2021-01-26 16:33:47 +08:00
// SPDX-License-Identifier: GPL-2.0
# include <linux/slab.h>
# include "ctree.h"
# include "subpage.h"
btrfs: subpage: fix a rare race between metadata endio and eb freeing
[BUG]
There is a very rare ASSERT() triggering during full fstests run for
subpage rw support.
No other reproducer so far.
The ASSERT() gets triggered for metadata read in
btrfs_page_set_uptodate() inside end_page_read().
[CAUSE]
There is still a small race window for metadata only, the race could
happen like this:
T1 | T2
------------------------------------+-----------------------------
end_bio_extent_readpage() |
|- btrfs_validate_metadata_buffer() |
| |- free_extent_buffer() |
| Still have 2 refs |
|- end_page_read() |
|- if (unlikely(PagePrivate()) |
| The page still has Private |
| | free_extent_buffer()
| | | Only one ref 1, will be
| | | released
| | |- detach_extent_buffer_page()
| | |- btrfs_detach_subpage()
|- btrfs_set_page_uptodate() |
The page no longer has Private|
>>> ASSERT() triggered <<< |
This race window is super small, thus pretty hard to hit, even with so
many runs of fstests.
But the race window is still there, we have to go another way to solve
it other than relying on random PagePrivate() check.
Data path is not affected, as it will lock the page before reading,
while unlocking the page after the last read has finished, thus no race
window.
[FIX]
This patch will fix the bug by repurposing btrfs_subpage::readers.
Now btrfs_subpage::readers will be a member shared by both metadata and
data.
For metadata path, we don't do the page unlock as metadata only relies
on extent locking.
At the same time, teach page_range_has_eb() to take
btrfs_subpage::readers into consideration.
So that even if the last eb of a page gets freed, page::private won't be
detached as long as there still are pending end_page_read() calls.
By this we eliminate the race window, this will slight increase the
metadata memory usage, as the page may not be released as frequently as
usual. But it should not be a big deal.
The code got introduced in ("btrfs: submit read time repair only for
each corrupted sector"), but the fix is in a separate patch to keep the
problem description and the crash is rare so it should not hurt
bisectability.
Signed-off-by: Qu Wegruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-06-07 17:02:58 +08:00
# include "btrfs_inode.h"
2021-01-26 16:33:47 +08:00
2021-03-25 15:14:45 +08:00
/*
* Subpage ( sectorsize < PAGE_SIZE ) support overview :
*
* Limitations :
*
* - Only support 64 K page size for now
* This is to make metadata handling easier , as 64 K page would ensure
* all nodesize would fit inside one page , thus we don ' t need to handle
* cases where a tree block crosses several pages .
*
* - Only metadata read - write for now
* The data read - write part is in development .
*
* - Metadata can ' t cross 64 K page boundary
* btrfs - progs and kernel have done that for a while , thus only ancient
* filesystems could have such problem . For such case , do a graceful
* rejection .
*
* Special behavior :
*
* - Metadata
* Metadata read is fully supported .
* Meaning when reading one tree block will only trigger the read for the
* needed range , other unrelated range in the same page will not be touched .
*
* Metadata write support is partial .
* The writeback is still for the full page , but we will only submit
* the dirty extent buffers in the page .
*
* This means , if we have a metadata page like this :
*
* Page offset
* 0 16 K 32 K 48 K 64 K
* | /////////| |///////////|
* \ - Tree block A \ - Tree block B
*
* Even if we just want to writeback tree block A , we will also writeback
* tree block B if it ' s also dirty .
*
* This may cause extra metadata writeback which results more COW .
*
* Implementation :
*
* - Common
* Both metadata and data will use a new structure , btrfs_subpage , to
* record the status of each sector inside a page . This provides the extra
* granularity needed .
*
* - Metadata
* Since we have multiple tree blocks inside one page , we can ' t rely on page
* locking anymore , or we will have greatly reduced concurrency or even
* deadlocks ( hold one tree lock while trying to lock another tree lock in
* the same page ) .
*
* Thus for metadata locking , subpage support relies on io_tree locking only .
* This means a slightly higher tree locking latency .
