Re: [PATCH 07/13] xfs: allow merging ioends over append boundaries

From: Darrick J. Wong
Date: Fri Jun 28 2019 - 13:06:34 EST

Next message: Mauro Carvalho Chehab: "Re: [PATCH v3] Documentation:sh:convert register-banks.txt and new-machine.txt to rst format."
Previous message: John Garry: "Re: [PATCH v3 1/4] perf pmu: Support more complex PMU event aliasing"
In reply to: Christoph Hellwig: "Re: [PATCH 07/13] xfs: allow merging ioends over append boundaries"
Next in thread: Christoph Hellwig: "[PATCH 08/13] xfs: simplify xfs_ioend_can_merge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 28, 2019 at 07:51:43AM +0200, Christoph Hellwig wrote:
> On Thu, Jun 27, 2019 at 11:23:09AM -0700, Darrick J. Wong wrote:
> > On Thu, Jun 27, 2019 at 12:48:30PM +0200, Christoph Hellwig wrote:
> > > There is no real problem merging ioends that go beyond i_size into an
> > > ioend that doesn't. We just need to move the append transaction to the
> > > base ioend. Also use the opportunity to use a real error code instead
> > > of the magic 1 to cancel the transactions, and write a comment
> > > explaining the scheme.
> > >
> > > Signed-off-by: Christoph Hellwig <hch@xxxxxx>
> >
> > Reading through this patch, I have a feeling it fixes the crash that
> > Zorro has been seeing occasionally with generic/475...
>
> So you think for some reason the disk i_size changes underneath and thus
> the xfs_ioend_is_append misfired vs the actual transaction allocations?
> I didn't even think of that, but using the different checks sure sounds
> dangerous. So yes, we'd either need to backport my patch, or at least
> replace the checks in xfs_ioend_can_merge with direct checks of
> io_append_trans.

That's my working theory, yes.

1. Dirty pages 0 and 2 of an empty file.

2. Writeback gets scheduled for pages 0 and 2, creating ioends A and C.
Both ioends describe writes past the on-disk isize so we allocate
transactions.

3. ioend C completes immediately, sets the ondisk isize to (3 * PAGESIZE).

4. Dirty page 1 of the file and immediately schedule writeback for it,
creating ioend B. ioend B describes a write within the on-disk isize so
we do not allocate setfilesize transaction.

5. ioend A and B complete and are sorted into the per-inode ioend
completion list. xfs_ioend_try_merge looks at ioend A, sees that ioend
can be merged with ioend B (same type, same cow status, same current
setfilesize status (which does not reflect the setfilesize status when A
was created)) and therefore decides to merge them.

6. A has a setfilesize transaction so _try_merge calls
xfs_setfilesize_ioend(ioend B, -1) to cancel ioend B's transaction, but
as we saw in (4), ioend B has no transaction and crashes.

--D

Next message: Mauro Carvalho Chehab: "Re: [PATCH v3] Documentation:sh:convert register-banks.txt and new-machine.txt to rst format."
Previous message: John Garry: "Re: [PATCH v3 1/4] perf pmu: Support more complex PMU event aliasing"
In reply to: Christoph Hellwig: "Re: [PATCH 07/13] xfs: allow merging ioends over append boundaries"
Next in thread: Christoph Hellwig: "[PATCH 08/13] xfs: simplify xfs_ioend_can_merge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]