mirror of
https://github.com/torvalds/linux.git
synced 2024-12-02 09:01:34 +00:00
3c919b0910
Wengang Wang reports that a customer's system was running a number of
truncate operations on a filesystem with a very small log. Contention
on the reserve heads lead to other threads stalling on smaller updates
(e.g. mtime updates) long enough to result in the node being rebooted
on account of the lack of responsivenes. The node failed to recover
because log recovery of an EFI became stuck waiting for a grant of
reserve space. From Wengang's report:
"For the file deletion, log bytes are reserved basing on
xfs_mount->tr_itruncate which is:
tr_logres = 175488,
tr_logcount = 2,
tr_logflags = XFS_TRANS_PERM_LOG_RES,
"You see it's a permanent log reservation with two log operations (two
transactions in rolling mode). After calculation (xlog_calc_unit_res()
adds space for various log headers), the final log space needed per
transaction changes from 175488 to 180208 bytes. So the total log
space needed is 360416 bytes (180208 * 2). [That quantity] of log space
(360416 bytes) needs to be reserved for both run time inode removing
(xfs_inactive_truncate()) and EFI recover (xfs_efi_item_recover())."
In other words, runtime pre-reserves 360K of space in anticipation of
running a chain of two transactions in which each transaction gets a
180K reservation.
Now that we've allocated the transaction, we delete the bmap mapping,
log an EFI to free the space, and roll the transaction as part of
finishing the deferops chain. Rolling creates a new xfs_trans which
shares its ticket with the old transaction. Next, xfs_trans_roll calls
__xfs_trans_commit with regrant == true, which calls xlog_cil_commit
with the same regrant parameter.
xlog_cil_commit calls xfs_log_ticket_regrant, which decrements t_cnt and
subtracts t_curr_res from the reservation and write heads.
If the filesystem is fresh and the first transaction only used (say)
20K, then t_curr_res will be 160K, and we give that much reservation
back to the reservation head. Or if the file is really fragmented and
the first transaction actually uses 170K, then t_curr_res will be 10K,
and that's what we give back to the reservation.
Having done that, we're now headed into the second transaction with an
EFI and 180K of reservation. Other threads apparently consumed all the
reservation for smaller transactions, such as timestamp updates.
Now let's say the first transaction gets written to disk and we crash
without ever completing the second transaction. Now we remount the fs,
log recovery finds the unfinished EFI, and calls xfs_efi_recover to
finish the EFI. However, xfs_efi_recover starts a new tr_itruncate
tranasction, which asks for 360K log reservation. This is a lot more
than the 180K that we had reserved at the time of the crash. If the
first EFI to be recovered is also pinning the tail of the log, we will
be unable to free any space in the log, and recovery livelocks.
Wengang confirmed this:
"Now we have the second transaction which has 180208 log bytes reserved
too. The second transaction is supposed to process intents including
extent freeing. With my hacking patch, I blocked the extent freeing 5
hours. So in that 5 hours, 180208 (NOT 360416) log bytes are reserved.
"With my test case, other transactions (update timestamps) then happen.
As my hacking patch pins the journal tail, those timestamp-updating
transactions finally use up (almost) all the left available log space
(in memory in on disk). And finally the on disk (and in memory)
available log space goes down near to 180208 bytes. Those 180208 bytes
are reserved by [the] second (extent-free) transaction [in the chain]."
Wengang and I noticed that EFI recovery starts a transaction, completes
one step of the chain, and commits the transaction without completing
any other steps of the chain. Those subsequent steps are completed by
xlog_finish_defer_ops, which allocates yet another transaction to
finish the rest of the chain. That transaction gets the same tr_logres
as the head transaction, but with tr_logcount = 1 to force regranting
with every roll to avoid livelocks.