*/
2021-08-17 17:38:51 +08:00
void btrfs_init_subpage_info ( struct btrfs_subpage_info * subpage_info , u32 sectorsize )
{
unsigned int cur = 0 ;
unsigned int nr_bits ;
ASSERT ( IS_ALIGNED ( PAGE_SIZE , sectorsize ) ) ;
nr_bits = PAGE_SIZE / sectorsize ;
subpage_info - > bitmap_nr_bits = nr_bits ;
subpage_info - > uptodate_offset = cur ;
cur + = nr_bits ;
subpage_info - > error_offset = cur ;
cur + = nr_bits ;
subpage_info - > dirty_offset = cur ;
cur + = nr_bits ;
subpage_info - > writeback_offset = cur ;
cur + = nr_bits ;
subpage_info - > ordered_offset = cur ;
cur + = nr_bits ;
2021-09-27 15:21:49 +08:00
subpage_info - > checked_offset = cur ;
cur + = nr_bits ;
2021-08-17 17:38:51 +08:00
subpage_info - > total_nr_bits = cur ;
}
2021-01-26 16:33:47 +08:00
int btrfs_attach_subpage ( const struct btrfs_fs_info * fs_info ,
struct page * page , enum btrfs_subpage_type type )
{
2021-08-17 17:38:50 +08:00
struct btrfs_subpage * subpage ;
2021-01-26 16:33:47 +08:00
/*
* We have cases like a dummy extent buffer page , which is not mappped
* and doesn ' t need to be locked .
*/
if ( page - > mapping )
ASSERT ( PageLocked ( page ) ) ;
2021-08-17 17:38:50 +08:00
2021-01-26 16:33:47 +08:00
/* Either not subpage, or the page already has private attached */
if ( fs_info - > sectorsize = = PAGE_SIZE | | PagePrivate ( page ) )
return 0 ;
2021-08-17 17:38:50 +08:00
subpage = btrfs_alloc_subpage ( fs_info , type ) ;
if ( IS_ERR ( subpage ) )
return PTR_ERR ( subpage ) ;
2021-01-26 16:33:47 +08:00
attach_page_private ( page , subpage ) ;
return 0 ;
}
void btrfs_detach_subpage ( const struct btrfs_fs_info * fs_info ,
struct page * page )
{
struct btrfs_subpage * subpage ;
/* Either not subpage, or already detached */
if ( fs_info - > sectorsize = = PAGE_SIZE | | ! PagePrivate ( page ) )
return ;
subpage = ( struct btrfs_subpage * ) detach_page_private ( page ) ;
ASSERT ( subpage ) ;
2021-01-26 16:33:48 +08:00
btrfs_free_subpage ( subpage ) ;
}
2021-08-17 17:38:50 +08:00
struct btrfs_subpage * btrfs_alloc_subpage ( const struct btrfs_fs_info * fs_info ,
enum btrfs_subpage_type type )
2021-01-26 16:33:48 +08:00
{
2021-08-17 17:38:50 +08:00
struct btrfs_subpage * ret ;
2021-08-17 17:38:52 +08:00
unsigned int real_size ;
2021-08-17 17:38:50 +08:00
2021-08-17 17:38:49 +08:00
ASSERT ( fs_info - > sectorsize < PAGE_SIZE ) ;
2021-01-26 16:33:48 +08:00
2021-08-17 17:38:52 +08:00
real_size = struct_size ( ret , bitmaps ,
BITS_TO_LONGS ( fs_info - > subpage_info - > total_nr_bits ) ) ;
ret = kzalloc ( real_size , GFP_NOFS ) ;
2021-08-17 17:38:50 +08:00
if ( ! ret )
return ERR_PTR ( - ENOMEM ) ;
spin_lock_init ( & ret - > lock ) ;
2021-05-31 16:50:44 +08:00
if ( type = = BTRFS_SUBPAGE_METADATA ) {
2021-08-17 17:38:50 +08:00
atomic_set ( & ret - > eb_refs , 0 ) ;
2021-05-31 16:50:44 +08:00
} else {
2021-08-17 17:38:50 +08:00
atomic_set ( & ret - > readers , 0 ) ;
atomic_set ( & ret - > writers , 0 ) ;
2021-05-31 16:50:44 +08:00
}
2021-08-17 17:38:50 +08:00
return ret ;
2021-01-26 16:33:48 +08:00
}
void btrfs_free_subpage ( struct btrfs_subpage * subpage )
{
2021-01-26 16:33:47 +08:00
kfree ( subpage ) ;
}
btrfs: support subpage for extent buffer page release
In btrfs_release_extent_buffer_pages(), we need to add extra handling
for subpage.
Introduce a helper, detach_extent_buffer_page(), to do different
handling for regular and subpage cases.
For subpage case, handle detaching page private.
For unmapped (dummy or cloned) ebs, we can detach the page private
immediately as the page can only be attached to one unmapped eb.
For mapped ebs, we have to ensure there are no eb in the page range
before we delete it, as page->private is shared between all ebs in the
same page.
But there is a subpage specific race, where we can race with extent
buffer allocation, and clear the page private while new eb is still
being utilized, like this:
Extent buffer A is the new extent buffer which will be allocated,
while extent buffer B is the last existing extent buffer of the page.
T1 (eb A) | T2 (eb B)
-------------------------------+------------------------------
alloc_extent_buffer() | btrfs_release_extent_buffer_pages()
|- p = find_or_create_page() | |
|- attach_extent_buffer_page() | |
| | |- detach_extent_buffer_page()
| | |- if (!page_range_has_eb())
| | | No new eb in the page range yet
| | | As new eb A hasn't yet been
| | | inserted into radix tree.
| | |- btrfs_detach_subpage()
| | |- detach_page_private();
|- radix_tree_insert() |
Then we have a metadata eb whose page has no private bit.
To avoid such race, we introduce a subpage metadata-specific member,
btrfs_subpage::eb_refs.
In alloc_extent_buffer() we increase eb_refs in the critical section of
private_lock. Then page_range_has_eb() will return true for
detach_extent_buffer_page(), and will not detach page private.
The section is marked by:
- btrfs_page_inc_eb_refs()
- btrfs_page_dec_eb_refs()
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-01-26 16:33:50 +08:00
/*
* Increase the eb_refs of current subpage .
*
* This is important for eb allocation , to prevent race with last eb freeing
* of the same page .
* With the eb_refs increased before the eb inserted into radix tree ,
* detach_extent_buffer_page ( ) won ' t detach the page private while we ' re still
* allocating the extent buffer .
*/
void btrfs_page_inc_eb_refs ( const struct btrfs_fs_info * fs_info ,
struct page * page )
{
struct btrfs_subpage * subpage ;
if ( fs_info - > sectorsize = = PAGE_SIZE )
return ;
ASSERT ( PagePrivate ( page ) & & page - > mapping ) ;
lockdep_assert_held ( & page - > mapping - > private_lock ) ;
subpage = ( struct btrfs_subpage * ) page - > private ;
atomic_inc ( & subpage - > eb_refs ) ;
}
void btrfs_page_dec_eb_refs ( const struct btrfs_fs_info * fs_info ,
struct page * page )
{
struct btrfs_subpage * subpage ;
if ( fs_info - > sectorsize = = PAGE_SIZE )
return ;
ASSERT ( PagePrivate ( page ) & & page - > mapping ) ;
lockdep_assert_held ( & page - > mapping - > private_lock ) ;
subpage = ( struct btrfs_subpage * ) page - > private ;
ASSERT ( atomic_read ( & subpage - > eb_refs ) ) ;
atomic_dec ( & subpage - > eb_refs ) ;
}
2021-01-26 16:33:52 +08:00
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
static void btrfs_subpage_assert ( const struct btrfs_fs_info * fs_info ,
2021-01-26 16:33:52 +08:00
struct page * page , u64 start , u32 len )
{
/* Basic checks */
ASSERT ( PagePrivate ( page ) & & page - > private ) ;
ASSERT ( IS_ALIGNED ( start , fs_info - > sectorsize ) & &
IS_ALIGNED ( len , fs_info - > sectorsize ) ) ;
/*
* The range check only works for mapped page , we can still have
* unmapped page like dummy extent buffer pages .
*/
if ( page - > mapping )
ASSERT ( page_offset ( page ) < = start & &
start + len < = page_offset ( page ) + PAGE_SIZE ) ;
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
}
void btrfs_subpage_start_reader ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
const int nbits = len > > fs_info - > sectorsize_bits ;
btrfs_subpage_assert ( fs_info , page , start , len ) ;
btrfs: subpage: fix a rare race between metadata endio and eb freeing
[BUG]
There is a very rare ASSERT() triggering during full fstests run for
subpage rw support.
No other reproducer so far.
The ASSERT() gets triggered for metadata read in
btrfs_page_set_uptodate() inside end_page_read().
