public inbox for [email protected]
 help / color / mirror / Atom feed
From: Dave Chinner <[email protected]>
To: Hao Xu <[email protected]>
Cc: [email protected], Jens Axboe <[email protected]>,
	Dominique Martinet <[email protected]>,
	Pavel Begunkov <[email protected]>,
	Christian Brauner <[email protected]>,
	Alexander Viro <[email protected]>,
	Stefan Roesch <[email protected]>, Clay Harris <[email protected]>,
	"Darrick J . Wong" <[email protected]>,
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	[email protected], [email protected],
	Wanpeng Li <[email protected]>
Subject: Re: [PATCH 25/29] xfs: support nowait for xfs_buf_item_init()
Date: Sat, 26 Aug 2023 08:16:15 +1000	[thread overview]
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>

On Fri, Aug 25, 2023 at 09:54:27PM +0800, Hao Xu wrote:
> From: Hao Xu <[email protected]>
> 
> support nowait for xfs_buf_item_init() and error out -EAGAIN to
> _xfs_trans_bjoin() when it would block.
> 
> Signed-off-by: Hao Xu <[email protected]>
> ---
>  fs/xfs/xfs_buf_item.c         |  9 +++++++--
>  fs/xfs/xfs_buf_item.h         |  2 +-
>  fs/xfs/xfs_buf_item_recover.c |  2 +-
>  fs/xfs/xfs_trans_buf.c        | 16 +++++++++++++---
>  4 files changed, 22 insertions(+), 7 deletions(-)
> 
> diff --git a/fs/xfs/xfs_buf_item.c b/fs/xfs/xfs_buf_item.c
> index 023d4e0385dd..b1e63137d65b 100644
> --- a/fs/xfs/xfs_buf_item.c
> +++ b/fs/xfs/xfs_buf_item.c
> @@ -827,7 +827,8 @@ xfs_buf_item_free_format(
>  int
>  xfs_buf_item_init(
>  	struct xfs_buf	*bp,
> -	struct xfs_mount *mp)
> +	struct xfs_mount *mp,
> +	bool   nowait)
>  {
>  	struct xfs_buf_log_item	*bip = bp->b_log_item;
>  	int			chunks;
> @@ -847,7 +848,11 @@ xfs_buf_item_init(
>  		return 0;
>  	}
>  
> -	bip = kmem_cache_zalloc(xfs_buf_item_cache, GFP_KERNEL | __GFP_NOFAIL);
> +	bip = kmem_cache_zalloc(xfs_buf_item_cache,
> +				GFP_KERNEL | (nowait ? 0 : __GFP_NOFAIL));
> +	if (!bip)
> +		return -EAGAIN;
> +
>  	xfs_log_item_init(mp, &bip->bli_item, XFS_LI_BUF, &xfs_buf_item_ops);
>  	bip->bli_buf = bp;

I see filesystem shutdowns....

> diff --git a/fs/xfs/xfs_trans_buf.c b/fs/xfs/xfs_trans_buf.c
> index 016371f58f26..a1e4f2e8629a 100644
> --- a/fs/xfs/xfs_trans_buf.c
> +++ b/fs/xfs/xfs_trans_buf.c
> @@ -57,13 +57,14 @@ xfs_trans_buf_item_match(
>   * If the buffer does not yet have a buf log item associated with it,
>   * then allocate one for it.  Then add the buf item to the transaction.
>   */
> -STATIC void
> +STATIC int
>  _xfs_trans_bjoin(
>  	struct xfs_trans	*tp,
>  	struct xfs_buf		*bp,
>  	int			reset_recur)
>  {
>  	struct xfs_buf_log_item	*bip;
> +	int ret;
>  
>  	ASSERT(bp->b_transp == NULL);
>  
> @@ -72,7 +73,11 @@ _xfs_trans_bjoin(
>  	 * it doesn't have one yet, then allocate one and initialize it.
>  	 * The checks to see if one is there are in xfs_buf_item_init().
>  	 */
> -	xfs_buf_item_init(bp, tp->t_mountp);
> +	ret = xfs_buf_item_init(bp, tp->t_mountp,
> +				tp->t_flags & XFS_TRANS_NOWAIT);
> +	if (ret < 0)
> +		return ret;
> +
>  	bip = bp->b_log_item;
>  	ASSERT(!(bip->bli_flags & XFS_BLI_STALE));
>  	ASSERT(!(bip->__bli_format.blf_flags & XFS_BLF_CANCEL));
> @@ -92,6 +97,7 @@ _xfs_trans_bjoin(
>  	xfs_trans_add_item(tp, &bip->bli_item);
>  	bp->b_transp = tp;
>  
> +	return 0;
>  }
>  
>  void
> @@ -309,7 +315,11 @@ xfs_trans_read_buf_map(
>  	}
>  
>  	if (tp) {
> -		_xfs_trans_bjoin(tp, bp, 1);
> +		error = _xfs_trans_bjoin(tp, bp, 1);
> +		if (error) {
> +			xfs_buf_relse(bp);
> +			return error;
> +		}
>  		trace_xfs_trans_read_buf(bp->b_log_item);

So what happens at the callers when we have a dirty transaction and
joining a buffer fails with -EAGAIN?

Apart from the fact this may well propagate -EAGAIN up to userspace,
cancelling a dirty transaction at this point will result in a
filesystem shutdown....