In other words, we already figured this out in commit
|
||
|---|---|---|
| .. | ||
| libxfs | ||
| scrub | ||
| Kconfig | ||
| kmem.c | ||
| kmem.h | ||
| Makefile | ||
| mrlock.h | ||
| xfs_acl.c | ||
| xfs_acl.h | ||
| xfs_aops.c | ||
| xfs_aops.h | ||
| xfs_attr_inactive.c | ||
| xfs_attr_item.c | ||
| xfs_attr_item.h | ||
| xfs_attr_list.c | ||
| xfs_bio_io.c | ||
| xfs_bmap_item.c | ||
| xfs_bmap_item.h | ||
| xfs_bmap_util.c | ||
| xfs_bmap_util.h | ||
| xfs_buf_item_recover.c | ||
| xfs_buf_item.c | ||
| xfs_buf_item.h | ||
| xfs_buf.c | ||
| xfs_buf.h | ||
| xfs_dahash_test.c | ||
| xfs_dahash_test.h | ||
| xfs_dir2_readdir.c | ||
| xfs_discard.c | ||
| xfs_discard.h | ||
| xfs_dquot_item_recover.c | ||
| xfs_dquot_item.c | ||
| xfs_dquot_item.h | ||
| xfs_dquot.c | ||
| xfs_dquot.h | ||
| xfs_drain.c | ||
| xfs_drain.h | ||
| xfs_error.c | ||
| xfs_error.h | ||
| xfs_export.c | ||
| xfs_export.h | ||
| xfs_extent_busy.c | ||
| xfs_extent_busy.h | ||
| xfs_extfree_item.c | ||
| xfs_extfree_item.h | ||
| xfs_file.c | ||
| xfs_filestream.c | ||
| xfs_filestream.h | ||
| xfs_fsmap.c | ||
| xfs_fsmap.h | ||
| xfs_fsops.c | ||
| xfs_fsops.h | ||
| xfs_globals.c | ||
| xfs_health.c | ||
| xfs_icache.c | ||
| xfs_icache.h | ||
| xfs_icreate_item.c | ||
| xfs_icreate_item.h | ||
| xfs_inode_item_recover.c | ||
| xfs_inode_item.c | ||
| xfs_inode_item.h | ||
| xfs_inode.c | ||
| xfs_inode.h | ||
| xfs_ioctl32.c | ||
| xfs_ioctl32.h | ||
| xfs_ioctl.c | ||
| xfs_ioctl.h | ||
| xfs_iomap.c | ||
| xfs_iomap.h | ||
| xfs_iops.c | ||
| xfs_iops.h | ||
| xfs_itable.c | ||
| xfs_itable.h | ||
| xfs_iunlink_item.c | ||
| xfs_iunlink_item.h | ||
| xfs_iwalk.c | ||
| xfs_iwalk.h | ||
| xfs_linux.h | ||
| xfs_log_cil.c | ||
| xfs_log_priv.h | ||
| xfs_log_recover.c | ||
| xfs_log.c | ||
| xfs_log.h | ||
| xfs_message.c | ||
| xfs_message.h | ||
| xfs_mount.c | ||
| xfs_mount.h | ||
| xfs_mru_cache.c | ||
| xfs_mru_cache.h | ||
| xfs_notify_failure.c | ||
| xfs_ondisk.h | ||
| xfs_pnfs.c | ||
| xfs_pnfs.h | ||
| xfs_pwork.c | ||
| xfs_pwork.h | ||
| xfs_qm_bhv.c | ||
| xfs_qm_syscalls.c | ||
| xfs_qm.c | ||
| xfs_qm.h | ||
| xfs_quota.h | ||
| xfs_quotaops.c | ||
| xfs_refcount_item.c | ||
| xfs_refcount_item.h | ||
| xfs_reflink.c | ||
| xfs_reflink.h | ||
| xfs_rmap_item.c | ||
| xfs_rmap_item.h | ||
| xfs_rtalloc.c | ||
| xfs_rtalloc.h | ||
| xfs_stats.c | ||
| xfs_stats.h | ||
| xfs_super.c | ||
| xfs_super.h | ||
| xfs_symlink.c | ||
| xfs_symlink.h | ||
| xfs_sysctl.c | ||
| xfs_sysctl.h | ||
| xfs_sysfs.c | ||
| xfs_sysfs.h | ||
| xfs_trace.c | ||
| xfs_trace.h | ||
| xfs_trans_ail.c | ||
| xfs_trans_buf.c | ||
| xfs_trans_dquot.c | ||
| xfs_trans_priv.h | ||
| xfs_trans.c | ||
| xfs_trans.h | ||
| xfs_xattr.c | ||
| xfs_xattr.h | ||
| xfs.h | ||