[CAUSE]
There is still a small race window for metadata only, the race could
happen like this:
T1 | T2
------------------------------------+-----------------------------
end_bio_extent_readpage() |
|- btrfs_validate_metadata_buffer() |
| |- free_extent_buffer() |
| Still have 2 refs |
|- end_page_read() |
|- if (unlikely(PagePrivate()) |
| The page still has Private |
| | free_extent_buffer()
| | | Only one ref 1, will be
| | | released
| | |- detach_extent_buffer_page()
| | |- btrfs_detach_subpage()
|- btrfs_set_page_uptodate() |
The page no longer has Private|
>>> ASSERT() triggered <<< |
This race window is super small, thus pretty hard to hit, even with so
many runs of fstests.
But the race window is still there, we have to go another way to solve
it other than relying on random PagePrivate() check.
Data path is not affected, as it will lock the page before reading,
while unlocking the page after the last read has finished, thus no race
window.
[FIX]
This patch will fix the bug by repurposing btrfs_subpage::readers.
Now btrfs_subpage::readers will be a member shared by both metadata and
data.
For metadata path, we don't do the page unlock as metadata only relies
on extent locking.
At the same time, teach page_range_has_eb() to take
btrfs_subpage::readers into consideration.
So that even if the last eb of a page gets freed, page::private won't be
detached as long as there still are pending end_page_read() calls.
By this we eliminate the race window, this will slight increase the
metadata memory usage, as the page may not be released as frequently as
usual. But it should not be a big deal.
The code got introduced in ("btrfs: submit read time repair only for
each corrupted sector"), but the fix is in a separate patch to keep the
problem description and the crash is rare so it should not hurt
bisectability.
Signed-off-by: Qu Wegruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-06-07 17:02:58 +08:00
atomic_add ( nbits , & subpage - > readers ) ;
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
}
void btrfs_subpage_end_reader ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
const int nbits = len > > fs_info - > sectorsize_bits ;
btrfs: subpage: fix a rare race between metadata endio and eb freeing
[BUG]
There is a very rare ASSERT() triggering during full fstests run for
subpage rw support.
No other reproducer so far.
The ASSERT() gets triggered for metadata read in
btrfs_page_set_uptodate() inside end_page_read().
[CAUSE]
There is still a small race window for metadata only, the race could
happen like this:
T1 | T2
------------------------------------+-----------------------------
end_bio_extent_readpage() |
|- btrfs_validate_metadata_buffer() |
| |- free_extent_buffer() |
| Still have 2 refs |
|- end_page_read() |
|- if (unlikely(PagePrivate()) |
| The page still has Private |
| | free_extent_buffer()
| | | Only one ref 1, will be
| | | released
| | |- detach_extent_buffer_page()
| | |- btrfs_detach_subpage()
|- btrfs_set_page_uptodate() |
The page no longer has Private|
>>> ASSERT() triggered <<< |
This race window is super small, thus pretty hard to hit, even with so
many runs of fstests.
But the race window is still there, we have to go another way to solve
it other than relying on random PagePrivate() check.
Data path is not affected, as it will lock the page before reading,
while unlocking the page after the last read has finished, thus no race
window.
[FIX]
This patch will fix the bug by repurposing btrfs_subpage::readers.
Now btrfs_subpage::readers will be a member shared by both metadata and
data.
For metadata path, we don't do the page unlock as metadata only relies
on extent locking.
At the same time, teach page_range_has_eb() to take
btrfs_subpage::readers into consideration.
So that even if the last eb of a page gets freed, page::private won't be
detached as long as there still are pending end_page_read() calls.
By this we eliminate the race window, this will slight increase the
metadata memory usage, as the page may not be released as frequently as
usual. But it should not be a big deal.
The code got introduced in ("btrfs: submit read time repair only for
each corrupted sector"), but the fix is in a separate patch to keep the
problem description and the crash is rare so it should not hurt
bisectability.
Signed-off-by: Qu Wegruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-06-07 17:02:58 +08:00
bool is_data ;
bool last ;
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
btrfs_subpage_assert ( fs_info , page , start , len ) ;
btrfs: subpage: fix a rare race between metadata endio and eb freeing
[BUG]
There is a very rare ASSERT() triggering during full fstests run for
subpage rw support.
No other reproducer so far.
The ASSERT() gets triggered for metadata read in
btrfs_page_set_uptodate() inside end_page_read().
[CAUSE]
There is still a small race window for metadata only, the race could
happen like this:
T1 | T2
------------------------------------+-----------------------------
end_bio_extent_readpage() |
|- btrfs_validate_metadata_buffer() |
| |- free_extent_buffer() |
| Still have 2 refs |
|- end_page_read() |
|- if (unlikely(PagePrivate()) |
| The page still has Private |
| | free_extent_buffer()
| | | Only one ref 1, will be
| | | released
| | |- detach_extent_buffer_page()
| | |- btrfs_detach_subpage()
|- btrfs_set_page_uptodate() |
The page no longer has Private|
>>> ASSERT() triggered <<< |
This race window is super small, thus pretty hard to hit, even with so
many runs of fstests.
But the race window is still there, we have to go another way to solve
it other than relying on random PagePrivate() check.
Data path is not affected, as it will lock the page before reading,
while unlocking the page after the last read has finished, thus no race
window.
[FIX]
This patch will fix the bug by repurposing btrfs_subpage::readers.
Now btrfs_subpage::readers will be a member shared by both metadata and
data.
For metadata path, we don't do the page unlock as metadata only relies
on extent locking.
At the same time, teach page_range_has_eb() to take
btrfs_subpage::readers into consideration.
So that even if the last eb of a page gets freed, page::private won't be
detached as long as there still are pending end_page_read() calls.
By this we eliminate the race window, this will slight increase the
metadata memory usage, as the page may not be released as frequently as
usual. But it should not be a big deal.
The code got introduced in ("btrfs: submit read time repair only for
each corrupted sector"), but the fix is in a separate patch to keep the
problem description and the crash is rare so it should not hurt
bisectability.
Signed-off-by: Qu Wegruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-06-07 17:02:58 +08:00
is_data = is_data_inode ( page - > mapping - > host ) ;
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
ASSERT ( atomic_read ( & subpage - > readers ) > = nbits ) ;
btrfs: subpage: fix a rare race between metadata endio and eb freeing
[BUG]
There is a very rare ASSERT() triggering during full fstests run for
subpage rw support.
No other reproducer so far.
The ASSERT() gets triggered for metadata read in
btrfs_page_set_uptodate() inside end_page_read().
[CAUSE]
There is still a small race window for metadata only, the race could
happen like this:
T1 | T2
------------------------------------+-----------------------------
end_bio_extent_readpage() |
|- btrfs_validate_metadata_buffer() |
| |- free_extent_buffer() |
| Still have 2 refs |
|- end_page_read() |
|- if (unlikely(PagePrivate()) |
| The page still has Private |
| | free_extent_buffer()
| | | Only one ref 1, will be
| | | released
| | |- detach_extent_buffer_page()
| | |- btrfs_detach_subpage()
|- btrfs_set_page_uptodate() |
The page no longer has Private|
>>> ASSERT() triggered <<< |
This race window is super small, thus pretty hard to hit, even with so
many runs of fstests.
But the race window is still there, we have to go another way to solve
it other than relying on random PagePrivate() check.
Data path is not affected, as it will lock the page before reading,
while unlocking the page after the last read has finished, thus no race
window.
[FIX]
This patch will fix the bug by repurposing btrfs_subpage::readers.
Now btrfs_subpage::readers will be a member shared by both metadata and
data.
For metadata path, we don't do the page unlock as metadata only relies
on extent locking.
At the same time, teach page_range_has_eb() to take
btrfs_subpage::readers into consideration.
So that even if the last eb of a page gets freed, page::private won't be
detached as long as there still are pending end_page_read() calls.
By this we eliminate the race window, this will slight increase the
metadata memory usage, as the page may not be released as frequently as
usual. But it should not be a big deal.
The code got introduced in ("btrfs: submit read time repair only for
each corrupted sector"), but the fix is in a separate patch to keep the
problem description and the crash is rare so it should not hurt
bisectability.
Signed-off-by: Qu Wegruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-06-07 17:02:58 +08:00
last = atomic_sub_and_test ( nbits , & subpage - > readers ) ;
/*
* For data we need to unlock the page if the last read has finished .
*
* And please don ' t replace @ last with atomic_sub_and_test ( ) call
* inside if ( ) condition .
* As we want the atomic_sub_and_test ( ) to be always executed .