Indeed, this can happen in the "simple" timestamp update case that
this "nowait" semantic is being aimed at. We log the inode in the
timestamp update, which dirties the log item and registers a
precommit operation to be run. We commit the
transaction, which then runs xfs_inode_item_precommit() and that
may need to attach the inode to the inode cluster buffer. This
results in:

xfs_inode_item_precommit
  xfs_imap_to_bp
    xfs_trans_read_buf_map
      _xfs_trans_bjoin
        xfs_buf_item_init(XFS_TRANS_NOWAIT)
	  kmem_cache_zalloc(GFP_NOFS)
	  <memory allocation fails>
      gets -EAGAIN error
    propagates -EAGAIN
  fails due to -EAGAIN

And now xfs_trans_commit() fails with a dirty transaction and the
filesystem shuts down.

IOWs, XFS_TRANS_NOWAIT as it stands is fundamentally broken. Once we
dirty an item in a transaction, we *cannot* back out of the
transaction. We *must block* in every place that could fail -
locking, memory allocation and/or IO - until the transaction
completes because we cannot undo the changes we've already made to
the dirty items in the transaction....

It's even worse than that - once we have committed intents, the
whole chain of intent processing must be run to completionr. Hence
we can't tolerate backing out of that defered processing chain half
way through because we might have to block.

Until we can roll back partial dirty transactions and partially
completed defered intent chains at any random point of completion,
XFS_TRANS_NOWAIT will not work.

-Dave.
-- 
Dave Chinner
[email protected]

  reply	other threads:[~2023-08-25 22:17 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-25 13:54 [PATCH RFC v5 00/29] io_uring getdents Hao Xu
2023-08-25 13:54 ` [PATCH 01/29] fs: split off vfs_getdents function of getdents64 syscall Hao Xu
2023-08-25 13:54 ` [PATCH 02/29] xfs: rename XBF_TRYLOCK to XBF_NOWAIT Hao Xu
2023-08-25 21:39   ` Dave Chinner
2023-08-25 13:54 ` [PATCH 03/29] xfs: add NOWAIT semantics for readdir Hao Xu
2023-08-25 13:54 ` [PATCH 04/29] vfs: add nowait flag for struct dir_context Hao Xu
2023-08-25 13:54 ` [PATCH 05/29] vfs: add a vfs helper for io_uring file pos lock Hao Xu
2023-08-25 13:54 ` [PATCH 06/29] vfs: add file_pos_unlock() for io_uring usage Hao Xu
2023-08-25 13:54 ` [PATCH 07/29] vfs: add a nowait parameter for touch_atime() Hao Xu
2023-08-25 13:54 ` [PATCH 08/29] vfs: add nowait parameter for file_accessed() Hao Xu
2023-08-25 13:54 ` [PATCH 09/29] vfs: move file_accessed() to the beginning of iterate_dir() Hao Xu
2023-08-25 13:54 ` [PATCH 10/29] vfs: add S_NOWAIT for nowait time update Hao Xu
2023-08-25 13:54 ` [PATCH 11/29] vfs: trylock inode->i_rwsem in iterate_dir() to support nowait Hao Xu
2023-08-25 13:54 ` [PATCH 12/29] xfs: enforce GFP_NOIO implicitly during nowait time update Hao Xu
2023-08-25 14:20   ` Matthew Wilcox
2023-08-25 13:54 ` [PATCH 13/29] xfs: make xfs_trans_alloc() support nowait semantics Hao Xu
2023-08-25 13:54 ` [PATCH 14/29] xfs: support nowait for xfs_log_reserve() Hao Xu
2023-08-25 13:54 ` [PATCH 15/29] xfs: don't wait for free space in xlog_grant_head_check() in nowait case Hao Xu
2023-08-25 13:54 ` [PATCH 16/29] xfs: add nowait parameter for xfs_inode_item_init() Hao Xu
2023-08-25 13:54 ` [PATCH 17/29] xfs: make xfs_trans_ijoin() error out -EAGAIN Hao Xu
2023-08-25 13:54 ` [PATCH 18/29] xfs: set XBF_NOWAIT for xfs_buf_read_map if necessary Hao Xu
2023-08-25 13:54 ` [PATCH 19/29] xfs: support nowait memory allocation in _xfs_buf_alloc() Hao Xu
2023-08-25 13:54 ` [PATCH 20/29] xfs: distinguish error type of memory allocation failure for nowait case Hao Xu
2023-08-25 13:54 ` [PATCH 21/29] xfs: return -EAGAIN when bulk memory allocation fails in " Hao Xu
2023-08-25 13:54 ` [PATCH 22/29] xfs: comment page allocation for nowait case in xfs_buf_find_insert() Hao Xu
2023-08-25 14:09   ` Matthew Wilcox
2023-08-25 13:54 ` [PATCH 23/29] xfs: don't print warn info for -EAGAIN error in xfs_buf_get_map() Hao Xu
2023-08-25 13:54 ` [PATCH 24/29] xfs: support nowait for xfs_buf_read_map() Hao Xu
2023-08-25 21:53   ` Dave Chinner
2023-08-25 13:54 ` [PATCH 25/29] xfs: support nowait for xfs_buf_item_init() Hao Xu
2023-08-25 22:16   ` Dave Chinner [this message]
2023-08-25 13:54 ` [PATCH 26/29] xfs: return -EAGAIN when nowait meets sync in transaction commit Hao Xu
2023-08-25 21:58   ` Dave Chinner
2023-08-25 13:54 ` [PATCH 27/29] xfs: add a comment for xlog_kvmalloc() Hao Xu
2023-08-25 13:54 ` [PATCH 28/29] xfs: support nowait semantics for xc_ctx_lock in xlog_cil_commit() Hao Xu
2023-08-25 21:59   ` Dave Chinner
2023-08-25 13:54 ` [PATCH 29/29] io_uring: add support for getdents Hao Xu
2023-08-25 15:11 ` [PATCH RFC v5 00/29] io_uring getdents Darrick J. Wong
2023-08-25 22:53 ` Dave Chinner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox