */
|
|
|
|
|
static int ocfs2_should_refresh_lock_res(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
int status = 0;
|
|
|
|
|
|
|
|
|
|
refresh_check:
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_NEEDS_REFRESH)) {
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_REFRESHING) {
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
ocfs2_wait_on_refreshing_lock(lockres);
|
|
|
|
|
goto refresh_check;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Ok, I'll be the one to refresh this lock. */
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_REFRESHING);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
status = 1;
|
|
|
|
|
bail:
|
2011-03-07 01:43:21 -07:00
|
|
|
mlog(0, "status %d\n", status);
|
2005-12-15 15:31:24 -07:00
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If status is non zero, I'll mark it as not being in refresh
|
|
|
|
|
* anymroe, but i won't clear the needs refresh flag. */
|
|
|
|
|
static inline void ocfs2_complete_lock_res_refresh(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int status)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_REFRESHING);
|
|
|
|
|
if (!status)
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_NEEDS_REFRESH);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
wake_up(&lockres->l_event);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* may or may not return a bh if it went to disk. */
|
2007-10-18 16:30:42 -06:00
|
|
|
static int ocfs2_inode_lock_update(struct inode *inode,
|
2005-12-15 15:31:24 -07:00
|
|
|
struct buffer_head **bh)
|
|
|
|
|
{
|
|
|
|
|
int status = 0;
|
|
|
|
|
struct ocfs2_inode_info *oi = OCFS2_I(inode);
|
2007-10-18 16:30:42 -06:00
|
|
|
struct ocfs2_lock_res *lockres = &oi->ip_inode_lockres;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_dinode *fe;
|
2006-12-05 18:56:35 -07:00
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2007-04-18 16:22:08 -06:00
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
goto bail;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_lock(&oi->ip_lock);
|
|
|
|
|
if (oi->ip_flags & OCFS2_INODE_DELETED) {
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "Orphaned inode %llu was deleted while we "
|
2005-12-15 15:31:24 -07:00
|
|
|
"were waiting on a lock. ip_flags = 0x%x\n",
|
2006-03-03 11:24:33 -07:00
|
|
|
(unsigned long long)oi->ip_blkno, oi->ip_flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock(&oi->ip_lock);
|
|
|
|
|
status = -ENOENT;
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock(&oi->ip_lock);
|
|
|
|
|
|
2007-04-18 16:22:08 -06:00
|
|
|
if (!ocfs2_should_refresh_lock_res(lockres))
|
|
|
|
|
goto bail;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
/* This will discard any caching information we might have had
|
|
|
|
|
* for the inode metadata. */
|
2009-02-10 21:00:41 -07:00
|
|
|
ocfs2_metadata_cache_purge(INODE_CACHE(inode));
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2007-04-23 19:53:12 -06:00
|
|
|
ocfs2_extent_map_trunc(inode, 0);
|
|
|
|
|
|
2007-04-18 16:22:08 -06:00
|
|
|
if (ocfs2_meta_lvb_is_trustable(inode, lockres)) {
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "Trusting LVB on inode %llu\n",
|
|
|
|
|
(unsigned long long)oi->ip_blkno);
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_refresh_inode_from_lvb(inode);
|
|
|
|
|
} else {
|
|
|
|
|
/* Boo, we have to go to disk. */
|
|
|
|
|
/* read bh, cast, ocfs2_refresh_inode */
|
2008-11-13 15:49:11 -07:00
|
|
|
status = ocfs2_read_inode_block(inode, bh);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0) {
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail_refresh;
|
|
|
|
|
}
|
|
|
|
|
fe = (struct ocfs2_dinode *) (*bh)->b_data;
|
|
|
|
|
|
|
|
|
|
/* This is a good chance to make sure we're not
|
2008-11-13 15:49:11 -07:00
|
|
|
* locking an invalid object. ocfs2_read_inode_block()
|
|
|
|
|
* already checked that the inode block is sane.
|
2005-12-15 15:31:24 -07:00
|
|
|
*
|
|
|
|
|
* We bug on a stale inode here because we checked
|
|
|
|
|
* above whether it was wiped from disk. The wiping
|
|
|
|
|
* node provides a guarantee that we receive that
|
|
|
|
|
* message and can mark the inode before dropping any
|
|
|
|
|
* locks associated with it. */
|
|
|
|
|
mlog_bug_on_msg(inode->i_generation !=
|
|
|
|
|
le32_to_cpu(fe->i_generation),
|
2006-03-03 11:24:33 -07:00
|
|
|
"Invalid dinode %llu disk generation: %u "
|
2005-12-15 15:31:24 -07:00
|
|
|
"inode->i_generation: %u\n",
|
2006-03-03 11:24:33 -07:00
|
|
|
(unsigned long long)oi->ip_blkno,
|
|
|
|
|
le32_to_cpu(fe->i_generation),
|
2005-12-15 15:31:24 -07:00
|
|
|
inode->i_generation);
|
|
|
|
|
mlog_bug_on_msg(le64_to_cpu(fe->i_dtime) ||
|
|
|
|
|
!(fe->i_flags & cpu_to_le32(OCFS2_VALID_FL)),
|
2006-03-03 11:24:33 -07:00
|
|
|
"Stale dinode %llu dtime: %llu flags: 0x%x\n",
|
|
|
|
|
(unsigned long long)oi->ip_blkno,
|
|
|
|
|
(unsigned long long)le64_to_cpu(fe->i_dtime),
|
2005-12-15 15:31:24 -07:00
|
|
|
le32_to_cpu(fe->i_flags));
|
|
|
|
|
|
|
|
|
|
ocfs2_refresh_inode(inode, fe);
|
2008-05-13 14:45:15 -06:00
|
|
|
ocfs2_track_lock_refresh(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
status = 0;
|
|
|
|
|
bail_refresh:
|
2007-04-18 16:22:08 -06:00
|
|
|
ocfs2_complete_lock_res_refresh(lockres, status);
|
2005-12-15 15:31:24 -07:00
|
|
|
bail:
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_assign_bh(struct inode *inode,
|
|
|
|
|
struct buffer_head **ret_bh,
|
|
|
|
|
struct buffer_head *passed_bh)
|
|
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
|
|
|
|
|
if (passed_bh) {
|
|
|
|
|
/* Ok, the update went to disk for us, use the
|
|
|
|
|
* returned bh. */
|
|
|
|
|
*ret_bh = passed_bh;
|
|
|
|
|
get_bh(*ret_bh);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-13 15:49:11 -07:00
|
|
|
status = ocfs2_read_inode_block(inode, ret_bh);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* returns < 0 error if the callback will never be called, otherwise
|
|
|
|
|
* the result of the lock will be communicated via the callback.
|
|
|
|
|
*/
|
2009-06-04 07:26:50 -06:00
|
|
|
int ocfs2_inode_lock_full_nested(struct inode *inode,
|
|
|
|
|
struct buffer_head **ret_bh,
|
|
|
|
|
int ex,
|
|
|
|
|
int arg_flags,
|
|
|
|
|
int subclass)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int status, level, acquired;
|
|
|
|
|
u32 dlm_flags;
|
2006-12-05 18:56:35 -07:00
|
|
|
struct ocfs2_lock_res *lockres = NULL;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
|
|
|
|
struct buffer_head *local_bh = NULL;
|
|
|
|
|
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "inode %llu, take %s META lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno,
|
2005-12-15 15:31:24 -07:00
|
|
|
ex ? "EXMODE" : "PRMODE");
|
|
|
|
|
|
|
|
|
|
status = 0;
|
|
|
|
|
acquired = 0;
|
|
|
|
|
/* We'll allow faking a readonly metadata lock for
|
|
|
|
|
* rodevices. */
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb)) {
|
|
|
|
|
if (ex)
|
|
|
|
|
status = -EROFS;
|
2011-05-27 10:34:19 -06:00
|
|
|
goto getbh;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
if ((arg_flags & OCFS2_META_LOCK_GETBH) ||
|
|
|
|
|
ocfs2_mount_local(osb))
|
|
|
|
|
goto update;
|
2006-12-05 18:56:35 -07:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (!(arg_flags & OCFS2_META_LOCK_RECOVERY))
|
2008-02-01 13:03:57 -07:00
|
|
|
ocfs2_wait_for_recovery(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2007-10-18 16:30:42 -06:00
|
|
|
lockres = &OCFS2_I(inode)->ip_inode_lockres;
|
2008-02-01 13:14:57 -07:00
|
|
|
level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
dlm_flags = 0;
|
|
|
|
|
if (arg_flags & OCFS2_META_LOCK_NOQUEUE)
|
2008-02-01 13:14:57 -07:00
|
|
|
dlm_flags |= DLM_LKF_NOQUEUE;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2009-06-04 07:26:50 -06:00
|
|
|
status = __ocfs2_cluster_lock(osb, lockres, level, dlm_flags,
|
|
|
|
|
arg_flags, subclass, _RET_IP_);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0) {
|
2013-05-07 17:18:25 -06:00
|
|
|
if (status != -EAGAIN)
|
2005-12-15 15:31:24 -07:00
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Notify the error cleanup path to drop the cluster lock. */
|
|
|
|
|
acquired = 1;
|
|
|
|
|
|
|
|
|
|
/* We wait twice because a node may have died while we were in
|
|
|
|
|
* the lower dlm layers. The second time though, we've
|
|
|
|
|
* committed to owning this lock so we don't allow signals to
|
|
|
|
|
* abort the operation. */
|
|
|
|
|
if (!(arg_flags & OCFS2_META_LOCK_RECOVERY))
|
2008-02-01 13:03:57 -07:00
|
|
|
ocfs2_wait_for_recovery(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
update:
|
2006-09-22 18:28:19 -06:00
|
|
|
/*
|
|
|
|
|
* We only see this flag if we're being called from
|
|
|
|
|
* ocfs2_read_locked_inode(). It means we're locking an inode
|
|
|
|
|
* which hasn't been populated yet, so clear the refresh flag
|
|
|
|
|
* and let the caller handle it.
|
|
|
|
|
*/
|
|
|
|
|
if (inode->i_state & I_NEW) {
|
|
|
|
|
status = 0;
|
2006-12-05 18:56:35 -07:00
|
|
|
if (lockres)
|
|
|
|
|
ocfs2_complete_lock_res_refresh(lockres, 0);
|
2006-09-22 18:28:19 -06:00
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* This is fun. The caller may want a bh back, or it may
|
2007-10-18 16:30:42 -06:00
|
|
|
* not. ocfs2_inode_lock_update definitely wants one in, but
|
2005-12-15 15:31:24 -07:00
|
|
|
* may or may not read one, depending on what's in the
|
|
|
|
|
* LVB. The result of all of this is that we've *only* gone to
|
|
|
|
|
* disk if we have to, so the complexity is worthwhile. */
|
2007-10-18 16:30:42 -06:00
|
|
|
status = ocfs2_inode_lock_update(inode, &local_bh);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0) {
|
|
|
|
|
if (status != -ENOENT)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
2011-05-27 10:34:19 -06:00
|
|
|
getbh:
|
2005-12-15 15:31:24 -07:00
|
|
|
if (ret_bh) {
|
|
|
|
|
status = ocfs2_assign_bh(inode, ret_bh, local_bh);
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bail:
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
if (ret_bh && (*ret_bh)) {
|
|
|
|
|
brelse(*ret_bh);
|
|
|
|
|
*ret_bh = NULL;
|
|
|
|
|
}
|
|
|
|
|
if (acquired)
|
2007-10-18 16:30:42 -06:00
|
|
|
ocfs2_inode_unlock(inode, ex);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2019-09-23 16:33:34 -06:00
|
|
|
brelse(local_bh);
|
2005-12-15 15:31:24 -07:00
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2007-09-24 16:56:19 -06:00
|
|
|
* This is working around a lock inversion between tasks acquiring DLM
|
|
|
|
|
* locks while holding a page lock and the downconvert thread which
|
|
|
|
|
* blocks dlm lock acquiry while acquiring page locks.
|
2005-12-15 15:31:24 -07:00
|
|
|
*
|
|
|
|
|
* ** These _with_page variantes are only intended to be called from aop
|
|
|
|
|
* methods that hold page locks and return a very specific *positive* error
|
|
|
|
|
* code that aop methods pass up to the VFS -- test for errors with != 0. **
|
|
|
|
|
*
|
2007-09-24 16:56:19 -06:00
|
|
|
* The DLM is called such that it returns -EAGAIN if it would have
|
|
|
|
|
* blocked waiting for the downconvert thread. In that case we unlock
|
|
|
|
|
* our page so the downconvert thread can make progress. Once we've
|
|
|
|
|
* done this we have to return AOP_TRUNCATED_PAGE so the aop method
|
|
|
|
|
* that called us can bubble that back up into the VFS who will then
|
|
|
|
|
* immediately retry the aop call.
|
2005-12-15 15:31:24 -07:00
|
|
|
*/
|
2007-10-18 16:30:42 -06:00
|
|
|
int ocfs2_inode_lock_with_page(struct inode *inode,
|
2005-12-15 15:31:24 -07:00
|
|
|
struct buffer_head **ret_bh,
|
|
|
|
|
int ex,
|
|
|
|
|
struct page *page)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
2007-10-18 16:30:42 -06:00
|
|
|
ret = ocfs2_inode_lock_full(inode, ret_bh, ex, OCFS2_LOCK_NONBLOCK);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (ret == -EAGAIN) {
|
|
|
|
|
unlock_page(page);
|
ocfs2: try a blocking lock before return AOP_TRUNCATED_PAGE
If we can't get inode lock immediately in the function
ocfs2_inode_lock_with_page() when reading a page, we should not return
directly here, since this will lead to a softlockup problem when the
kernel is configured with CONFIG_PREEMPT is not set. The method is to
get a blocking lock and immediately unlock before returning, this can
avoid CPU resource waste due to lots of retries, and benefits fairness
in getting lock among multiple nodes, increase efficiency in case
modifying the same file frequently from multiple nodes.
The softlockup crash (when set /proc/sys/kernel/softlockup_panic to 1)
looks like:
Kernel panic - not syncing: softlockup: hung tasks
CPU: 0 PID: 885 Comm: multi_mmap Tainted: G L 4.12.14-6.1-default #1
Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
Call Trace:
<IRQ>
dump_stack+0x5c/0x82
panic+0xd5/0x21e
watchdog_timer_fn+0x208/0x210
__hrtimer_run_queues+0xcc/0x200
hrtimer_interrupt+0xa6/0x1f0
smp_apic_timer_interrupt+0x34/0x50
apic_timer_interrupt+0x96/0xa0
</IRQ>
RIP: 0010:unlock_page+0x17/0x30
RSP: 0000:ffffaf154080bc88 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: dead000000000100 RBX: fffff21e009f5300 RCX: 0000000000000004
RDX: dead0000000000ff RSI: 0000000000000202 RDI: fffff21e009f5300
RBP: 0000000000000000 R08: 0000000000000000 R09: ffffaf154080bb00
R10: ffffaf154080bc30 R11: 0000000000000040 R12: ffff993749a39518
R13: 0000000000000000 R14: fffff21e009f5300 R15: fffff21e009f5300
ocfs2_inode_lock_with_page+0x25/0x30 [ocfs2]
ocfs2_readpage+0x41/0x2d0 [ocfs2]
filemap_fault+0x12b/0x5c0
ocfs2_fault+0x29/0xb0 [ocfs2]
__do_fault+0x1a/0xa0
__handle_mm_fault+0xbe8/0x1090
handle_mm_fault+0xaa/0x1f0
__do_page_fault+0x235/0x4b0
trace_do_page_fault+0x3c/0x110
async_page_fault+0x28/0x30
RIP: 0033:0x7fa75ded638e
RSP: 002b:00007ffd6657db18 EFLAGS: 00010287
RAX: 000055c7662fb700 RBX: 0000000000000001 RCX: 000055c7662fb700
RDX: 0000000000001770 RSI: 00007fa75e909000 RDI: 000055c7662fb700
RBP: 0000000000000003 R08: 000000000000000e R09: 0000000000000000
R10: 0000000000000483 R11: 00007fa75ded61b0 R12: 00007fa75e90a770
R13: 000000000000000e R14: 0000000000001770 R15: 0000000000000000
About performance improvement, we can see the testing time is reduced,
and CPU utilization decreases, the detailed data is as follows. I ran
multi_mmap test case in ocfs2-test package in a three nodes cluster.
Before applying this patch:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2754 ocfs2te+ 20 0 170248 6980 4856 D 80.73 0.341 0:18.71 multi_mmap
1505 root rt 0 222236 123060 97224 S 2.658 6.015 0:01.44 corosync
5 root 20 0 0 0 0 S 1.329 0.000 0:00.19 kworker/u8:0
95 root 20 0 0 0 0 S 1.329 0.000 0:00.25 kworker/u8:1
2728 root 20 0 0 0 0 S 0.997 0.000 0:00.24 jbd2/sda1-33
2721 root 20 0 0 0 0 S 0.664 0.000 0:00.07 ocfs2dc-3C8CFD4
2750 ocfs2te+ 20 0 142976 4652 3532 S 0.664 0.227 0:00.28 mpirun
ocfs2test@tb-node2:~>multiple_run.sh -i ens3 -k ~/linux-4.4.21-69.tar.gz -o ~/ocfs2mullog -C hacluster -s pcmk -n tb-node2,tb-node1,tb-node3 -d /dev/sda1 -b 4096 -c 32768 -t multi_mmap /mnt/shared
Tests with "-b 4096 -C 32768"
Thu Dec 28 14:44:52 CST 2017
multi_mmap..................................................Passed.
Runtime 783 seconds.
After apply this patch:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2508 ocfs2te+ 20 0 170248 6804 4680 R 54.00 0.333 0:55.37 multi_mmap
155 root 20 0 0 0 0 S 2.667 0.000 0:01.20 kworker/u8:3
95 root 20 0 0 0 0 S 2.000 0.000 0:01.58 kworker/u8:1
2504 ocfs2te+ 20 0 142976 4604 3480 R 1.667 0.225 0:01.65 mpirun
5 root 20 0 0 0 0 S 1.000 0.000 0:01.36 kworker/u8:0
2482 root 20 0 0 0 0 S 1.000 0.000 0:00.86 jbd2/sda1-33
299 root 0 -20 0 0 0 S 0.333 0.000 0:00.13 kworker/2:1H
335 root 0 -20 0 0 0 S 0.333 0.000 0:00.17 kworker/1:1H
535 root 20 0 12140 7268 1456 S 0.333 0.355 0:00.34 haveged
1282 root rt 0 222284 123108 97224 S 0.333 6.017 0:01.33 corosync
ocfs2test@tb-node2:~>multiple_run.sh -i ens3 -k ~/linux-4.4.21-69.tar.gz -o ~/ocfs2mullog -C hacluster -s pcmk -n tb-node2,tb-node1,tb-node3 -d /dev/sda1 -b 4096 -c 32768 -t multi_mmap /mnt/shared
Tests with "-b 4096 -C 32768"
Thu Dec 28 15:04:12 CST 2017
multi_mmap..................................................Passed.
Runtime 487 seconds.
Link: http://lkml.kernel.org/r/1514447305-30814-1-git-send-email-ghe@suse.com
Fixes: 1cce4df04f37 ("ocfs2: do not lock/unlock() inode DLM lock")
Signed-off-by: Gang He <ghe@suse.com>
Reviewed-by: Eric Ren <zren@suse.com>
Acked-by: alex chen <alex.chen@huawei.com>
Acked-by: piaojun <piaojun@huawei.com>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-01-31 17:14:48 -07:00
|
|
|
/*
|
|
|
|
|
* If we can't get inode lock immediately, we should not return
|
|
|
|
|
* directly here, since this will lead to a softlockup problem.
|
|
|
|
|
* The method is to get a blocking lock and immediately unlock
|
|
|
|
|
* before returning, this can avoid CPU resource waste due to
|
|
|
|
|
* lots of retries, and benefits fairness in getting lock.
|
|
|
|
|
*/
|
|
|
|
|
if (ocfs2_inode_lock(inode, ret_bh, ex) == 0)
|
|
|
|
|
ocfs2_inode_unlock(inode, ex);
|
2005-12-15 15:31:24 -07:00
|
|
|
ret = AOP_TRUNCATED_PAGE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2007-10-18 16:30:42 -06:00
|
|
|
int ocfs2_inode_lock_atime(struct inode *inode,
|
2006-11-15 00:48:42 -07:00
|
|
|
struct vfsmount *vfsmnt,
|
2018-01-31 17:15:25 -07:00
|
|
|
int *level, int wait)
|
2006-11-15 00:48:42 -07:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
2018-01-31 17:15:25 -07:00
|
|
|
if (wait)
|
|
|
|
|
ret = ocfs2_inode_lock(inode, NULL, 0);
|
|
|
|
|
else
|
|
|
|
|
ret = ocfs2_try_inode_lock(inode, NULL, 0);
|
|
|
|
|
|
2006-11-15 00:48:42 -07:00
|
|
|
if (ret < 0) {
|
2018-01-31 17:15:25 -07:00
|
|
|
if (ret != -EAGAIN)
|
|
|
|
|
mlog_errno(ret);
|
2006-11-15 00:48:42 -07:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If we should update atime, we will get EX lock,
|
|
|
|
|
* otherwise we just get PR lock.
|
|
|
|
|
*/
|
|
|
|
|
if (ocfs2_should_update_atime(inode, vfsmnt)) {
|
|
|
|
|
struct buffer_head *bh = NULL;
|
|
|
|
|
|
2007-10-18 16:30:42 -06:00
|
|
|
ocfs2_inode_unlock(inode, 0);
|
2018-01-31 17:15:25 -07:00
|
|
|
if (wait)
|
|
|
|
|
ret = ocfs2_inode_lock(inode, &bh, 1);
|
|
|
|
|
else
|
|
|
|
|
ret = ocfs2_try_inode_lock(inode, &bh, 1);
|
|
|
|
|
|
2006-11-15 00:48:42 -07:00
|
|
|
if (ret < 0) {
|
2018-01-31 17:15:25 -07:00
|
|
|
if (ret != -EAGAIN)
|
|
|
|
|
mlog_errno(ret);
|
2006-11-15 00:48:42 -07:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
*level = 1;
|
|
|
|
|
if (ocfs2_should_update_atime(inode, vfsmnt))
|
|
|
|
|
ocfs2_update_inode_atime(inode, bh);
|
2019-09-23 16:33:34 -06:00
|
|
|
brelse(bh);
|
2006-11-15 00:48:42 -07:00
|
|
|
} else
|
|
|
|
|
*level = 0;
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2007-10-18 16:30:42 -06:00
|
|
|
void ocfs2_inode_unlock(struct inode *inode,
|
2005-12-15 15:31:24 -07:00
|
|
|
int ex)
|
|
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2007-10-18 16:30:42 -06:00
|
|
|
struct ocfs2_lock_res *lockres = &OCFS2_I(inode)->ip_inode_lockres;
|
2006-12-05 18:56:35 -07:00
|
|
|
struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(0, "inode %llu drop %s META lock\n",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno,
|
2005-12-15 15:31:24 -07:00
|
|
|
ex ? "EXMODE" : "PRMODE");
|
|
|
|
|
|
2018-04-05 17:18:33 -06:00
|
|
|
if (!ocfs2_is_hard_readonly(osb) &&
|
2006-12-05 18:56:35 -07:00
|
|
|
!ocfs2_mount_local(osb))
|
2018-04-05 17:18:33 -06:00
|
|
|
ocfs2_cluster_unlock(osb, lockres, level);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
/*
|
|
|
|
|
* This _tracker variantes are introduced to deal with the recursive cluster
|
|
|
|
|
* locking issue. The idea is to keep track of a lock holder on the stack of
|
|
|
|
|
* the current process. If there's a lock holder on the stack, we know the
|
|
|
|
|
* task context is already protected by cluster locking. Currently, they're
|
|
|
|
|
* used in some VFS entry routines.
|
|
|
|
|
*
|
|
|
|
|
* return < 0 on error, return == 0 if there's no lock holder on the stack
|
|
|
|
|
* before this call, return == 1 if this call would be a recursive locking.
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
* return == -1 if this lock attempt will cause an upgrade which is forbidden.
|
|
|
|
|
*
|
|
|
|
|
* When taking lock levels into account,we face some different situations.
|
|
|
|
|
*
|
|
|
|
|
* 1. no lock is held
|
|
|
|
|
* In this case, just lock the inode as requested and return 0
|
|
|
|
|
*
|
|
|
|
|
* 2. We are holding a lock
|
|
|
|
|
* For this situation, things diverges into several cases
|
|
|
|
|
*
|
|
|
|
|
* wanted holding what to do
|
|
|
|
|
* ex ex see 2.1 below
|
|
|
|
|
* ex pr see 2.2 below
|
|
|
|
|
* pr ex see 2.1 below
|
|
|
|
|
* pr pr see 2.1 below
|
|
|
|
|
*
|
|
|
|
|
* 2.1 lock level that is been held is compatible
|
|
|
|
|
* with the wanted level, so no lock action will be tacken.
|
|
|
|
|
*
|
|
|
|
|
* 2.2 Otherwise, an upgrade is needed, but it is forbidden.
|
|
|
|
|
*
|
|
|
|
|
* Reason why upgrade within a process is forbidden is that
|
|
|
|
|
* lock upgrade may cause dead lock. The following illustrates
|
|
|
|
|
* how it happens.
|
|
|
|
|
*
|
|
|
|
|
* thread on node1 thread on node2
|
|
|
|
|
* ocfs2_inode_lock_tracker(ex=0)
|
|
|
|
|
*
|
|
|
|
|
* <====== ocfs2_inode_lock_tracker(ex=1)
|
|
|
|
|
*
|
|
|
|
|
* ocfs2_inode_lock_tracker(ex=1)
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
*/
|
|
|
|
|
int ocfs2_inode_lock_tracker(struct inode *inode,
|
|
|
|
|
struct buffer_head **ret_bh,
|
|
|
|
|
int ex,
|
|
|
|
|
struct ocfs2_lock_holder *oh)
|
|
|
|
|
{
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
int status = 0;
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
struct ocfs2_lock_res *lockres;
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
struct ocfs2_lock_holder *tmp_oh;
|
|
|
|
|
struct pid *pid = task_pid(current);
|
|
|
|
|
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
|
|
|
|
|
lockres = &OCFS2_I(inode)->ip_inode_lockres;
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
tmp_oh = ocfs2_pid_holder(lockres, pid);
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
if (!tmp_oh) {
|
|
|
|
|
/*
|
|
|
|
|
* This corresponds to the case 1.
|
|
|
|
|
* We haven't got any lock before.
|
|
|
|
|
*/
|
|
|
|
|
status = ocfs2_inode_lock_full(inode, ret_bh, ex, 0);
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
if (status < 0) {
|
|
|
|
|
if (status != -ENOENT)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
return status;
|
|
|
|
|
}
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
|
|
|
|
|
oh->oh_ex = ex;
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
ocfs2_add_holder(lockres, oh);
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
return 0;
|
|
|
|
|
}
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
if (unlikely(ex && !tmp_oh->oh_ex)) {
|
|
|
|
|
/*
|
|
|
|
|
* case 2.2 upgrade may cause dead lock, forbid it.
|
|
|
|
|
*/
|
|
|
|
|
mlog(ML_ERROR, "Recursive locking is not permitted to "
|
|
|
|
|
"upgrade to EX level from PR level.\n");
|
|
|
|
|
dump_stack();
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* case 2.1 OCFS2_META_LOCK_GETBH flag make ocfs2_inode_lock_full.
|
|
|
|
|
* ignore the lock level and just update it.
|
|
|
|
|
*/
|
|
|
|
|
if (ret_bh) {
|
|
|
|
|
status = ocfs2_inode_lock_full(inode, ret_bh, ex,
|
|
|
|
|
OCFS2_META_LOCK_GETBH);
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
if (status != -ENOENT)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return tmp_oh ? 1 : 0;
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_inode_unlock_tracker(struct inode *inode,
|
|
|
|
|
int ex,
|
|
|
|
|
struct ocfs2_lock_holder *oh,
|
|
|
|
|
int had_lock)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
|
|
|
|
|
lockres = &OCFS2_I(inode)->ip_inode_lockres;
|
2017-06-23 16:08:55 -06:00
|
|
|
/* had_lock means that the currect process already takes the cluster
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
* lock previously.
|
|
|
|
|
* If had_lock is 1, we have nothing to do here.
|
|
|
|
|
* If had_lock is 0, we will release the lock.
|
2017-06-23 16:08:55 -06:00
|
|
|
*/
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
if (!had_lock) {
|
ocfs2: ocfs2_inode_lock_tracker does not distinguish lock level
ocfs2_inode_lock_tracker as a variant of ocfs2_inode_lock, is used to
prevent deadlock due to recursive lock acquisition.
But this function does not distinguish whether the requested level is EX
or PR.
If a RP lock has been attained, this function will immediately return
success afterwards even an EX lock is requested.
But actually the return value does not mean that the process got a EX
lock, because ocfs2_inode_lock has not been called.
When taking lock levels into account, we face some different situations:
1. no lock is held
In this case, just lock the inode and return 0
2. We are holding a lock
For this situation, things diverges into several cases
wanted holding what to do
ex ex see 2.1 below
ex pr see 2.2 below
pr ex see 2.1 below
pr pr see 2.1 below
2.1 lock level that is been held is compatible
with the wanted level, so no lock action will be tacken.
2.2 Otherwise, an upgrade is needed, but it is forbidden.
Reason why upgrade within a process is forbidden is that lock upgrade
may cause dead lock. The following illustrate how it happens.
process 1 process 2
ocfs2_inode_lock_tracker(ex=0)
<====== ocfs2_inode_lock_tracker(ex=1)
ocfs2_inode_lock_tracker(ex=1)
For the status quo of ocfs2, without this patch, neither a bug nor
end-user impact will be caused because the wrong logic is avoided.
But I'm afraid this generic interface, may be called by other developers
in future and used in this situation.
a process
ocfs2_inode_lock_tracker(ex=0)
ocfs2_inode_lock_tracker(ex=1)
Link: http://lkml.kernel.org/r/20180510053230.17217-1-lchen@suse.com
Signed-off-by: Larry Chen <lchen@suse.com>
Reviewed-by: Gang He <ghe@suse.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Changwei Ge <ge.changwei@h3c.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-06-07 18:04:43 -06:00
|
|
|
ocfs2_inode_unlock(inode, oh->oh_ex);
|
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
We are in the situation that we have to avoid recursive cluster locking,
but there is no way to check if a cluster lock has been taken by a precess
already.
Mostly, we can avoid recursive locking by writing code carefully.
However, we found that it's very hard to handle the routines that are
invoked directly by vfs code. For instance:
const struct inode_operations ocfs2_file_iops = {
.permission = ocfs2_permission,
.get_acl = ocfs2_iop_get_acl,
.set_acl = ocfs2_iop_set_acl,
};
Both ocfs2_permission() and ocfs2_iop_get_acl() call ocfs2_inode_lock(PR):
do_sys_open
may_open
inode_permission
ocfs2_permission
ocfs2_inode_lock() <=== first time
generic_permission
get_acl
ocfs2_iop_get_acl
ocfs2_inode_lock() <=== recursive one
A deadlock will occur if a remote EX request comes in between two of
ocfs2_inode_lock(). Briefly describe how the deadlock is formed:
On one hand, OCFS2_LOCK_BLOCKED flag of this lockres is set in
BAST(ocfs2_generic_handle_bast) when downconvert is started on behalf of
the remote EX lock request. Another hand, the recursive cluster lock
(the second one) will be blocked in in __ocfs2_cluster_lock() because of
OCFS2_LOCK_BLOCKED. But, the downconvert never complete, why? because
there is no chance for the first cluster lock on this node to be
unlocked - we block ourselves in the code path.
The idea to fix this issue is mostly taken from gfs2 code.
1. introduce a new field: struct ocfs2_lock_res.l_holders, to keep track
of the processes' pid who has taken the cluster lock of this lock
resource;
2. introduce a new flag for ocfs2_inode_lock_full:
OCFS2_META_LOCK_GETBH; it means just getting back disk inode bh for
us if we've got cluster lock.
3. export a helper: ocfs2_is_locked_by_me() is used to check if we have
got the cluster lock in the upper code path.
The tracking logic should be used by some of the ocfs2 vfs's callbacks,
to solve the recursive locking issue cuased by the fact that vfs
routines can call into each other.
The performance penalty of processing the holder list should only be
seen at a few cases where the tracking logic is used, such as get/set
acl.
You may ask what if the first time we got a PR lock, and the second time
we want a EX lock? fortunately, this case never happens in the real
world, as far as I can see, including permission check,
(get|set)_(acl|attr), and the gfs2 code also do so.
[sfr@canb.auug.org.au remove some inlines]
Link: http://lkml.kernel.org/r/20170117100948.11657-2-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-22 16:40:41 -07:00
|
|
|
ocfs2_remove_holder(lockres, oh);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-06-22 12:40:07 -06:00
|
|
|
int ocfs2_orphan_scan_lock(struct ocfs2_super *osb, u32 *seqno)
|
2009-06-03 18:02:55 -06:00
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
struct ocfs2_orphan_scan_lvb *lvb;
|
|
|
|
|
int status = 0;
|
|
|
|
|
|
2009-06-22 12:40:07 -06:00
|
|
|
if (ocfs2_is_hard_readonly(osb))
|
|
|
|
|
return -EROFS;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2009-06-03 18:02:55 -06:00
|
|
|
lockres = &osb->osb_orphan_scan.os_lockres;
|
2009-06-22 12:40:07 -06:00
|
|
|
status = ocfs2_cluster_lock(osb, lockres, DLM_LOCK_EX, 0, 0);
|
2009-06-03 18:02:55 -06:00
|
|
|
if (status < 0)
|
|
|
|
|
return status;
|
|
|
|
|
|
|
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2009-06-19 16:14:13 -06:00
|
|
|
if (ocfs2_dlm_lvb_valid(&lockres->l_lksb) &&
|
|
|
|
|
lvb->lvb_version == OCFS2_ORPHAN_LVB_VERSION)
|
2009-06-03 18:02:55 -06:00
|
|
|
*seqno = be32_to_cpu(lvb->lvb_os_seqno);
|
2009-06-19 17:53:18 -06:00
|
|
|
else
|
|
|
|
|
*seqno = osb->osb_orphan_scan.os_seqno + 1;
|
|
|
|
|
|
2009-06-03 18:02:55 -06:00
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
2009-06-22 12:40:07 -06:00
|
|
|
void ocfs2_orphan_scan_unlock(struct ocfs2_super *osb, u32 seqno)
|
2009-06-03 18:02:55 -06:00
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
struct ocfs2_orphan_scan_lvb *lvb;
|
|
|
|
|
|
2009-06-22 12:40:07 -06:00
|
|
|
if (!ocfs2_is_hard_readonly(osb) && !ocfs2_mount_local(osb)) {
|
|
|
|
|
lockres = &osb->osb_orphan_scan.os_lockres;
|
|
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
|
|
|
|
lvb->lvb_version = OCFS2_ORPHAN_LVB_VERSION;
|
|
|
|
|
lvb->lvb_os_seqno = cpu_to_be32(seqno);
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres, DLM_LOCK_EX);
|
|
|
|
|
}
|
2009-06-03 18:02:55 -06:00
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
int ocfs2_super_lock(struct ocfs2_super *osb,
|
|
|
|
|
int ex)
|
|
|
|
|
{
|
2006-12-05 18:56:35 -07:00
|
|
|
int status = 0;
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_super_lockres;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb))
|
|
|
|
|
return -EROFS;
|
|
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
goto bail;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
status = ocfs2_cluster_lock(osb, lockres, level, 0, 0);
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* The super block lock path is really in the best position to
|
|
|
|
|
* know when resources covered by the lock need to be
|
|
|
|
|
* refreshed, so we do it here. Of course, making sense of
|
|
|
|
|
* everything is up to the caller :) */
|
|
|
|
|
status = ocfs2_should_refresh_lock_res(lockres);
|
|
|
|
|
if (status) {
|
2008-02-01 12:59:09 -07:00
|
|
|
status = ocfs2_refresh_slot_info(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
ocfs2_complete_lock_res_refresh(lockres, status);
|
|
|
|
|
|
2013-02-21 17:42:45 -07:00
|
|
|
if (status < 0) {
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres, level);
|
2005-12-15 15:31:24 -07:00
|
|
|
mlog_errno(status);
|
2013-02-21 17:42:45 -07:00
|
|
|
}
|
2008-05-13 14:45:15 -06:00
|
|
|
ocfs2_track_lock_refresh(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
bail:
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_super_unlock(struct ocfs2_super *osb,
|
|
|
|
|
int ex)
|
|
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_super_lockres;
|
|
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
if (!ocfs2_mount_local(osb))
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres, level);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int ocfs2_rename_lock(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_rename_lockres;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb))
|
|
|
|
|
return -EROFS;
|
|
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
status = ocfs2_cluster_lock(osb, lockres, DLM_LOCK_EX, 0, 0);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_rename_unlock(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_rename_lockres;
|
|
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
if (!ocfs2_mount_local(osb))
|
2008-02-01 13:14:57 -07:00
|
|
|
ocfs2_cluster_unlock(osb, lockres, DLM_LOCK_EX);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2009-03-06 06:29:10 -07:00
|
|
|
int ocfs2_nfs_sync_lock(struct ocfs2_super *osb, int ex)
|
|
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_nfs_sync_lockres;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb))
|
|
|
|
|
return -EROFS;
|
|
|
|
|
|
2020-06-25 21:29:30 -06:00
|
|
|
if (ex)
|
|
|
|
|
down_write(&osb->nfs_sync_rwlock);
|
|
|
|
|
else
|
|
|
|
|
down_read(&osb->nfs_sync_rwlock);
|
|
|
|
|
|
2009-03-06 06:29:10 -07:00
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
status = ocfs2_cluster_lock(osb, lockres, ex ? LKM_EXMODE : LKM_PRMODE,
|
|
|
|
|
0, 0);
|
2020-08-07 00:18:09 -06:00
|
|
|
if (status < 0) {
|
2009-03-06 06:29:10 -07:00
|
|
|
mlog(ML_ERROR, "lock on nfs sync lock failed %d\n", status);
|
|
|
|
|
|
2020-08-07 00:18:09 -06:00
|
|
|
if (ex)
|
|
|
|
|
up_write(&osb->nfs_sync_rwlock);
|
|
|
|
|
else
|
|
|
|
|
up_read(&osb->nfs_sync_rwlock);
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-06 06:29:10 -07:00
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_nfs_sync_unlock(struct ocfs2_super *osb, int ex)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_nfs_sync_lockres;
|
|
|
|
|
|
|
|
|
|
if (!ocfs2_mount_local(osb))
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres,
|
|
|
|
|
ex ? LKM_EXMODE : LKM_PRMODE);
|
2020-06-25 21:29:30 -06:00
|
|
|
if (ex)
|
|
|
|
|
up_write(&osb->nfs_sync_rwlock);
|
|
|
|
|
else
|
|
|
|
|
up_read(&osb->nfs_sync_rwlock);
|
2009-03-06 06:29:10 -07:00
|
|
|
}
|
|
|
|
|
|
2018-01-31 17:15:10 -07:00
|
|
|
int ocfs2_trim_fs_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_trim_fs_info *info, int trylock)
|
|
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
struct ocfs2_trim_fs_lvb *lvb;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_trim_fs_lockres;
|
|
|
|
|
|
|
|
|
|
if (info)
|
|
|
|
|
info->tf_valid = 0;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb))
|
|
|
|
|
return -EROFS;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
status = ocfs2_cluster_lock(osb, lockres, DLM_LOCK_EX,
|
|
|
|
|
trylock ? DLM_LKF_NOQUEUE : 0, 0);
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
if (status != -EAGAIN)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (info) {
|
|
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
|
|
|
|
if (ocfs2_dlm_lvb_valid(&lockres->l_lksb) &&
|
|
|
|
|
lvb->lvb_version == OCFS2_TRIMFS_LVB_VERSION) {
|
|
|
|
|
info->tf_valid = 1;
|
|
|
|
|
info->tf_success = lvb->lvb_success;
|
|
|
|
|
info->tf_nodenum = be32_to_cpu(lvb->lvb_nodenum);
|
|
|
|
|
info->tf_start = be64_to_cpu(lvb->lvb_start);
|
|
|
|
|
info->tf_len = be64_to_cpu(lvb->lvb_len);
|
|
|
|
|
info->tf_minlen = be64_to_cpu(lvb->lvb_minlen);
|
|
|
|
|
info->tf_trimlen = be64_to_cpu(lvb->lvb_trimlen);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_trim_fs_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_trim_fs_info *info)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_trim_fs_lvb *lvb;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &osb->osb_trim_fs_lockres;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (info) {
|
|
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
|
|
|
|
lvb->lvb_version = OCFS2_TRIMFS_LVB_VERSION;
|
|
|
|
|
lvb->lvb_success = info->tf_success;
|
|
|
|
|
lvb->lvb_nodenum = cpu_to_be32(info->tf_nodenum);
|
|
|
|
|
lvb->lvb_start = cpu_to_be64(info->tf_start);
|
|
|
|
|
lvb->lvb_len = cpu_to_be64(info->tf_len);
|
|
|
|
|
lvb->lvb_minlen = cpu_to_be64(info->tf_minlen);
|
|
|
|
|
lvb->lvb_trimlen = cpu_to_be64(info->tf_trimlen);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres, DLM_LOCK_EX);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
int ocfs2_dentry_lock(struct dentry *dentry, int ex)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2006-09-08 15:14:34 -06:00
|
|
|
struct ocfs2_dentry_lock *dl = dentry->d_fsdata;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(dentry->d_sb);
|
|
|
|
|
|
|
|
|
|
BUG_ON(!dl);
|
|
|
|
|
|
2011-05-27 10:34:19 -06:00
|
|
|
if (ocfs2_is_hard_readonly(osb)) {
|
|
|
|
|
if (ex)
|
|
|
|
|
return -EROFS;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2006-09-08 15:14:34 -06:00
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
ret = ocfs2_cluster_lock(osb, &dl->dl_lockres, level, 0, 0);
|
|
|
|
|
if (ret < 0)
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_dentry_unlock(struct dentry *dentry, int ex)
|
|
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
2006-09-08 15:14:34 -06:00
|
|
|
struct ocfs2_dentry_lock *dl = dentry->d_fsdata;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(dentry->d_sb);
|
|
|
|
|
|
2011-05-27 10:34:19 -06:00
|
|
|
if (!ocfs2_is_hard_readonly(osb) && !ocfs2_mount_local(osb))
|
2006-12-05 18:56:35 -07:00
|
|
|
ocfs2_cluster_unlock(osb, &dl->dl_lockres, level);
|
2006-09-08 15:14:34 -06:00
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* Reference counting of the dlm debug structure. We want this because
|
|
|
|
|
* open references on the debug inodes can live on after a mount, so
|
|
|
|
|
* we can't rely on the ocfs2_super to always exist. */
|
|
|
|
|
static void ocfs2_dlm_debug_free(struct kref *kref)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug;
|
|
|
|
|
|
|
|
|
|
dlm_debug = container_of(kref, struct ocfs2_dlm_debug, d_refcnt);
|
|
|
|
|
|
|
|
|
|
kfree(dlm_debug);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_put_dlm_debug(struct ocfs2_dlm_debug *dlm_debug)
|
|
|
|
|
{
|
|
|
|
|
if (dlm_debug)
|
|
|
|
|
kref_put(&dlm_debug->d_refcnt, ocfs2_dlm_debug_free);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_get_dlm_debug(struct ocfs2_dlm_debug *debug)
|
|
|
|
|
{
|
|
|
|
|
kref_get(&debug->d_refcnt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct ocfs2_dlm_debug *ocfs2_new_dlm_debug(void)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug;
|
|
|
|
|
|
|
|
|
|
dlm_debug = kmalloc(sizeof(struct ocfs2_dlm_debug), GFP_KERNEL);
|
|
|
|
|
if (!dlm_debug) {
|
|
|
|
|
mlog_errno(-ENOMEM);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
kref_init(&dlm_debug->d_refcnt);
|
|
|
|
|
INIT_LIST_HEAD(&dlm_debug->d_lockres_tracking);
|
2019-07-11 21:53:05 -06:00
|
|
|
dlm_debug->d_filter_secs = 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
out:
|
|
|
|
|
return dlm_debug;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Access to this is arbitrated for us via seq_file->sem. */
|
|
|
|
|
struct ocfs2_dlm_seq_priv {
|
|
|
|
|
struct ocfs2_dlm_debug *p_dlm_debug;
|
|
|
|
|
struct ocfs2_lock_res p_iter_res;
|
|
|
|
|
struct ocfs2_lock_res p_tmp_res;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct ocfs2_lock_res *ocfs2_dlm_next_res(struct ocfs2_lock_res *start,
|
|
|
|
|
struct ocfs2_dlm_seq_priv *priv)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *iter, *ret = NULL;
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug = priv->p_dlm_debug;
|
|
|
|
|
|
|
|
|
|
assert_spin_locked(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
|
|
|
|
|
list_for_each_entry(iter, &start->l_debug_list, l_debug_list) {
|
|
|
|
|
/* discover the head of the list */
|
|
|
|
|
if (&iter->l_debug_list == &dlm_debug->d_lockres_tracking) {
|
|
|
|
|
mlog(0, "End of list found, %p\n", ret);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We track our "dummy" iteration lockres' by a NULL
|
|
|
|
|
* l_ops field. */
|
|
|
|
|
if (iter->l_ops != NULL) {
|
|
|
|
|
ret = iter;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void *ocfs2_dlm_seq_start(struct seq_file *m, loff_t *pos)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_seq_priv *priv = m->private;
|
|
|
|
|
struct ocfs2_lock_res *iter;
|
|
|
|
|
|
|
|
|
|
spin_lock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
iter = ocfs2_dlm_next_res(&priv->p_iter_res, priv);
|
|
|
|
|
if (iter) {
|
|
|
|
|
/* Since lockres' have the lifetime of their container
|
|
|
|
|
* (which can be inodes, ocfs2_supers, etc) we want to
|
|
|
|
|
* copy this out to a temporary lockres while still
|
|
|
|
|
* under the spinlock. Obviously after this we can't
|
|
|
|
|
* trust any pointers on the copy returned, but that's
|
|
|
|
|
* ok as the information we want isn't typically held
|
|
|
|
|
* in them. */
|
|
|
|
|
priv->p_tmp_res = *iter;
|
|
|
|
|
iter = &priv->p_tmp_res;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
|
|
|
|
|
return iter;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_dlm_seq_stop(struct seq_file *m, void *v)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void *ocfs2_dlm_seq_next(struct seq_file *m, void *v, loff_t *pos)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_seq_priv *priv = m->private;
|
|
|
|
|
struct ocfs2_lock_res *iter = v;
|
|
|
|
|
struct ocfs2_lock_res *dummy = &priv->p_iter_res;
|
|
|
|
|
|
|
|
|
|
spin_lock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
iter = ocfs2_dlm_next_res(iter, priv);
|
|
|
|
|
list_del_init(&dummy->l_debug_list);
|
|
|
|
|
if (iter) {
|
|
|
|
|
list_add(&dummy->l_debug_list, &iter->l_debug_list);
|
|
|
|
|
priv->p_tmp_res = *iter;
|
|
|
|
|
iter = &priv->p_tmp_res;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock(&ocfs2_dlm_tracking_lock);
|
|
|
|
|
|
|
|
|
|
return iter;
|
|
|
|
|
}
|
|
|
|
|
|
2010-12-29 00:26:03 -07:00
|
|
|
/*
|
|
|
|
|
* Version is used by debugfs.ocfs2 to determine the format being used
|
|
|
|
|
*
|
|
|
|
|
* New in version 2
|
|
|
|
|
* - Lock stats printed
|
|
|
|
|
* New in version 3
|
|
|
|
|
* - Max time in lock stats is in usecs (instead of nsecs)
|
2019-07-11 21:53:02 -06:00
|
|
|
* New in version 4
|
2019-07-11 21:53:09 -06:00
|
|
|
* - Add last pr/ex unlock times and first lock wait time in usecs
|
2010-12-29 00:26:03 -07:00
|
|
|
*/
|
2019-07-11 21:53:02 -06:00
|
|
|
#define OCFS2_DLM_DEBUG_STR_VERSION 4
|
2005-12-15 15:31:24 -07:00
|
|
|
static int ocfs2_dlm_seq_show(struct seq_file *m, void *v)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
char *lvb;
|
|
|
|
|
struct ocfs2_lock_res *lockres = v;
|
2019-07-11 21:53:05 -06:00
|
|
|
#ifdef CONFIG_OCFS2_FS_STATS
|
|
|
|
|
u64 now, last;
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug =
|
|
|
|
|
((struct ocfs2_dlm_seq_priv *)m->private)->p_dlm_debug;
|
|
|
|
|
#endif
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
if (!lockres)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
2019-07-11 21:53:05 -06:00
|
|
|
#ifdef CONFIG_OCFS2_FS_STATS
|
2019-07-11 21:53:09 -06:00
|
|
|
if (!lockres->l_lock_wait && dlm_debug->d_filter_secs) {
|
2019-07-11 21:53:05 -06:00
|
|
|
now = ktime_to_us(ktime_get_real());
|
|
|
|
|
if (lockres->l_lock_prmode.ls_last >
|
|
|
|
|
lockres->l_lock_exmode.ls_last)
|
|
|
|
|
last = lockres->l_lock_prmode.ls_last;
|
|
|
|
|
else
|
|
|
|
|
last = lockres->l_lock_exmode.ls_last;
|
|
|
|
|
/*
|
|
|
|
|
* Use d_filter_secs field to filter lock resources dump,
|
|
|
|
|
* the default d_filter_secs(0) value filters nothing,
|
|
|
|
|
* otherwise, only dump the last N seconds active lock
|
|
|
|
|
* resources.
|
|
|
|
|
*/
|
|
|
|
|
if (div_u64(now - last, 1000000) > dlm_debug->d_filter_secs)
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
seq_printf(m, "0x%x\t", OCFS2_DLM_DEBUG_STR_VERSION);
|
|
|
|
|
|
|
|
|
|
if (lockres->l_type == OCFS2_LOCK_TYPE_DENTRY)
|
|
|
|
|
seq_printf(m, "%.*s%08x\t", OCFS2_DENTRY_LOCK_INO_START - 1,
|
|
|
|
|
lockres->l_name,
|
|
|
|
|
(unsigned int)ocfs2_get_dentry_lock_ino(lockres));
|
|
|
|
|
else
|
|
|
|
|
seq_printf(m, "%.*s\t", OCFS2_LOCK_ID_MAX_LEN, lockres->l_name);
|
|
|
|
|
|
|
|
|
|
seq_printf(m, "%d\t"
|
2005-12-15 15:31:24 -07:00
|
|
|
"0x%lx\t"
|
|
|
|
|
"0x%x\t"
|
|
|
|
|
"0x%x\t"
|
|
|
|
|
"%u\t"
|
|
|
|
|
"%u\t"
|
|
|
|
|
"%d\t"
|
|
|
|
|
"%d\t",
|
|
|
|
|
lockres->l_level,
|
|
|
|
|
lockres->l_flags,
|
|
|
|
|
lockres->l_action,
|
|
|
|
|
lockres->l_unlock_action,
|
|
|
|
|
lockres->l_ro_holders,
|
|
|
|
|
lockres->l_ex_holders,
|
|
|
|
|
lockres->l_requested,
|
|
|
|
|
lockres->l_blocking);
|
|
|
|
|
|
|
|
|
|
/* Dump the raw LVB */
|
2008-02-01 13:16:57 -07:00
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2005-12-15 15:31:24 -07:00
|
|
|
for(i = 0; i < DLM_LVB_LEN; i++)
|
|
|
|
|
seq_printf(m, "0x%x\t", lvb[i]);
|
|
|
|
|
|
2008-05-13 14:45:15 -06:00
|
|
|
#ifdef CONFIG_OCFS2_FS_STATS
|
2010-12-29 00:26:03 -07:00
|
|
|
# define lock_num_prmode(_l) ((_l)->l_lock_prmode.ls_gets)
|
|
|
|
|
# define lock_num_exmode(_l) ((_l)->l_lock_exmode.ls_gets)
|
|
|
|
|
# define lock_num_prmode_failed(_l) ((_l)->l_lock_prmode.ls_fail)
|
|
|
|
|
# define lock_num_exmode_failed(_l) ((_l)->l_lock_exmode.ls_fail)
|
|
|
|
|
# define lock_total_prmode(_l) ((_l)->l_lock_prmode.ls_total)
|
|
|
|
|
# define lock_total_exmode(_l) ((_l)->l_lock_exmode.ls_total)
|
|
|
|
|
# define lock_max_prmode(_l) ((_l)->l_lock_prmode.ls_max)
|
|
|
|
|
# define lock_max_exmode(_l) ((_l)->l_lock_exmode.ls_max)
|
|
|
|
|
# define lock_refresh(_l) ((_l)->l_lock_refresh)
|
2019-07-11 21:53:02 -06:00
|
|
|
# define lock_last_prmode(_l) ((_l)->l_lock_prmode.ls_last)
|
|
|
|
|
# define lock_last_exmode(_l) ((_l)->l_lock_exmode.ls_last)
|
2019-07-11 21:53:09 -06:00
|
|
|
# define lock_wait(_l) ((_l)->l_lock_wait)
|
2008-05-13 14:45:15 -06:00
|
|
|
#else
|
2010-12-29 00:26:03 -07:00
|
|
|
# define lock_num_prmode(_l) (0)
|
|
|
|
|
# define lock_num_exmode(_l) (0)
|
2008-05-13 14:45:15 -06:00
|
|
|
# define lock_num_prmode_failed(_l) (0)
|
|
|
|
|
# define lock_num_exmode_failed(_l) (0)
|
2008-05-28 15:41:00 -06:00
|
|
|
# define lock_total_prmode(_l) (0ULL)
|
|
|
|
|
# define lock_total_exmode(_l) (0ULL)
|
2008-05-13 14:45:15 -06:00
|
|
|
# define lock_max_prmode(_l) (0)
|
|
|
|
|
# define lock_max_exmode(_l) (0)
|
|
|
|
|
# define lock_refresh(_l) (0)
|
2019-07-11 21:53:02 -06:00
|
|
|
# define lock_last_prmode(_l) (0ULL)
|
|
|
|
|
# define lock_last_exmode(_l) (0ULL)
|
2019-07-11 21:53:09 -06:00
|
|
|
# define lock_wait(_l) (0ULL)
|
2008-05-13 14:45:15 -06:00
|
|
|
#endif
|
|
|
|
|
/* The following seq_print was added in version 2 of this output */
|
2010-12-29 00:26:03 -07:00
|
|
|
seq_printf(m, "%u\t"
|
|
|
|
|
"%u\t"
|
2008-05-13 14:45:15 -06:00
|
|
|
"%u\t"
|
|
|
|
|
"%u\t"
|
|
|
|
|
"%llu\t"
|
|
|
|
|
"%llu\t"
|
|
|
|
|
"%u\t"
|
|
|
|
|
"%u\t"
|
2019-07-11 21:53:02 -06:00
|
|
|
"%u\t"
|
|
|
|
|
"%llu\t"
|
2019-07-11 21:53:09 -06:00
|
|
|
"%llu\t"
|
2019-07-11 21:53:02 -06:00
|
|
|
"%llu\t",
|
2008-05-13 14:45:15 -06:00
|
|
|
lock_num_prmode(lockres),
|
|
|
|
|
lock_num_exmode(lockres),
|
|
|
|
|
lock_num_prmode_failed(lockres),
|
|
|
|
|
lock_num_exmode_failed(lockres),
|
|
|
|
|
lock_total_prmode(lockres),
|
|
|
|
|
lock_total_exmode(lockres),
|
|
|
|
|
lock_max_prmode(lockres),
|
|
|
|
|
lock_max_exmode(lockres),
|
2019-07-11 21:53:02 -06:00
|
|
|
lock_refresh(lockres),
|
|
|
|
|
lock_last_prmode(lockres),
|
2019-07-11 21:53:09 -06:00
|
|
|
lock_last_exmode(lockres),
|
|
|
|
|
lock_wait(lockres));
|
2008-05-13 14:45:15 -06:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* End the line */
|
|
|
|
|
seq_printf(m, "\n");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-22 12:52:20 -07:00
|
|
|
static const struct seq_operations ocfs2_dlm_seq_ops = {
|
2005-12-15 15:31:24 -07:00
|
|
|
.start = ocfs2_dlm_seq_start,
|
|
|
|
|
.stop = ocfs2_dlm_seq_stop,
|
|
|
|
|
.next = ocfs2_dlm_seq_next,
|
|
|
|
|
.show = ocfs2_dlm_seq_show,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static int ocfs2_dlm_debug_release(struct inode *inode, struct file *file)
|
|
|
|
|
{
|
2010-07-12 14:50:19 -06:00
|
|
|
struct seq_file *seq = file->private_data;
|
2005-12-15 15:31:24 -07:00
|
|
|
struct ocfs2_dlm_seq_priv *priv = seq->private;
|
|
|
|
|
struct ocfs2_lock_res *res = &priv->p_iter_res;
|
|
|
|
|
|
|
|
|
|
ocfs2_remove_lockres_tracking(res);
|
|
|
|
|
ocfs2_put_dlm_debug(priv->p_dlm_debug);
|
|
|
|
|
return seq_release_private(inode, file);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_dlm_debug_open(struct inode *inode, struct file *file)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_seq_priv *priv;
|
|
|
|
|
struct ocfs2_super *osb;
|
|
|
|
|
|
2014-10-09 16:25:09 -06:00
|
|
|
priv = __seq_open_private(file, &ocfs2_dlm_seq_ops, sizeof(*priv));
|
2005-12-15 15:31:24 -07:00
|
|
|
if (!priv) {
|
2014-10-09 16:25:09 -06:00
|
|
|
mlog_errno(-ENOMEM);
|
|
|
|
|
return -ENOMEM;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
2014-10-09 16:25:09 -06:00
|
|
|
|
2006-09-27 02:50:46 -06:00
|
|
|
osb = inode->i_private;
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_get_dlm_debug(osb->osb_dlm_debug);
|
|
|
|
|
priv->p_dlm_debug = osb->osb_dlm_debug;
|
|
|
|
|
INIT_LIST_HEAD(&priv->p_iter_res.l_debug_list);
|
|
|
|
|
|
|
|
|
|
ocfs2_add_lockres_tracking(&priv->p_iter_res,
|
|
|
|
|
priv->p_dlm_debug);
|
|
|
|
|
|
2014-10-09 16:25:09 -06:00
|
|
|
return 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2006-03-28 02:56:42 -07:00
|
|
|
static const struct file_operations ocfs2_dlm_debug_fops = {
|
2005-12-15 15:31:24 -07:00
|
|
|
.open = ocfs2_dlm_debug_open,
|
|
|
|
|
.release = ocfs2_dlm_debug_release,
|
|
|
|
|
.read = seq_read,
|
|
|
|
|
.llseek = seq_lseek,
|
|
|
|
|
};
|
|
|
|
|
|
2019-07-11 21:53:12 -06:00
|
|
|
static void ocfs2_dlm_init_debug(struct ocfs2_super *osb)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug = osb->osb_dlm_debug;
|
|
|
|
|
|
2019-09-23 16:33:15 -06:00
|
|
|
debugfs_create_file("locking_state", S_IFREG|S_IRUSR,
|
|
|
|
|
osb->osb_debug_root, osb, &ocfs2_dlm_debug_fops);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2019-09-23 16:33:15 -06:00
|
|
|
debugfs_create_u32("locking_filter", 0600, osb->osb_debug_root,
|
|
|
|
|
&dlm_debug->d_filter_secs);
|
2020-01-04 14:00:22 -07:00
|
|
|
ocfs2_get_dlm_debug(dlm_debug);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_dlm_shutdown_debug(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dlm_debug *dlm_debug = osb->osb_dlm_debug;
|
|
|
|
|
|
2019-09-23 16:33:15 -06:00
|
|
|
if (dlm_debug)
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_put_dlm_debug(dlm_debug);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int ocfs2_dlm_init(struct ocfs2_super *osb)
|
|
|
|
|
{
|
2006-12-05 18:56:35 -07:00
|
|
|
int status = 0;
|
2008-02-01 15:39:35 -07:00
|
|
|
struct ocfs2_cluster_connection *conn = NULL;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-01-29 17:59:56 -07:00
|
|
|
if (ocfs2_mount_local(osb)) {
|
|
|
|
|
osb->node_num = 0;
|
2006-12-05 18:56:35 -07:00
|
|
|
goto local;
|
2008-01-29 17:59:56 -07:00
|
|
|
}
|
2006-12-05 18:56:35 -07:00
|
|
|
|
2019-07-11 21:53:12 -06:00
|
|
|
ocfs2_dlm_init_debug(osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2007-09-24 16:56:19 -06:00
|
|
|
/* launch downconvert thread */
|
2015-11-05 19:44:13 -07:00
|
|
|
osb->dc_task = kthread_run(ocfs2_downconvert_thread, osb, "ocfs2dc-%s",
|
|
|
|
|
osb->uuid_str);
|
2007-09-24 16:56:19 -06:00
|
|
|
if (IS_ERR(osb->dc_task)) {
|
|
|
|
|
status = PTR_ERR(osb->dc_task);
|
|
|
|
|
osb->dc_task = NULL;
|
2005-12-15 15:31:24 -07:00
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* for now, uuid == domain */
|
2008-02-01 16:17:30 -07:00
|
|
|
status = ocfs2_cluster_connect(osb->osb_cluster_stack,
|
2014-01-21 16:48:21 -07:00
|
|
|
osb->osb_cluster_name,
|
|
|
|
|
strlen(osb->osb_cluster_name),
|
2008-02-01 16:17:30 -07:00
|
|
|
osb->uuid_str,
|
2008-02-01 15:39:35 -07:00
|
|
|
strlen(osb->uuid_str),
|
2010-01-29 18:19:06 -07:00
|
|
|
&lproto, ocfs2_do_node_down, osb,
|
2008-02-01 15:39:35 -07:00
|
|
|
&conn);
|
|
|
|
|
if (status) {
|
2005-12-15 15:31:24 -07:00
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-21 16:48:24 -07:00
|
|
|
status = ocfs2_cluster_this_node(conn, &osb->node_num);
|
2008-01-29 17:59:56 -07:00
|
|
|
if (status < 0) {
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
mlog(ML_ERROR,
|
|
|
|
|
"could not find this host's node number\n");
|
2008-02-01 16:03:57 -07:00
|
|
|
ocfs2_cluster_disconnect(conn, 0);
|
2008-01-29 17:59:56 -07:00
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
2006-12-05 18:56:35 -07:00
|
|
|
local:
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_super_lock_res_init(&osb->osb_super_lockres, osb);
|
|
|
|
|
ocfs2_rename_lock_res_init(&osb->osb_rename_lockres, osb);
|
2020-06-25 21:29:30 -06:00
|
|
|
ocfs2_nfs_sync_lock_init(osb);
|
2009-06-03 18:02:55 -06:00
|
|
|
ocfs2_orphan_scan_lock_res_init(&osb->osb_orphan_scan.os_lockres, osb);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-02-01 15:39:35 -07:00
|
|
|
osb->cconn = conn;
|
2005-12-15 15:31:24 -07:00
|
|
|
bail:
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
ocfs2_dlm_shutdown_debug(osb);
|
2007-09-24 16:56:19 -06:00
|
|
|
if (osb->dc_task)
|
|
|
|
|
kthread_stop(osb->dc_task);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-01 16:03:57 -07:00
|
|
|
void ocfs2_dlm_shutdown(struct ocfs2_super *osb,
|
|
|
|
|
int hangup_pending)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
ocfs2_drop_osb_locks(osb);
|
|
|
|
|
|
2008-02-01 15:39:35 -07:00
|
|
|
/*
|
|
|
|
|
* Now that we have dropped all locks and ocfs2_dismount_volume()
|
|
|
|
|
* has disabled recovery, the DLM won't be talking to us. It's
|
|
|
|
|
* safe to tear things down before disconnecting the cluster.
|
|
|
|
|
*/
|
|
|
|
|
|
2007-09-24 16:56:19 -06:00
|
|
|
if (osb->dc_task) {
|
|
|
|
|
kthread_stop(osb->dc_task);
|
|
|
|
|
osb->dc_task = NULL;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ocfs2_lock_res_free(&osb->osb_super_lockres);
|
|
|
|
|
ocfs2_lock_res_free(&osb->osb_rename_lockres);
|
2009-03-06 06:29:10 -07:00
|
|
|
ocfs2_lock_res_free(&osb->osb_nfs_sync_lockres);
|
2009-06-03 18:02:55 -06:00
|
|
|
ocfs2_lock_res_free(&osb->osb_orphan_scan.os_lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-02-01 16:03:57 -07:00
|
|
|
ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
|
2008-02-01 15:39:35 -07:00
|
|
|
osb->cconn = NULL;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
ocfs2_dlm_shutdown_debug(osb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_drop_lock(struct ocfs2_super *osb,
|
2006-09-14 15:44:51 -06:00
|
|
|
struct ocfs2_lock_res *lockres)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2008-02-01 13:15:37 -07:00
|
|
|
int ret;
|
2005-12-15 15:31:24 -07:00
|
|
|
unsigned long flags;
|
2008-02-01 13:14:57 -07:00
|
|
|
u32 lkm_flags = 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
/* We didn't get anywhere near actually using this lockres. */
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_INITIALIZED))
|
|
|
|
|
goto out;
|
|
|
|
|
|
2006-09-12 23:08:14 -06:00
|
|
|
if (lockres->l_ops->flags & LOCK_TYPE_USES_LVB)
|
2008-02-01 13:14:57 -07:00
|
|
|
lkm_flags |= DLM_LKF_VALBLK;
|
2006-09-12 23:08:14 -06:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
mlog_bug_on_msg(!(lockres->l_flags & OCFS2_LOCK_FREEING),
|
|
|
|
|
"lockres %s, flags 0x%lx\n",
|
|
|
|
|
lockres->l_name, lockres->l_flags);
|
|
|
|
|
|
|
|
|
|
while (lockres->l_flags & OCFS2_LOCK_BUSY) {
|
|
|
|
|
mlog(0, "waiting on busy lock \"%s\": flags = %lx, action = "
|
|
|
|
|
"%u, unlock_action = %u\n",
|
|
|
|
|
lockres->l_name, lockres->l_flags, lockres->l_action,
|
|
|
|
|
lockres->l_unlock_action);
|
|
|
|
|
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
/* XXX: Today we just wait on any busy
|
|
|
|
|
* locks... Perhaps we need to cancel converts in the
|
|
|
|
|
* future? */
|
|
|
|
|
ocfs2_wait_on_busy_lock(lockres);
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-14 15:44:51 -06:00
|
|
|
if (lockres->l_ops->flags & LOCK_TYPE_USES_LVB) {
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_ATTACHED &&
|
2008-02-01 13:14:57 -07:00
|
|
|
lockres->l_level == DLM_LOCK_EX &&
|
2006-09-14 15:44:51 -06:00
|
|
|
!(lockres->l_flags & OCFS2_LOCK_NEEDS_REFRESH))
|
|
|
|
|
lockres->l_ops->set_lvb(lockres);
|
|
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BUSY)
|
|
|
|
|
mlog(ML_ERROR, "destroying busy lock: \"%s\"\n",
|
|
|
|
|
lockres->l_name);
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BLOCKED)
|
|
|
|
|
mlog(0, "destroying blocked lock: \"%s\"\n", lockres->l_name);
|
|
|
|
|
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_ATTACHED)) {
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_ATTACHED);
|
|
|
|
|
|
|
|
|
|
/* make sure we never get here while waiting for an ast to
|
|
|
|
|
* fire. */
|
|
|
|
|
BUG_ON(lockres->l_action != OCFS2_AST_INVALID);
|
|
|
|
|
|
|
|
|
|
/* is this necessary? */
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BUSY);
|
|
|
|
|
lockres->l_unlock_action = OCFS2_UNLOCK_DROP_LOCK;
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
mlog(0, "lock %s\n", lockres->l_name);
|
|
|
|
|
|
2010-01-28 20:22:39 -07:00
|
|
|
ret = ocfs2_dlm_unlock(osb->cconn, &lockres->l_lksb, lkm_flags);
|
2008-02-01 13:15:37 -07:00
|
|
|
if (ret) {
|
|
|
|
|
ocfs2_log_dlm_error("ocfs2_dlm_unlock", ret, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
mlog(ML_ERROR, "lockres flags: %lu\n", lockres->l_flags);
|
2008-01-29 17:59:55 -07:00
|
|
|
ocfs2_dlm_dump_lksb(&lockres->l_lksb);
|
2005-12-15 15:31:24 -07:00
|
|
|
BUG();
|
|
|
|
|
}
|
2009-01-07 19:09:16 -07:00
|
|
|
mlog(0, "lock %s, successful return from ocfs2_dlm_unlock\n",
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_name);
|
|
|
|
|
|
|
|
|
|
ocfs2_wait_on_busy_lock(lockres);
|
|
|
|
|
out:
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2014-04-03 15:46:57 -06:00
|
|
|
static void ocfs2_process_blocked_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* Mark the lockres as being dropped. It will no longer be
|
|
|
|
|
* queued if blocking, but we still may have to wait on it
|
2007-09-24 16:56:19 -06:00
|
|
|
* being dequeued from the downconvert thread before we can consider
|
2010-01-25 17:57:38 -07:00
|
|
|
* it safe to drop.
|
2005-12-15 15:31:24 -07:00
|
|
|
*
|
|
|
|
|
* You can *not* attempt to call cluster_lock on this lockres anymore. */
|
2014-04-03 15:46:57 -06:00
|
|
|
void ocfs2_mark_lockres_freeing(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
struct ocfs2_mask_waiter mw;
|
2014-04-03 15:46:57 -06:00
|
|
|
unsigned long flags, flags2;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
ocfs2_init_mask_waiter(&mw);
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
lockres->l_flags |= OCFS2_LOCK_FREEING;
|
2014-04-03 15:46:57 -06:00
|
|
|
if (lockres->l_flags & OCFS2_LOCK_QUEUED && current == osb->dc_task) {
|
|
|
|
|
/*
|
|
|
|
|
* We know the downconvert is queued but not in progress
|
|
|
|
|
* because we are the downconvert thread and processing
|
|
|
|
|
* different lock. So we can just remove the lock from the
|
|
|
|
|
* queue. This is not only an optimization but also a way
|
|
|
|
|
* to avoid the following deadlock:
|
|
|
|
|
* ocfs2_dentry_post_unlock()
|
|
|
|
|
* ocfs2_dentry_lock_put()
|
|
|
|
|
* ocfs2_drop_dentry_lock()
|
|
|
|
|
* iput()
|
|
|
|
|
* ocfs2_evict_inode()
|
|
|
|
|
* ocfs2_clear_inode()
|
|
|
|
|
* ocfs2_mark_lockres_freeing()
|
|
|
|
|
* ... blocks waiting for OCFS2_LOCK_QUEUED
|
|
|
|
|
* since we are the downconvert thread which
|
|
|
|
|
* should clear the flag.
|
|
|
|
|
*/
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags2);
|
|
|
|
|
list_del_init(&lockres->l_blocked_list);
|
|
|
|
|
osb->blocked_lock_count--;
|
|
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags2);
|
|
|
|
|
/*
|
|
|
|
|
* Warn if we recurse into another post_unlock call. Strictly
|
|
|
|
|
* speaking it isn't a problem but we need to be careful if
|
|
|
|
|
* that happens (stack overflow, deadlocks, ...) so warn if
|
|
|
|
|
* ocfs2 grows a path for which this can happen.
|
|
|
|
|
*/
|
|
|
|
|
WARN_ON_ONCE(lockres->l_ops->post_unlock);
|
|
|
|
|
/* Since the lock is freeing we don't do much in the fn below */
|
|
|
|
|
ocfs2_process_blocked_lock(osb, lockres);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
while (lockres->l_flags & OCFS2_LOCK_QUEUED) {
|
|
|
|
|
lockres_add_mask_waiter(lockres, &mw, OCFS2_LOCK_QUEUED, 0);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
mlog(0, "Waiting on lockres %s\n", lockres->l_name);
|
|
|
|
|
|
|
|
|
|
status = ocfs2_wait_for_mask(&mw);
|
|
|
|
|
if (status)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
}
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
void ocfs2_simple_drop_lockres(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2006-09-08 15:14:34 -06:00
|
|
|
int ret;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2014-04-03 15:46:57 -06:00
|
|
|
ocfs2_mark_lockres_freeing(osb, lockres);
|
2006-09-14 15:44:51 -06:00
|
|
|
ret = ocfs2_drop_lock(osb, lockres);
|
2006-09-08 15:14:34 -06:00
|
|
|
if (ret)
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
static void ocfs2_drop_osb_locks(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
ocfs2_simple_drop_lockres(osb, &osb->osb_super_lockres);
|
|
|
|
|
ocfs2_simple_drop_lockres(osb, &osb->osb_rename_lockres);
|
2009-03-06 06:29:10 -07:00
|
|
|
ocfs2_simple_drop_lockres(osb, &osb->osb_nfs_sync_lockres);
|
2009-06-03 18:02:55 -06:00
|
|
|
ocfs2_simple_drop_lockres(osb, &osb->osb_orphan_scan.os_lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int ocfs2_drop_inode_locks(struct inode *inode)
|
|
|
|
|
{
|
|
|
|
|
int status, err;
|
|
|
|
|
|
|
|
|
|
/* No need to call ocfs2_mark_lockres_freeing here -
|
|
|
|
|
* ocfs2_clear_inode has done it for us. */
|
|
|
|
|
|
|
|
|
|
err = ocfs2_drop_lock(OCFS2_SB(inode->i_sb),
|
2007-03-20 17:01:38 -06:00
|
|
|
&OCFS2_I(inode)->ip_open_lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (err < 0)
|
|
|
|
|
mlog_errno(err);
|
|
|
|
|
|
|
|
|
|
status = err;
|
|
|
|
|
|
|
|
|
|
err = ocfs2_drop_lock(OCFS2_SB(inode->i_sb),
|
2007-10-18 16:30:42 -06:00
|
|
|
&OCFS2_I(inode)->ip_inode_lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (err < 0)
|
|
|
|
|
mlog_errno(err);
|
|
|
|
|
if (err < 0 && !status)
|
|
|
|
|
status = err;
|
|
|
|
|
|
|
|
|
|
err = ocfs2_drop_lock(OCFS2_SB(inode->i_sb),
|
2006-09-14 15:44:51 -06:00
|
|
|
&OCFS2_I(inode)->ip_rw_lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (err < 0)
|
|
|
|
|
mlog_errno(err);
|
|
|
|
|
if (err < 0 && !status)
|
|
|
|
|
status = err;
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
static unsigned int ocfs2_prepare_downconvert(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
BUG_ON(lockres->l_blocking <= DLM_LOCK_NL);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
if (lockres->l_level <= new_level) {
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_ERROR, "lockres %s, lvl %d <= %d, blcklst %d, mask %d, "
|
|
|
|
|
"type %d, flags 0x%lx, hold %d %d, act %d %d, req %d, "
|
|
|
|
|
"block %d, pgen %d\n", lockres->l_name, lockres->l_level,
|
|
|
|
|
new_level, list_empty(&lockres->l_blocked_list),
|
|
|
|
|
list_empty(&lockres->l_mask_waiters), lockres->l_type,
|
|
|
|
|
lockres->l_flags, lockres->l_ro_holders,
|
|
|
|
|
lockres->l_ex_holders, lockres->l_action,
|
|
|
|
|
lockres->l_unlock_action, lockres->l_requested,
|
|
|
|
|
lockres->l_blocking, lockres->l_pending_gen);
|
2005-12-15 15:31:24 -07:00
|
|
|
BUG();
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, level %d => %d, blocking %d\n",
|
|
|
|
|
lockres->l_name, lockres->l_level, new_level, lockres->l_blocking);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
lockres->l_action = OCFS2_AST_DOWNCONVERT;
|
|
|
|
|
lockres->l_requested = new_level;
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_BUSY);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
return lockres_set_pending(lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_downconvert_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level,
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
int lvb,
|
|
|
|
|
unsigned int generation)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
2008-02-01 13:14:57 -07:00
|
|
|
int ret;
|
|
|
|
|
u32 dlm_flags = DLM_LKF_CONVERT;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, level %d => %d\n", lockres->l_name,
|
|
|
|
|
lockres->l_level, new_level);
|
|
|
|
|
|
ocfs2: fix crash caused by stale lvb with fsdlm plugin
The crash happens rather often when we reset some cluster nodes while
nodes contend fiercely to do truncate and append.
The crash backtrace is below:
dlm: C21CBDA5E0774F4BA5A9D4F317717495: dlm_recover_grant 1 locks on 971 resources
dlm: C21CBDA5E0774F4BA5A9D4F317717495: dlm_recover 9 generation 5 done: 4 ms
ocfs2: Begin replay journal (node 318952601, slot 2) on device (253,18)
ocfs2: End replay journal (node 318952601, slot 2) on device (253,18)
ocfs2: Beginning quota recovery on device (253,18) for slot 2
ocfs2: Finishing quota recovery on device (253,18) for slot 2
(truncate,30154,1):ocfs2_truncate_file:470 ERROR: bug expression: le64_to_cpu(fe->i_size) != i_size_read(inode)
(truncate,30154,1):ocfs2_truncate_file:470 ERROR: Inode 290321, inode i_size = 732 != di i_size = 937, i_flags = 0x1
------------[ cut here ]------------
kernel BUG at /usr/src/linux/fs/ocfs2/file.c:470!
invalid opcode: 0000 [#1] SMP
Modules linked in: ocfs2_stack_user(OEN) ocfs2(OEN) ocfs2_nodemanager ocfs2_stackglue(OEN) quota_tree dlm(OEN) configfs fuse sd_mod iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi af_packet iscsi_ibft iscsi_boot_sysfs softdog xfs libcrc32c ppdev parport_pc pcspkr parport joydev virtio_balloon virtio_net i2c_piix4 acpi_cpufreq button processor ext4 crc16 jbd2 mbcache ata_generic cirrus virtio_blk ata_piix drm_kms_helper ahci syscopyarea libahci sysfillrect sysimgblt fb_sys_fops ttm floppy libata drm virtio_pci virtio_ring uhci_hcd virtio ehci_hcd usbcore serio_raw usb_common sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4
Supported: No, Unsupported modules are loaded
CPU: 1 PID: 30154 Comm: truncate Tainted: G OE N 4.4.21-69-default #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.1-0-g4adadbd-20151112_172657-sheep25 04/01/2014
task: ffff88004ff6d240 ti: ffff880074e68000 task.ti: ffff880074e68000
RIP: 0010:[<ffffffffa05c8c30>] [<ffffffffa05c8c30>] ocfs2_truncate_file+0x640/0x6c0 [ocfs2]
RSP: 0018:ffff880074e6bd50 EFLAGS: 00010282
RAX: 0000000000000074 RBX: 000000000000029e RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000246 RDI: 0000000000000246
RBP: ffff880074e6bda8 R08: 000000003675dc7a R09: ffffffff82013414
R10: 0000000000034c50 R11: 0000000000000000 R12: ffff88003aab3448
R13: 00000000000002dc R14: 0000000000046e11 R15: 0000000000000020
FS: 00007f839f965700(0000) GS:ffff88007fc80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f839f97e000 CR3: 0000000036723000 CR4: 00000000000006e0
Call Trace:
ocfs2_setattr+0x698/0xa90 [ocfs2]
notify_change+0x1ae/0x380
do_truncate+0x5e/0x90
do_sys_ftruncate.constprop.11+0x108/0x160
entry_SYSCALL_64_fastpath+0x12/0x6d
Code: 24 28 ba d6 01 00 00 48 c7 c6 30 43 62 a0 8b 41 2c 89 44 24 08 48 8b 41 20 48 c7 c1 78 a3 62 a0 48 89 04 24 31 c0 e8 a0 97 f9 ff <0f> 0b 3d 00 fe ff ff 0f 84 ab fd ff ff 83 f8 fc 0f 84 a2 fd ff
RIP [<ffffffffa05c8c30>] ocfs2_truncate_file+0x640/0x6c0 [ocfs2]
It's because ocfs2_inode_lock() get us stale LVB in which the i_size is
not equal to the disk i_size. We mistakenly trust the LVB because the
underlaying fsdlm dlm_lock() doesn't set lkb_sbflags with
DLM_SBF_VALNOTVALID properly for us. But, why?
The current code tries to downconvert lock without DLM_LKF_VALBLK flag
to tell o2cb don't update RSB's LVB if it's a PR->NULL conversion, even
if the lock resource type needs LVB. This is not the right way for
fsdlm.
The fsdlm plugin behaves different on DLM_LKF_VALBLK, it depends on
DLM_LKF_VALBLK to decide if we care about the LVB in the LKB. If
DLM_LKF_VALBLK is not set, fsdlm will skip recovering RSB's LVB from
this lkb and set the right DLM_SBF_VALNOTVALID appropriately when node
failure happens.
The following diagram briefly illustrates how this crash happens:
RSB1 is inode metadata lock resource with LOCK_TYPE_USES_LVB;
The 1st round:
Node1 Node2
RSB1: PR
RSB1(master): NULL->EX
ocfs2_downconvert_lock(PR->NULL, set_lvb==0)
ocfs2_dlm_lock(no DLM_LKF_VALBLK)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
dlm_lock(no DLM_LKF_VALBLK)
convert_lock(overwrite lkb->lkb_exflags
with no DLM_LKF_VALBLK)
RSB1: NULL RSB1: EX
reset Node2
dlm_recover_rsbs()
recover_lvb()
/* The LVB is not trustable if the node with EX fails and
* no lock >= PR is left. We should set RSB_VALNOTVALID for RSB1.
*/
if(!(kb_exflags & DLM_LKF_VALBLK)) /* This means we miss the chance to
return; * to invalid the LVB here.
*/
The 2nd round:
Node 1 Node2
RSB1(become master from recovery)
ocfs2_setattr()
ocfs2_inode_lock(NULL->EX)
/* dlm_lock() return the stale lvb without setting DLM_SBF_VALNOTVALID */
ocfs2_meta_lvb_is_trustable() return 1 /* so we don't refresh inode from disk */
ocfs2_truncate_file()
mlog_bug_on_msg(disk isize != i_size_read(inode)) /* crash! */
The fix is quite straightforward. We keep to set DLM_LKF_VALBLK flag
for dlm_lock() if the lock resource type needs LVB and the fsdlm plugin
is uesed.
Link: http://lkml.kernel.org/r/1481275846-6604-1-git-send-email-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-01-10 17:57:33 -07:00
|
|
|
/*
|
|
|
|
|
* On DLM_LKF_VALBLK, fsdlm behaves differently with o2cb. It always
|
|
|
|
|
* expects DLM_LKF_VALBLK being set if the LKB has LVB, so that
|
|
|
|
|
* we can recover correctly from node failure. Otherwise, we may get
|
2018-02-28 01:39:48 -07:00
|
|
|
* invalid LVB in LKB, but without DLM_SBF_VALNOTVALID being set.
|
ocfs2: fix crash caused by stale lvb with fsdlm plugin
The crash happens rather often when we reset some cluster nodes while
nodes contend fiercely to do truncate and append.
The crash backtrace is below:
dlm: C21CBDA5E0774F4BA5A9D4F317717495: dlm_recover_grant 1 locks on 971 resources
dlm: C21CBDA5E0774F4BA5A9D4F317717495: dlm_recover 9 generation 5 done: 4 ms
ocfs2: Begin replay journal (node 318952601, slot 2) on device (253,18)
ocfs2: End replay journal (node 318952601, slot 2) on device (253,18)
ocfs2: Beginning quota recovery on device (253,18) for slot 2
ocfs2: Finishing quota recovery on device (253,18) for slot 2
(truncate,30154,1):ocfs2_truncate_file:470 ERROR: bug expression: le64_to_cpu(fe->i_size) != i_size_read(inode)
(truncate,30154,1):ocfs2_truncate_file:470 ERROR: Inode 290321, inode i_size = 732 != di i_size = 937, i_flags = 0x1
------------[ cut here ]------------
kernel BUG at /usr/src/linux/fs/ocfs2/file.c:470!
invalid opcode: 0000 [#1] SMP
Modules linked in: ocfs2_stack_user(OEN) ocfs2(OEN) ocfs2_nodemanager ocfs2_stackglue(OEN) quota_tree dlm(OEN) configfs fuse sd_mod iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi af_packet iscsi_ibft iscsi_boot_sysfs softdog xfs libcrc32c ppdev parport_pc pcspkr parport joydev virtio_balloon virtio_net i2c_piix4 acpi_cpufreq button processor ext4 crc16 jbd2 mbcache ata_generic cirrus virtio_blk ata_piix drm_kms_helper ahci syscopyarea libahci sysfillrect sysimgblt fb_sys_fops ttm floppy libata drm virtio_pci virtio_ring uhci_hcd virtio ehci_hcd usbcore serio_raw usb_common sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4
Supported: No, Unsupported modules are loaded
CPU: 1 PID: 30154 Comm: truncate Tainted: G OE N 4.4.21-69-default #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.1-0-g4adadbd-20151112_172657-sheep25 04/01/2014
task: ffff88004ff6d240 ti: ffff880074e68000 task.ti: ffff880074e68000
RIP: 0010:[<ffffffffa05c8c30>] [<ffffffffa05c8c30>] ocfs2_truncate_file+0x640/0x6c0 [ocfs2]
RSP: 0018:ffff880074e6bd50 EFLAGS: 00010282
RAX: 0000000000000074 RBX: 000000000000029e RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000246 RDI: 0000000000000246
RBP: ffff880074e6bda8 R08: 000000003675dc7a R09: ffffffff82013414
R10: 0000000000034c50 R11: 0000000000000000 R12: ffff88003aab3448
R13: 00000000000002dc R14: 0000000000046e11 R15: 0000000000000020
FS: 00007f839f965700(0000) GS:ffff88007fc80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f839f97e000 CR3: 0000000036723000 CR4: 00000000000006e0
Call Trace:
ocfs2_setattr+0x698/0xa90 [ocfs2]
notify_change+0x1ae/0x380
do_truncate+0x5e/0x90
do_sys_ftruncate.constprop.11+0x108/0x160
entry_SYSCALL_64_fastpath+0x12/0x6d
Code: 24 28 ba d6 01 00 00 48 c7 c6 30 43 62 a0 8b 41 2c 89 44 24 08 48 8b 41 20 48 c7 c1 78 a3 62 a0 48 89 04 24 31 c0 e8 a0 97 f9 ff <0f> 0b 3d 00 fe ff ff 0f 84 ab fd ff ff 83 f8 fc 0f 84 a2 fd ff
RIP [<ffffffffa05c8c30>] ocfs2_truncate_file+0x640/0x6c0 [ocfs2]
It's because ocfs2_inode_lock() get us stale LVB in which the i_size is
not equal to the disk i_size. We mistakenly trust the LVB because the
underlaying fsdlm dlm_lock() doesn't set lkb_sbflags with
DLM_SBF_VALNOTVALID properly for us. But, why?
The current code tries to downconvert lock without DLM_LKF_VALBLK flag
to tell o2cb don't update RSB's LVB if it's a PR->NULL conversion, even
if the lock resource type needs LVB. This is not the right way for
fsdlm.
The fsdlm plugin behaves different on DLM_LKF_VALBLK, it depends on
DLM_LKF_VALBLK to decide if we care about the LVB in the LKB. If
DLM_LKF_VALBLK is not set, fsdlm will skip recovering RSB's LVB from
this lkb and set the right DLM_SBF_VALNOTVALID appropriately when node
failure happens.
The following diagram briefly illustrates how this crash happens:
RSB1 is inode metadata lock resource with LOCK_TYPE_USES_LVB;
The 1st round:
Node1 Node2
RSB1: PR
RSB1(master): NULL->EX
ocfs2_downconvert_lock(PR->NULL, set_lvb==0)
ocfs2_dlm_lock(no DLM_LKF_VALBLK)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
dlm_lock(no DLM_LKF_VALBLK)
convert_lock(overwrite lkb->lkb_exflags
with no DLM_LKF_VALBLK)
RSB1: NULL RSB1: EX
reset Node2
dlm_recover_rsbs()
recover_lvb()
/* The LVB is not trustable if the node with EX fails and
* no lock >= PR is left. We should set RSB_VALNOTVALID for RSB1.
*/
if(!(kb_exflags & DLM_LKF_VALBLK)) /* This means we miss the chance to
return; * to invalid the LVB here.
*/
The 2nd round:
Node 1 Node2
RSB1(become master from recovery)
ocfs2_setattr()
ocfs2_inode_lock(NULL->EX)
/* dlm_lock() return the stale lvb without setting DLM_SBF_VALNOTVALID */
ocfs2_meta_lvb_is_trustable() return 1 /* so we don't refresh inode from disk */
ocfs2_truncate_file()
mlog_bug_on_msg(disk isize != i_size_read(inode)) /* crash! */
The fix is quite straightforward. We keep to set DLM_LKF_VALBLK flag
for dlm_lock() if the lock resource type needs LVB and the fsdlm plugin
is uesed.
Link: http://lkml.kernel.org/r/1481275846-6604-1-git-send-email-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-01-10 17:57:33 -07:00
|
|
|
*/
|
2018-11-02 16:48:03 -06:00
|
|
|
if (ocfs2_userspace_stack(osb) &&
|
ocfs2: fix crash caused by stale lvb with fsdlm plugin
The crash happens rather often when we reset some cluster nodes while
nodes contend fiercely to do truncate and append.
The crash backtrace is below:
dlm: C21CBDA5E0774F4BA5A9D4F317717495: dlm_recover_grant 1 locks on 971 resources
dlm: C21CBDA5E0774F4BA5A9D4F317717495: dlm_recover 9 generation 5 done: 4 ms
ocfs2: Begin replay journal (node 318952601, slot 2) on device (253,18)
ocfs2: End replay journal (node 318952601, slot 2) on device (253,18)
ocfs2: Beginning quota recovery on device (253,18) for slot 2
ocfs2: Finishing quota recovery on device (253,18) for slot 2
(truncate,30154,1):ocfs2_truncate_file:470 ERROR: bug expression: le64_to_cpu(fe->i_size) != i_size_read(inode)
(truncate,30154,1):ocfs2_truncate_file:470 ERROR: Inode 290321, inode i_size = 732 != di i_size = 937, i_flags = 0x1
------------[ cut here ]------------
kernel BUG at /usr/src/linux/fs/ocfs2/file.c:470!
invalid opcode: 0000 [#1] SMP
Modules linked in: ocfs2_stack_user(OEN) ocfs2(OEN) ocfs2_nodemanager ocfs2_stackglue(OEN) quota_tree dlm(OEN) configfs fuse sd_mod iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi af_packet iscsi_ibft iscsi_boot_sysfs softdog xfs libcrc32c ppdev parport_pc pcspkr parport joydev virtio_balloon virtio_net i2c_piix4 acpi_cpufreq button processor ext4 crc16 jbd2 mbcache ata_generic cirrus virtio_blk ata_piix drm_kms_helper ahci syscopyarea libahci sysfillrect sysimgblt fb_sys_fops ttm floppy libata drm virtio_pci virtio_ring uhci_hcd virtio ehci_hcd usbcore serio_raw usb_common sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4
Supported: No, Unsupported modules are loaded
CPU: 1 PID: 30154 Comm: truncate Tainted: G OE N 4.4.21-69-default #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.1-0-g4adadbd-20151112_172657-sheep25 04/01/2014
task: ffff88004ff6d240 ti: ffff880074e68000 task.ti: ffff880074e68000
RIP: 0010:[<ffffffffa05c8c30>] [<ffffffffa05c8c30>] ocfs2_truncate_file+0x640/0x6c0 [ocfs2]
RSP: 0018:ffff880074e6bd50 EFLAGS: 00010282
RAX: 0000000000000074 RBX: 000000000000029e RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000246 RDI: 0000000000000246
RBP: ffff880074e6bda8 R08: 000000003675dc7a R09: ffffffff82013414
R10: 0000000000034c50 R11: 0000000000000000 R12: ffff88003aab3448
R13: 00000000000002dc R14: 0000000000046e11 R15: 0000000000000020
FS: 00007f839f965700(0000) GS:ffff88007fc80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f839f97e000 CR3: 0000000036723000 CR4: 00000000000006e0
Call Trace:
ocfs2_setattr+0x698/0xa90 [ocfs2]
notify_change+0x1ae/0x380
do_truncate+0x5e/0x90
do_sys_ftruncate.constprop.11+0x108/0x160
entry_SYSCALL_64_fastpath+0x12/0x6d
Code: 24 28 ba d6 01 00 00 48 c7 c6 30 43 62 a0 8b 41 2c 89 44 24 08 48 8b 41 20 48 c7 c1 78 a3 62 a0 48 89 04 24 31 c0 e8 a0 97 f9 ff <0f> 0b 3d 00 fe ff ff 0f 84 ab fd ff ff 83 f8 fc 0f 84 a2 fd ff
RIP [<ffffffffa05c8c30>] ocfs2_truncate_file+0x640/0x6c0 [ocfs2]
It's because ocfs2_inode_lock() get us stale LVB in which the i_size is
not equal to the disk i_size. We mistakenly trust the LVB because the
underlaying fsdlm dlm_lock() doesn't set lkb_sbflags with
DLM_SBF_VALNOTVALID properly for us. But, why?
The current code tries to downconvert lock without DLM_LKF_VALBLK flag
to tell o2cb don't update RSB's LVB if it's a PR->NULL conversion, even
if the lock resource type needs LVB. This is not the right way for
fsdlm.
The fsdlm plugin behaves different on DLM_LKF_VALBLK, it depends on
DLM_LKF_VALBLK to decide if we care about the LVB in the LKB. If
DLM_LKF_VALBLK is not set, fsdlm will skip recovering RSB's LVB from
this lkb and set the right DLM_SBF_VALNOTVALID appropriately when node
failure happens.
The following diagram briefly illustrates how this crash happens:
RSB1 is inode metadata lock resource with LOCK_TYPE_USES_LVB;
The 1st round:
Node1 Node2
RSB1: PR
RSB1(master): NULL->EX
ocfs2_downconvert_lock(PR->NULL, set_lvb==0)
ocfs2_dlm_lock(no DLM_LKF_VALBLK)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
dlm_lock(no DLM_LKF_VALBLK)
convert_lock(overwrite lkb->lkb_exflags
with no DLM_LKF_VALBLK)
RSB1: NULL RSB1: EX
reset Node2
dlm_recover_rsbs()
recover_lvb()
/* The LVB is not trustable if the node with EX fails and
* no lock >= PR is left. We should set RSB_VALNOTVALID for RSB1.
*/
if(!(kb_exflags & DLM_LKF_VALBLK)) /* This means we miss the chance to
return; * to invalid the LVB here.
*/
The 2nd round:
Node 1 Node2
RSB1(become master from recovery)
ocfs2_setattr()
ocfs2_inode_lock(NULL->EX)
/* dlm_lock() return the stale lvb without setting DLM_SBF_VALNOTVALID */
ocfs2_meta_lvb_is_trustable() return 1 /* so we don't refresh inode from disk */
ocfs2_truncate_file()
mlog_bug_on_msg(disk isize != i_size_read(inode)) /* crash! */
The fix is quite straightforward. We keep to set DLM_LKF_VALBLK flag
for dlm_lock() if the lock resource type needs LVB and the fsdlm plugin
is uesed.
Link: http://lkml.kernel.org/r/1481275846-6604-1-git-send-email-zren@suse.com
Signed-off-by: Eric Ren <zren@suse.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-01-10 17:57:33 -07:00
|
|
|
lockres->l_ops->flags & LOCK_TYPE_USES_LVB)
|
|
|
|
|
lvb = 1;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (lvb)
|
2008-02-01 13:14:57 -07:00
|
|
|
dlm_flags |= DLM_LKF_VALBLK;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2008-02-01 15:39:35 -07:00
|
|
|
ret = ocfs2_dlm_lock(osb->cconn,
|
2008-02-01 13:15:37 -07:00
|
|
|
new_level,
|
|
|
|
|
&lockres->l_lksb,
|
|
|
|
|
dlm_flags,
|
|
|
|
|
lockres->l_name,
|
2010-01-28 20:22:39 -07:00
|
|
|
OCFS2_LOCK_ID_MAX_LEN - 1);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
lockres_clear_pending(lockres, generation, osb);
|
2008-02-01 13:15:37 -07:00
|
|
|
if (ret) {
|
|
|
|
|
ocfs2_log_dlm_error("ocfs2_dlm_lock", ret, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_recover_from_dlm_error(lockres, 1);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
bail:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-29 18:37:32 -07:00
|
|
|
/* returns 1 when the caller should unlock and call ocfs2_dlm_unlock */
|
2005-12-15 15:31:24 -07:00
|
|
|
static int ocfs2_prepare_cancel_convert(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
if (lockres->l_unlock_action == OCFS2_UNLOCK_CANCEL_CONVERT) {
|
|
|
|
|
/* If we're already trying to cancel a lock conversion
|
|
|
|
|
* then just drop the spinlock and allow the caller to
|
|
|
|
|
* requeue this lock. */
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, skip convert\n", lockres->l_name);
|
2005-12-15 15:31:24 -07:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* were we in a convert when we got the bast fire? */
|
|
|
|
|
BUG_ON(lockres->l_action != OCFS2_AST_CONVERT &&
|
|
|
|
|
lockres->l_action != OCFS2_AST_DOWNCONVERT);
|
|
|
|
|
/* set things up for the unlockast to know to just
|
|
|
|
|
* clear out the ast_action and unset busy, etc. */
|
|
|
|
|
lockres->l_unlock_action = OCFS2_UNLOCK_CANCEL_CONVERT;
|
|
|
|
|
|
|
|
|
|
mlog_bug_on_msg(!(lockres->l_flags & OCFS2_LOCK_BUSY),
|
|
|
|
|
"lock %s, invalid flags: 0x%lx\n",
|
|
|
|
|
lockres->l_name, lockres->l_flags);
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s\n", lockres->l_name);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_cancel_convert(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
2008-02-01 15:39:35 -07:00
|
|
|
ret = ocfs2_dlm_unlock(osb->cconn, &lockres->l_lksb,
|
2010-01-28 20:22:39 -07:00
|
|
|
DLM_LKF_CANCEL);
|
2008-02-01 13:15:37 -07:00
|
|
|
if (ret) {
|
|
|
|
|
ocfs2_log_dlm_error("ocfs2_dlm_unlock", ret, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
ocfs2_recover_from_dlm_error(lockres, 0);
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s\n", lockres->l_name);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-13 23:01:16 -06:00
|
|
|
static int ocfs2_unblock_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
struct ocfs2_unblock_ctl *ctl)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
int blocking;
|
|
|
|
|
int new_level;
|
2010-02-03 11:16:54 -07:00
|
|
|
int level;
|
2005-12-15 15:31:24 -07:00
|
|
|
int ret = 0;
|
2006-09-13 22:21:52 -06:00
|
|
|
int set_lvb = 0;
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
unsigned int gen;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
recheck:
|
2010-02-01 17:55:50 -07:00
|
|
|
/*
|
|
|
|
|
* Is it still blocking? If not, we have no more work to do.
|
|
|
|
|
*/
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_BLOCKED)) {
|
|
|
|
|
BUG_ON(lockres->l_blocking != DLM_LOCK_NL);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
ret = 0;
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (lockres->l_flags & OCFS2_LOCK_BUSY) {
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
/* XXX
|
|
|
|
|
* This is a *big* race. The OCFS2_LOCK_PENDING flag
|
|
|
|
|
* exists entirely for one reason - another thread has set
|
|
|
|
|
* OCFS2_LOCK_BUSY, but has *NOT* yet called dlm_lock().
|
|
|
|
|
*
|
|
|
|
|
* If we do ocfs2_cancel_convert() before the other thread
|
|
|
|
|
* calls dlm_lock(), our cancel will do nothing. We will
|
|
|
|
|
* get no ast, and we will have no way of knowing the
|
|
|
|
|
* cancel failed. Meanwhile, the other thread will call
|
|
|
|
|
* into dlm_lock() and wait...forever.
|
|
|
|
|
*
|
|
|
|
|
* Why forever? Because another node has asked for the
|
|
|
|
|
* lock first; that's why we're here in unblock_lock().
|
|
|
|
|
*
|
|
|
|
|
* The solution is OCFS2_LOCK_PENDING. When PENDING is
|
|
|
|
|
* set, we just requeue the unblock. Only when the other
|
|
|
|
|
* thread has called dlm_lock() and cleared PENDING will
|
|
|
|
|
* we then cancel their request.
|
|
|
|
|
*
|
|
|
|
|
* All callers of dlm_lock() must set OCFS2_DLM_PENDING
|
|
|
|
|
* at the same time they set OCFS2_DLM_BUSY. They must
|
|
|
|
|
* clear OCFS2_DLM_PENDING after dlm_lock() returns.
|
|
|
|
|
*/
|
2010-02-26 20:42:44 -07:00
|
|
|
if (lockres->l_flags & OCFS2_LOCK_PENDING) {
|
|
|
|
|
mlog(ML_BASTS, "lockres %s, ReQ: Pending\n",
|
|
|
|
|
lockres->l_name);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
goto leave_requeue;
|
2010-02-26 20:42:44 -07:00
|
|
|
}
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
ctl->requeue = 1;
|
2005-12-15 15:31:24 -07:00
|
|
|
ret = ocfs2_prepare_cancel_convert(osb, lockres);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
if (ret) {
|
|
|
|
|
ret = ocfs2_cancel_convert(osb, lockres);
|
|
|
|
|
if (ret < 0)
|
|
|
|
|
mlog_errno(ret);
|
|
|
|
|
}
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-21 11:50:03 -07:00
|
|
|
/*
|
|
|
|
|
* This prevents livelocks. OCFS2_LOCK_UPCONVERT_FINISHING flag is
|
|
|
|
|
* set when the ast is received for an upconvert just before the
|
|
|
|
|
* OCFS2_LOCK_BUSY flag is cleared. Now if the fs received a bast
|
|
|
|
|
* on the heels of the ast, we want to delay the downconvert just
|
|
|
|
|
* enough to allow the up requestor to do its task. Because this
|
|
|
|
|
* lock is in the blocked queue, the lock will be downconverted
|
|
|
|
|
* as soon as the requestor is done with the lock.
|
|
|
|
|
*/
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_UPCONVERT_FINISHING)
|
|
|
|
|
goto leave_requeue;
|
|
|
|
|
|
2010-01-29 10:44:11 -07:00
|
|
|
/*
|
|
|
|
|
* How can we block and yet be at NL? We were trying to upconvert
|
|
|
|
|
* from NL and got canceled. The code comes back here, and now
|
|
|
|
|
* we notice and clear BLOCKING.
|
|
|
|
|
*/
|
|
|
|
|
if (lockres->l_level == DLM_LOCK_NL) {
|
|
|
|
|
BUG_ON(lockres->l_ex_holders || lockres->l_ro_holders);
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, Aborting dc\n", lockres->l_name);
|
2010-01-29 10:44:11 -07:00
|
|
|
lockres->l_blocking = DLM_LOCK_NL;
|
|
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_BLOCKED);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* if we're blocking an exclusive and we have *any* holders,
|
|
|
|
|
* then requeue. */
|
2008-02-01 13:14:57 -07:00
|
|
|
if ((lockres->l_blocking == DLM_LOCK_EX)
|
2010-02-26 20:42:44 -07:00
|
|
|
&& (lockres->l_ex_holders || lockres->l_ro_holders)) {
|
|
|
|
|
mlog(ML_BASTS, "lockres %s, ReQ: EX/PR Holders %u,%u\n",
|
|
|
|
|
lockres->l_name, lockres->l_ex_holders,
|
|
|
|
|
lockres->l_ro_holders);
|
2006-09-13 22:02:29 -06:00
|
|
|
goto leave_requeue;
|
2010-02-26 20:42:44 -07:00
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
/* If it's a PR we're blocking, then only
|
|
|
|
|
* requeue if we've got any EX holders */
|
2008-02-01 13:14:57 -07:00
|
|
|
if (lockres->l_blocking == DLM_LOCK_PR &&
|
2010-02-26 20:42:44 -07:00
|
|
|
lockres->l_ex_holders) {
|
|
|
|
|
mlog(ML_BASTS, "lockres %s, ReQ: EX Holders %u\n",
|
|
|
|
|
lockres->l_name, lockres->l_ex_holders);
|
2006-09-13 22:02:29 -06:00
|
|
|
goto leave_requeue;
|
2010-02-26 20:42:44 -07:00
|
|
|
}
|
2006-09-13 22:02:29 -06:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Can we get a lock in this state if the holder counts are
|
|
|
|
|
* zero? The meta data unblock code used to check this.
|
|
|
|
|
*/
|
|
|
|
|
if ((lockres->l_ops->flags & LOCK_TYPE_REQUIRES_REFRESH)
|
2010-02-26 20:42:44 -07:00
|
|
|
&& (lockres->l_flags & OCFS2_LOCK_REFRESHING)) {
|
|
|
|
|
mlog(ML_BASTS, "lockres %s, ReQ: Lock Refreshing\n",
|
|
|
|
|
lockres->l_name);
|
2006-09-13 22:02:29 -06:00
|
|
|
goto leave_requeue;
|
2010-02-26 20:42:44 -07:00
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-09-13 22:10:12 -06:00
|
|
|
new_level = ocfs2_highest_compat_lock_level(lockres->l_blocking);
|
|
|
|
|
|
|
|
|
|
if (lockres->l_ops->check_downconvert
|
2010-02-26 20:42:44 -07:00
|
|
|
&& !lockres->l_ops->check_downconvert(lockres, new_level)) {
|
|
|
|
|
mlog(ML_BASTS, "lockres %s, ReQ: Checkpointing\n",
|
|
|
|
|
lockres->l_name);
|
2006-09-13 22:10:12 -06:00
|
|
|
goto leave_requeue;
|
2010-02-26 20:42:44 -07:00
|
|
|
}
|
2006-09-13 22:10:12 -06:00
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
/* If we get here, then we know that there are no more
|
|
|
|
|
* incompatible holders (and anyone asking for an incompatible
|
|
|
|
|
* lock is blocked). We can now downconvert the lock */
|
2006-09-13 22:52:21 -06:00
|
|
|
if (!lockres->l_ops->downconvert_worker)
|
2005-12-15 15:31:24 -07:00
|
|
|
goto downconvert;
|
|
|
|
|
|
|
|
|
|
/* Some lockres types want to do a bit of work before
|
|
|
|
|
* downconverting a lock. Allow that here. The worker function
|
|
|
|
|
* may sleep, so we save off a copy of what we're blocking as
|
|
|
|
|
* it may change while we're not holding the spin lock. */
|
|
|
|
|
blocking = lockres->l_blocking;
|
2010-02-03 11:16:54 -07:00
|
|
|
level = lockres->l_level;
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2006-09-13 22:52:21 -06:00
|
|
|
ctl->unblock_action = lockres->l_ops->downconvert_worker(lockres, blocking);
|
2006-09-08 15:14:34 -06:00
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
if (ctl->unblock_action == UNBLOCK_STOP_POST) {
|
|
|
|
|
mlog(ML_BASTS, "lockres %s, UNBLOCK_STOP_POST\n",
|
|
|
|
|
lockres->l_name);
|
2006-09-08 15:14:34 -06:00
|
|
|
goto leave;
|
2010-02-26 20:42:44 -07:00
|
|
|
}
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
2010-02-03 11:16:54 -07:00
|
|
|
if ((blocking != lockres->l_blocking) || (level != lockres->l_level)) {
|
2005-12-15 15:31:24 -07:00
|
|
|
/* If this changed underneath us, then we can't drop
|
|
|
|
|
* it just yet. */
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, block=%d:%d, level=%d:%d, "
|
|
|
|
|
"Recheck\n", lockres->l_name, blocking,
|
|
|
|
|
lockres->l_blocking, level, lockres->l_level);
|
2005-12-15 15:31:24 -07:00
|
|
|
goto recheck;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
downconvert:
|
2006-09-08 15:14:34 -06:00
|
|
|
ctl->requeue = 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
2006-09-13 22:21:52 -06:00
|
|
|
if (lockres->l_ops->flags & LOCK_TYPE_USES_LVB) {
|
2008-02-01 13:14:57 -07:00
|
|
|
if (lockres->l_level == DLM_LOCK_EX)
|
2006-09-13 22:21:52 -06:00
|
|
|
set_lvb = 1;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* We only set the lvb if the lock has been fully
|
|
|
|
|
* refreshed - otherwise we risk setting stale
|
|
|
|
|
* data. Otherwise, there's no need to actually clear
|
|
|
|
|
* out the lvb here as it's value is still valid.
|
|
|
|
|
*/
|
|
|
|
|
if (set_lvb && !(lockres->l_flags & OCFS2_LOCK_NEEDS_REFRESH))
|
|
|
|
|
lockres->l_ops->set_lvb(lockres);
|
|
|
|
|
}
|
|
|
|
|
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
gen = ocfs2_prepare_downconvert(lockres, new_level);
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
ocfs2: Remove CANCELGRANT from the view of dlmglue.
o2dlm has the non-standard behavior of providing a cancel callback
(unlock_ast) even when the cancel has failed (the locking operation
succeeded without canceling). This is called CANCELGRANT after the
status code sent to the callback. fs/dlm does not provide this
callback, so dlmglue must be changed to live without it.
o2dlm_unlock_ast_wrapper() in stackglue now ignores CANCELGRANT calls.
Because dlmglue no longer sees CANCELGRANT, ocfs2_unlock_ast() no longer
needs to check for it. ocfs2_locking_ast() must catch that a cancel was
tried and clear the cancel state.
Making these changes opens up a locking race. dlmglue uses the the
OCFS2_LOCK_BUSY flag to ensure only one thread is calling the dlm at any
one time. But dlmglue must unlock the lockres before calling into the
dlm. In the small window of time between unlocking the lockres and
calling the dlm, the downconvert thread can try to cancel the lock. The
downconvert thread is checking the OCFS2_LOCK_BUSY flag - it doesn't
know that ocfs2_dlm_lock() has not yet been called.
Because ocfs2_dlm_lock() has not yet been called, the cancel operation
will just be a no-op. There's nothing to cancel. With CANCELGRANT,
dlmglue uses the CANCELGRANT callback to clear up the cancel state.
When it comes around again, it will retry the cancel. Eventually, the
first thread will have called into ocfs2_dlm_lock(), and either the
lock or the cancel will succeed. The downconvert thread can then do its
downconvert.
Without CANCELGRANT, there is nothing to clean up the cancellation
state. The downconvert thread does not know to retry its operations.
More importantly, the original lock may be blocking on the other node
that is trying to cancel us. With neither able to make progress, the
ast is never called and the cancellation state is never cleaned up that
way. dlmglue is deadlocked.
The OCFS2_LOCK_PENDING flag is introduced to remedy this window. It is
set at the same time OCFS2_LOCK_BUSY is. Thus, the downconvert thread
can check whether the lock is cancelable. If not, it just loops around
to try again. Once ocfs2_dlm_lock() is called, the thread then clears
OCFS2_LOCK_PENDING and wakes the downconvert thread. Now, if the
downconvert thread finds the lock BUSY, it can safely try to cancel it.
Whether the cancel works or not, the state will be properly set and the
lock processing can continue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-02-01 15:45:08 -07:00
|
|
|
ret = ocfs2_downconvert_lock(osb, lockres, new_level, set_lvb,
|
|
|
|
|
gen);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
leave:
|
2011-03-07 01:43:21 -07:00
|
|
|
if (ret)
|
|
|
|
|
mlog_errno(ret);
|
2005-12-15 15:31:24 -07:00
|
|
|
return ret;
|
2006-09-13 22:02:29 -06:00
|
|
|
|
|
|
|
|
leave_requeue:
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
ctl->requeue = 1;
|
|
|
|
|
|
|
|
|
|
return 0;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
static int ocfs2_data_convert_worker(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int blocking)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
struct inode *inode;
|
|
|
|
|
struct address_space *mapping;
|
2010-06-28 09:04:32 -06:00
|
|
|
struct ocfs2_inode_info *oi;
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
inode = ocfs2_lock_res_inode(lockres);
|
|
|
|
|
mapping = inode->i_mapping;
|
|
|
|
|
|
2010-06-28 09:04:32 -06:00
|
|
|
if (S_ISDIR(inode->i_mode)) {
|
|
|
|
|
oi = OCFS2_I(inode);
|
|
|
|
|
oi->ip_dir_lock_gen++;
|
|
|
|
|
mlog(0, "generation: %u\n", oi->ip_dir_lock_gen);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-28 18:16:03 -07:00
|
|
|
if (!S_ISREG(inode->i_mode))
|
2007-10-18 16:13:59 -06:00
|
|
|
goto out;
|
|
|
|
|
|
2006-12-11 12:06:36 -07:00
|
|
|
/*
|
|
|
|
|
* We need this before the filemap_fdatawrite() so that it can
|
|
|
|
|
* transfer the dirty bit from the PTE to the
|
|
|
|
|
* page. Unfortunately this means that even for EX->PR
|
|
|
|
|
* downconverts, we'll lose our mappings and have to build
|
|
|
|
|
* them up again.
|
|
|
|
|
*/
|
|
|
|
|
unmap_mapping_range(mapping, 0, 0, 0);
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
if (filemap_fdatawrite(mapping)) {
|
2006-03-03 11:24:33 -07:00
|
|
|
mlog(ML_ERROR, "Could not sync inode %llu for downconvert!",
|
|
|
|
|
(unsigned long long)OCFS2_I(inode)->ip_blkno);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
sync_mapping_buffers(mapping);
|
2008-02-01 13:14:57 -07:00
|
|
|
if (blocking == DLM_LOCK_EX) {
|
2005-12-15 15:31:24 -07:00
|
|
|
truncate_inode_pages(mapping, 0);
|
|
|
|
|
} else {
|
|
|
|
|
/* We only need to wait on the I/O if we're not also
|
|
|
|
|
* truncating pages because truncate_inode_pages waits
|
|
|
|
|
* for us above. We don't truncate pages if we're
|
|
|
|
|
* blocking anything < EXMODE because we want to keep
|
|
|
|
|
* them around in that case. */
|
|
|
|
|
filemap_fdatawait(mapping);
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-24 07:38:37 -06:00
|
|
|
forget_all_cached_acls(inode);
|
|
|
|
|
|
2007-10-18 16:13:59 -06:00
|
|
|
out:
|
2006-09-08 15:14:34 -06:00
|
|
|
return UNBLOCK_CONTINUE;
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
2009-08-17 21:19:29 -06:00
|
|
|
static int ocfs2_ci_checkpointed(struct ocfs2_caching_info *ci,
|
|
|
|
|
struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level)
|
2006-09-13 22:39:52 -06:00
|
|
|
{
|
2009-08-17 21:19:29 -06:00
|
|
|
int checkpointed = ocfs2_ci_fully_checkpointed(ci);
|
2006-09-13 22:39:52 -06:00
|
|
|
|
2008-02-01 13:14:57 -07:00
|
|
|
BUG_ON(new_level != DLM_LOCK_NL && new_level != DLM_LOCK_PR);
|
|
|
|
|
BUG_ON(lockres->l_level != DLM_LOCK_EX && !checkpointed);
|
2006-09-13 22:39:52 -06:00
|
|
|
|
|
|
|
|
if (checkpointed)
|
|
|
|
|
return 1;
|
|
|
|
|
|
2009-08-17 21:19:29 -06:00
|
|
|
ocfs2_start_checkpoint(OCFS2_SB(ocfs2_metadata_cache_get_super(ci)));
|
2006-09-13 22:39:52 -06:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-17 21:19:29 -06:00
|
|
|
static int ocfs2_check_meta_downconvert(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level)
|
|
|
|
|
{
|
|
|
|
|
struct inode *inode = ocfs2_lock_res_inode(lockres);
|
|
|
|
|
|
|
|
|
|
return ocfs2_ci_checkpointed(INODE_CACHE(inode), lockres, new_level);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-13 22:39:52 -06:00
|
|
|
static void ocfs2_set_meta_lvb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct inode *inode = ocfs2_lock_res_inode(lockres);
|
|
|
|
|
|
|
|
|
|
__ocfs2_stuff_meta_lvb(inode);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
/*
|
|
|
|
|
* Does the final reference drop on our dentry lock. Right now this
|
2007-09-24 16:56:19 -06:00
|
|
|
* happens in the downconvert thread, but we could choose to simplify the
|
2006-09-08 15:14:34 -06:00
|
|
|
* dlmglue API and push these off to the ocfs2_wq in the future.
|
|
|
|
|
*/
|
|
|
|
|
static void ocfs2_dentry_post_unlock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dentry_lock *dl = ocfs2_lock_res_dl(lockres);
|
|
|
|
|
ocfs2_dentry_lock_put(osb, dl);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* d_delete() matching dentries before the lock downconvert.
|
|
|
|
|
*
|
|
|
|
|
* At this point, any process waiting to destroy the
|
|
|
|
|
* dentry_lock due to last ref count is stopped by the
|
|
|
|
|
* OCFS2_LOCK_QUEUED flag.
|
|
|
|
|
*
|
|
|
|
|
* We have two potential problems
|
|
|
|
|
*
|
|
|
|
|
* 1) If we do the last reference drop on our dentry_lock (via dput)
|
|
|
|
|
* we'll wind up in ocfs2_release_dentry_lock(), waiting on
|
|
|
|
|
* the downconvert to finish. Instead we take an elevated
|
|
|
|
|
* reference and push the drop until after we've completed our
|
|
|
|
|
* unblock processing.
|
|
|
|
|
*
|
|
|
|
|
* 2) There might be another process with a final reference,
|
|
|
|
|
* waiting on us to finish processing. If this is the case, we
|
|
|
|
|
* detect it and exit out - there's no more dentries anyway.
|
|
|
|
|
*/
|
|
|
|
|
static int ocfs2_dentry_convert_worker(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int blocking)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_dentry_lock *dl = ocfs2_lock_res_dl(lockres);
|
|
|
|
|
struct ocfs2_inode_info *oi = OCFS2_I(dl->dl_inode);
|
|
|
|
|
struct dentry *dentry;
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
int extra_ref = 0;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This node is blocking another node from getting a read
|
|
|
|
|
* lock. This happens when we've renamed within a
|
|
|
|
|
* directory. We've forced the other nodes to d_delete(), but
|
|
|
|
|
* we never actually dropped our lock because it's still
|
|
|
|
|
* valid. The downconvert code will retain a PR for this node,
|
|
|
|
|
* so there's no further work to do.
|
|
|
|
|
*/
|
2008-02-01 13:14:57 -07:00
|
|
|
if (blocking == DLM_LOCK_PR)
|
2006-09-08 15:14:34 -06:00
|
|
|
return UNBLOCK_CONTINUE;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Mark this inode as potentially orphaned. The code in
|
|
|
|
|
* ocfs2_delete_inode() will figure out whether it actually
|
|
|
|
|
* needs to be freed or not.
|
|
|
|
|
*/
|
|
|
|
|
spin_lock(&oi->ip_lock);
|
|
|
|
|
oi->ip_flags |= OCFS2_INODE_MAYBE_ORPHANED;
|
|
|
|
|
spin_unlock(&oi->ip_lock);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Yuck. We need to make sure however that the check of
|
|
|
|
|
* OCFS2_LOCK_FREEING and the extra reference are atomic with
|
|
|
|
|
* respect to a reference decrement or the setting of that
|
|
|
|
|
* flag.
|
|
|
|
|
*/
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
spin_lock(&dentry_attach_lock);
|
|
|
|
|
if (!(lockres->l_flags & OCFS2_LOCK_FREEING)
|
|
|
|
|
&& dl->dl_count) {
|
|
|
|
|
dl->dl_count++;
|
|
|
|
|
extra_ref = 1;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock(&dentry_attach_lock);
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
|
|
|
|
mlog(0, "extra_ref = %d\n", extra_ref);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* We have a process waiting on us in ocfs2_dentry_iput(),
|
|
|
|
|
* which means we can't have any more outstanding
|
|
|
|
|
* aliases. There's no need to do any more work.
|
|
|
|
|
*/
|
|
|
|
|
if (!extra_ref)
|
|
|
|
|
return UNBLOCK_CONTINUE;
|
|
|
|
|
|
|
|
|
|
spin_lock(&dentry_attach_lock);
|
|
|
|
|
while (1) {
|
|
|
|
|
dentry = ocfs2_find_local_alias(dl->dl_inode,
|
|
|
|
|
dl->dl_parent_blkno, 1);
|
|
|
|
|
if (!dentry)
|
|
|
|
|
break;
|
|
|
|
|
spin_unlock(&dentry_attach_lock);
|
|
|
|
|
|
2015-02-10 15:09:23 -07:00
|
|
|
if (S_ISDIR(dl->dl_inode->i_mode))
|
|
|
|
|
shrink_dcache_parent(dentry);
|
|
|
|
|
|
2014-10-21 18:11:25 -06:00
|
|
|
mlog(0, "d_delete(%pd);\n", dentry);
|
2006-09-08 15:14:34 -06:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The following dcache calls may do an
|
|
|
|
|
* iput(). Normally we don't want that from the
|
|
|
|
|
* downconverting thread, but in this case it's ok
|
|
|
|
|
* because the requesting node already has an
|
|
|
|
|
* exclusive lock on the inode, so it can't be queued
|
|
|
|
|
* for a downconvert.
|
|
|
|
|
*/
|
|
|
|
|
d_delete(dentry);
|
|
|
|
|
dput(dentry);
|
|
|
|
|
|
|
|
|
|
spin_lock(&dentry_attach_lock);
|
|
|
|
|
}
|
|
|
|
|
spin_unlock(&dentry_attach_lock);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If we are the last holder of this dentry lock, there is no
|
|
|
|
|
* reason to downconvert so skip straight to the unlock.
|
|
|
|
|
*/
|
|
|
|
|
if (dl->dl_count == 1)
|
|
|
|
|
return UNBLOCK_STOP_POST;
|
|
|
|
|
|
|
|
|
|
return UNBLOCK_CONTINUE_POST;
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-17 21:19:58 -06:00
|
|
|
static int ocfs2_check_refcount_downconvert(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int new_level)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_refcount_tree *tree =
|
|
|
|
|
ocfs2_lock_res_refcount_tree(lockres);
|
|
|
|
|
|
|
|
|
|
return ocfs2_ci_checkpointed(&tree->rf_ci, lockres, new_level);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_refcount_convert_worker(struct ocfs2_lock_res *lockres,
|
|
|
|
|
int blocking)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_refcount_tree *tree =
|
|
|
|
|
ocfs2_lock_res_refcount_tree(lockres);
|
|
|
|
|
|
|
|
|
|
ocfs2_metadata_cache_purge(&tree->rf_ci);
|
|
|
|
|
|
|
|
|
|
return UNBLOCK_CONTINUE;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-25 11:56:50 -06:00
|
|
|
static void ocfs2_set_qinfo_lvb(struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_qinfo_lvb *lvb;
|
|
|
|
|
struct ocfs2_mem_dqinfo *oinfo = ocfs2_lock_res_qinfo(lockres);
|
|
|
|
|
struct mem_dqinfo *info = sb_dqinfo(oinfo->dqi_gi.dqi_sb,
|
|
|
|
|
oinfo->dqi_gi.dqi_type);
|
|
|
|
|
|
2008-12-24 17:03:48 -07:00
|
|
|
lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2008-08-25 11:56:50 -06:00
|
|
|
lvb->lvb_version = OCFS2_QINFO_LVB_VERSION;
|
|
|
|
|
lvb->lvb_bgrace = cpu_to_be32(info->dqi_bgrace);
|
|
|
|
|
lvb->lvb_igrace = cpu_to_be32(info->dqi_igrace);
|
|
|
|
|
lvb->lvb_syncms = cpu_to_be32(oinfo->dqi_syncms);
|
|
|
|
|
lvb->lvb_blocks = cpu_to_be32(oinfo->dqi_gi.dqi_blocks);
|
|
|
|
|
lvb->lvb_free_blk = cpu_to_be32(oinfo->dqi_gi.dqi_free_blk);
|
|
|
|
|
lvb->lvb_free_entry = cpu_to_be32(oinfo->dqi_gi.dqi_free_entry);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_qinfo_unlock(struct ocfs2_mem_dqinfo *oinfo, int ex)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &oinfo->dqi_gqlock;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(oinfo->dqi_gi.dqi_sb);
|
|
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
|
|
|
|
|
|
|
|
|
if (!ocfs2_is_hard_readonly(osb) && !ocfs2_mount_local(osb))
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres, level);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_refresh_qinfo(struct ocfs2_mem_dqinfo *oinfo)
|
|
|
|
|
{
|
|
|
|
|
struct mem_dqinfo *info = sb_dqinfo(oinfo->dqi_gi.dqi_sb,
|
|
|
|
|
oinfo->dqi_gi.dqi_type);
|
|
|
|
|
struct ocfs2_lock_res *lockres = &oinfo->dqi_gqlock;
|
|
|
|
|
struct ocfs2_qinfo_lvb *lvb = ocfs2_dlm_lvb(&lockres->l_lksb);
|
2008-11-25 07:31:27 -07:00
|
|
|
struct buffer_head *bh = NULL;
|
2008-08-25 11:56:50 -06:00
|
|
|
struct ocfs2_global_disk_dqinfo *gdinfo;
|
|
|
|
|
int status = 0;
|
|
|
|
|
|
2009-06-19 16:14:13 -06:00
|
|
|
if (ocfs2_dlm_lvb_valid(&lockres->l_lksb) &&
|
|
|
|
|
lvb->lvb_version == OCFS2_QINFO_LVB_VERSION) {
|
2008-08-25 11:56:50 -06:00
|
|
|
info->dqi_bgrace = be32_to_cpu(lvb->lvb_bgrace);
|
|
|
|
|
info->dqi_igrace = be32_to_cpu(lvb->lvb_igrace);
|
|
|
|
|
oinfo->dqi_syncms = be32_to_cpu(lvb->lvb_syncms);
|
|
|
|
|
oinfo->dqi_gi.dqi_blocks = be32_to_cpu(lvb->lvb_blocks);
|
|
|
|
|
oinfo->dqi_gi.dqi_free_blk = be32_to_cpu(lvb->lvb_free_blk);
|
|
|
|
|
oinfo->dqi_gi.dqi_free_entry =
|
|
|
|
|
be32_to_cpu(lvb->lvb_free_entry);
|
|
|
|
|
} else {
|
2010-04-28 11:04:29 -06:00
|
|
|
status = ocfs2_read_quota_phys_block(oinfo->dqi_gqinode,
|
|
|
|
|
oinfo->dqi_giblk, &bh);
|
2008-11-25 07:31:27 -07:00
|
|
|
if (status) {
|
2008-08-25 11:56:50 -06:00
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
gdinfo = (struct ocfs2_global_disk_dqinfo *)
|
|
|
|
|
(bh->b_data + OCFS2_GLOBAL_INFO_OFF);
|
|
|
|
|
info->dqi_bgrace = le32_to_cpu(gdinfo->dqi_bgrace);
|
|
|
|
|
info->dqi_igrace = le32_to_cpu(gdinfo->dqi_igrace);
|
|
|
|
|
oinfo->dqi_syncms = le32_to_cpu(gdinfo->dqi_syncms);
|
|
|
|
|
oinfo->dqi_gi.dqi_blocks = le32_to_cpu(gdinfo->dqi_blocks);
|
|
|
|
|
oinfo->dqi_gi.dqi_free_blk = le32_to_cpu(gdinfo->dqi_free_blk);
|
|
|
|
|
oinfo->dqi_gi.dqi_free_entry =
|
|
|
|
|
le32_to_cpu(gdinfo->dqi_free_entry);
|
|
|
|
|
brelse(bh);
|
|
|
|
|
ocfs2_track_lock_refresh(lockres);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bail:
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Lock quota info, this function expects at least shared lock on the quota file
|
|
|
|
|
* so that we can safely refresh quota info from disk. */
|
|
|
|
|
int ocfs2_qinfo_lock(struct ocfs2_mem_dqinfo *oinfo, int ex)
|
|
|
|
|
{
|
|
|
|
|
struct ocfs2_lock_res *lockres = &oinfo->dqi_gqlock;
|
|
|
|
|
struct ocfs2_super *osb = OCFS2_SB(oinfo->dqi_gi.dqi_sb);
|
|
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
|
|
|
|
int status = 0;
|
|
|
|
|
|
|
|
|
|
/* On RO devices, locking really isn't needed... */
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb)) {
|
|
|
|
|
if (ex)
|
|
|
|
|
status = -EROFS;
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
goto bail;
|
|
|
|
|
|
|
|
|
|
status = ocfs2_cluster_lock(osb, lockres, level, 0, 0);
|
|
|
|
|
if (status < 0) {
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
goto bail;
|
|
|
|
|
}
|
|
|
|
|
if (!ocfs2_should_refresh_lock_res(lockres))
|
|
|
|
|
goto bail;
|
|
|
|
|
/* OK, we have the lock but we need to refresh the quota info */
|
|
|
|
|
status = ocfs2_refresh_qinfo(oinfo);
|
|
|
|
|
if (status)
|
|
|
|
|
ocfs2_qinfo_unlock(oinfo, ex);
|
|
|
|
|
ocfs2_complete_lock_res_refresh(lockres, status);
|
|
|
|
|
bail:
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-17 21:19:58 -06:00
|
|
|
int ocfs2_refcount_lock(struct ocfs2_refcount_tree *ref_tree, int ex)
|
|
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &ref_tree->rf_lockres;
|
|
|
|
|
struct ocfs2_super *osb = lockres->l_priv;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (ocfs2_is_hard_readonly(osb))
|
|
|
|
|
return -EROFS;
|
|
|
|
|
|
|
|
|
|
if (ocfs2_mount_local(osb))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
status = ocfs2_cluster_lock(osb, lockres, level, 0, 0);
|
|
|
|
|
if (status < 0)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_refcount_unlock(struct ocfs2_refcount_tree *ref_tree, int ex)
|
|
|
|
|
{
|
|
|
|
|
int level = ex ? DLM_LOCK_EX : DLM_LOCK_PR;
|
|
|
|
|
struct ocfs2_lock_res *lockres = &ref_tree->rf_lockres;
|
|
|
|
|
struct ocfs2_super *osb = lockres->l_priv;
|
|
|
|
|
|
|
|
|
|
if (!ocfs2_mount_local(osb))
|
|
|
|
|
ocfs2_cluster_unlock(osb, lockres, level);
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-28 15:11:41 -07:00
|
|
|
static void ocfs2_process_blocked_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
2005-12-15 15:31:24 -07:00
|
|
|
{
|
|
|
|
|
int status;
|
2006-09-08 15:14:34 -06:00
|
|
|
struct ocfs2_unblock_ctl ctl = {0, 0,};
|
2005-12-15 15:31:24 -07:00
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
|
|
/* Our reference to the lockres in this function can be
|
|
|
|
|
* considered valid until we remove the OCFS2_LOCK_QUEUED
|
|
|
|
|
* flag. */
|
|
|
|
|
|
|
|
|
|
BUG_ON(!lockres);
|
|
|
|
|
BUG_ON(!lockres->l_ops);
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s blocked\n", lockres->l_name);
|
2005-12-15 15:31:24 -07:00
|
|
|
|
|
|
|
|
/* Detect whether a lock has been marked as going away while
|
2007-09-24 16:56:19 -06:00
|
|
|
* the downconvert thread was processing other things. A lock can
|
2005-12-15 15:31:24 -07:00
|
|
|
* still be marked with OCFS2_LOCK_FREEING after this check,
|
|
|
|
|
* but short circuiting here will still save us some
|
|
|
|
|
* performance. */
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_FREEING)
|
|
|
|
|
goto unqueue;
|
|
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2006-09-13 23:01:16 -06:00
|
|
|
status = ocfs2_unblock_lock(osb, lockres, &ctl);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (status < 0)
|
|
|
|
|
mlog_errno(status);
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&lockres->l_lock, flags);
|
|
|
|
|
unqueue:
|
2006-09-08 15:14:34 -06:00
|
|
|
if (lockres->l_flags & OCFS2_LOCK_FREEING || !ctl.requeue) {
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres_clear_flags(lockres, OCFS2_LOCK_QUEUED);
|
|
|
|
|
} else
|
|
|
|
|
ocfs2_schedule_blocked_lock(osb, lockres);
|
|
|
|
|
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s, requeue = %s.\n", lockres->l_name,
|
2006-09-08 15:14:34 -06:00
|
|
|
ctl.requeue ? "yes" : "no");
|
2005-12-15 15:31:24 -07:00
|
|
|
spin_unlock_irqrestore(&lockres->l_lock, flags);
|
|
|
|
|
|
2006-09-08 15:14:34 -06:00
|
|
|
if (ctl.unblock_action != UNBLOCK_CONTINUE
|
|
|
|
|
&& lockres->l_ops->post_unlock)
|
|
|
|
|
lockres->l_ops->post_unlock(osb, lockres);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ocfs2_schedule_blocked_lock(struct ocfs2_super *osb,
|
|
|
|
|
struct ocfs2_lock_res *lockres)
|
|
|
|
|
{
|
2012-01-30 22:51:22 -07:00
|
|
|
unsigned long flags;
|
|
|
|
|
|
2005-12-15 15:31:24 -07:00
|
|
|
assert_spin_locked(&lockres->l_lock);
|
|
|
|
|
|
|
|
|
|
if (lockres->l_flags & OCFS2_LOCK_FREEING) {
|
|
|
|
|
/* Do not schedule a lock for downconvert when it's on
|
|
|
|
|
* the way to destruction - any nodes wanting access
|
|
|
|
|
* to the resource will get it soon. */
|
2010-02-26 20:42:44 -07:00
|
|
|
mlog(ML_BASTS, "lockres %s won't be scheduled: flags 0x%lx\n",
|
2005-12-15 15:31:24 -07:00
|
|
|
lockres->l_name, lockres->l_flags);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lockres_or_flags(lockres, OCFS2_LOCK_QUEUED);
|
|
|
|
|
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
if (list_empty(&lockres->l_blocked_list)) {
|
|
|
|
|
list_add_tail(&lockres->l_blocked_list,
|
|
|
|
|
&osb->blocked_lock_list);
|
|
|
|
|
osb->blocked_lock_count++;
|
|
|
|
|
}
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags);
|
2005-12-15 15:31:24 -07:00
|
|
|
}
|
2007-09-24 16:56:19 -06:00
|
|
|
|
|
|
|
|
static void ocfs2_downconvert_thread_do_work(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
unsigned long processed;
|
2012-01-30 22:51:22 -07:00
|
|
|
unsigned long flags;
|
2007-09-24 16:56:19 -06:00
|
|
|
struct ocfs2_lock_res *lockres;
|
|
|
|
|
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
/* grab this early so we know to try again if a state change and
|
|
|
|
|
* wake happens part-way through our work */
|
|
|
|
|
osb->dc_work_sequence = osb->dc_wake_sequence;
|
|
|
|
|
|
|
|
|
|
processed = osb->blocked_lock_count;
|
2015-08-06 16:46:23 -06:00
|
|
|
/*
|
|
|
|
|
* blocked lock processing in this loop might call iput which can
|
|
|
|
|
* remove items off osb->blocked_lock_list. Downconvert up to
|
|
|
|
|
* 'processed' number of locks, but stop short if we had some
|
|
|
|
|
* removed in ocfs2_mark_lockres_freeing when downconverting.
|
|
|
|
|
*/
|
|
|
|
|
while (processed && !list_empty(&osb->blocked_lock_list)) {
|
2007-09-24 16:56:19 -06:00
|
|
|
lockres = list_entry(osb->blocked_lock_list.next,
|
|
|
|
|
struct ocfs2_lock_res, l_blocked_list);
|
|
|
|
|
list_del_init(&lockres->l_blocked_list);
|
|
|
|
|
osb->blocked_lock_count--;
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
|
|
|
|
|
BUG_ON(!processed);
|
|
|
|
|
processed--;
|
|
|
|
|
|
|
|
|
|
ocfs2_process_blocked_lock(osb, lockres);
|
|
|
|
|
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
}
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_downconvert_thread_lists_empty(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
int empty = 0;
|
2012-01-30 22:51:22 -07:00
|
|
|
unsigned long flags;
|
2007-09-24 16:56:19 -06:00
|
|
|
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
if (list_empty(&osb->blocked_lock_list))
|
|
|
|
|
empty = 1;
|
|
|
|
|
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
return empty;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ocfs2_downconvert_thread_should_wake(struct ocfs2_super *osb)
|
|
|
|
|
{
|
|
|
|
|
int should_wake = 0;
|
2012-01-30 22:51:22 -07:00
|
|
|
unsigned long flags;
|
2007-09-24 16:56:19 -06:00
|
|
|
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
if (osb->dc_work_sequence != osb->dc_wake_sequence)
|
|
|
|
|
should_wake = 1;
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
|
|
|
|
|
return should_wake;
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-17 01:20:38 -07:00
|
|
|
static int ocfs2_downconvert_thread(void *arg)
|
2007-09-24 16:56:19 -06:00
|
|
|
{
|
|
|
|
|
struct ocfs2_super *osb = arg;
|
|
|
|
|
|
|
|
|
|
/* only quit once we've been asked to stop and there is no more
|
|
|
|
|
* work available */
|
|
|
|
|
while (!(kthread_should_stop() &&
|
|
|
|
|
ocfs2_downconvert_thread_lists_empty(osb))) {
|
|
|
|
|
|
|
|
|
|
wait_event_interruptible(osb->dc_event,
|
|
|
|
|
ocfs2_downconvert_thread_should_wake(osb) ||
|
|
|
|
|
kthread_should_stop());
|
|
|
|
|
|
|
|
|
|
mlog(0, "downconvert_thread: awoken\n");
|
|
|
|
|
|
|
|
|
|
ocfs2_downconvert_thread_do_work(osb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
osb->dc_task = NULL;
|
2019-07-11 21:53:16 -06:00
|
|
|
return 0;
|
2007-09-24 16:56:19 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ocfs2_wake_downconvert_thread(struct ocfs2_super *osb)
|
|
|
|
|
{
|
2012-01-30 22:51:22 -07:00
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
|
|
spin_lock_irqsave(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
/* make sure the voting thread gets a swipe at whatever changes
|
|
|
|
|
* the caller may have made to the voting state */
|
|
|
|
|
osb->dc_wake_sequence++;
|
2012-01-30 22:51:22 -07:00
|
|
|
spin_unlock_irqrestore(&osb->dc_task_lock, flags);
|
2007-09-24 16:56:19 -06:00
|
|
|
wake_up(&osb->dc_event);
|
|
|
|
|
}
|