*/
if ( is_data & & last )
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
unlock_page ( page ) ;
}
2021-05-31 16:50:44 +08:00
static void btrfs_subpage_clamp_range ( struct page * page , u64 * start , u32 * len )
{
u64 orig_start = * start ;
u32 orig_len = * len ;
* start = max_t ( u64 , page_offset ( page ) , orig_start ) ;
2021-09-27 15:21:49 +08:00
/*
* For certain call sites like btrfs_drop_pages ( ) , we may have pages
* beyond the target range . In that case , just set @ len to 0 , subpage
* helpers can handle @ len = = 0 without any problem .
*/
if ( page_offset ( page ) > = orig_start + orig_len )
* len = 0 ;
else
* len = min_t ( u64 , page_offset ( page ) + PAGE_SIZE ,
orig_start + orig_len ) - * start ;
2021-05-31 16:50:44 +08:00
}
void btrfs_subpage_start_writer ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
const int nbits = ( len > > fs_info - > sectorsize_bits ) ;
int ret ;
btrfs_subpage_assert ( fs_info , page , start , len ) ;
ASSERT ( atomic_read ( & subpage - > readers ) = = 0 ) ;
ret = atomic_add_return ( nbits , & subpage - > writers ) ;
ASSERT ( ret = = nbits ) ;
}
bool btrfs_subpage_end_and_test_writer ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
const int nbits = ( len > > fs_info - > sectorsize_bits ) ;
btrfs_subpage_assert ( fs_info , page , start , len ) ;
2021-09-27 15:22:06 +08:00
/*
* We have call sites passing @ lock_page into
* extent_clear_unlock_delalloc ( ) for compression path .
*
* This @ locked_page is locked by plain lock_page ( ) , thus its
* subpage : : writers is 0. Handle them in a special way .
*/
if ( atomic_read ( & subpage - > writers ) = = 0 )
return true ;
2021-05-31 16:50:44 +08:00
ASSERT ( atomic_read ( & subpage - > writers ) > = nbits ) ;
return atomic_sub_and_test ( nbits , & subpage - > writers ) ;
}
/*
* Lock a page for delalloc page writeback .
*
* Return - EAGAIN if the page is not properly initialized .
* Return 0 with the page locked , and writer counter updated .
*
* Even with 0 returned , the page still need extra check to make sure
* it ' s really the correct page , as the caller is using
* find_get_pages_contig ( ) , which can race with page invalidating .
*/
int btrfs_page_start_writer_lock ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) {
lock_page ( page ) ;
return 0 ;
}
lock_page ( page ) ;
if ( ! PagePrivate ( page ) | | ! page - > private ) {
unlock_page ( page ) ;
return - EAGAIN ;
}
btrfs_subpage_clamp_range ( page , & start , & len ) ;
btrfs_subpage_start_writer ( fs_info , page , start , len ) ;
return 0 ;
}
void btrfs_page_end_writer_lock ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE )
return unlock_page ( page ) ;
btrfs_subpage_clamp_range ( page , & start , & len ) ;
if ( btrfs_subpage_end_and_test_writer ( fs_info , page , start , len ) )
unlock_page ( page ) ;
}
2021-08-17 17:38:52 +08:00
static bool bitmap_test_range_all_set ( unsigned long * addr , unsigned int start ,
unsigned int nbits )
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
{
2021-08-17 17:38:52 +08:00
unsigned int found_zero ;
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
2021-08-17 17:38:52 +08:00
found_zero = find_next_zero_bit ( addr , start + nbits , start ) ;
if ( found_zero = = start + nbits )
return true ;
return false ;
}
btrfs: integrate page status update for data read path into begin/end_page_read
In btrfs data page read path, the page status update are handled in two
different locations:
btrfs_do_read_page()
{
while (cur <= end) {
/* No need to read from disk */
if (HOLE/PREALLOC/INLINE){
memset();
set_extent_uptodate();
continue;
}
/* Read from disk */
ret = submit_extent_page(end_bio_extent_readpage);
}
end_bio_extent_readpage()
{
endio_readpage_uptodate_page_status();
}
This is fine for sectorsize == PAGE_SIZE case, as for above loop we
should only hit one branch and then exit.
But for subpage, there is more work to be done in page status update:
- Page Unlock condition
Unlike regular page size == sectorsize case, we can no longer just
unlock a page.
Only the last reader of the page can unlock the page.
This means, we can unlock the page either in the while() loop, or in
the endio function.
- Page uptodate condition
Since we have multiple sectors to read for a page, we can only mark
the full page uptodate if all sectors are uptodate.
To handle both subpage and regular cases, introduce a pair of functions
to help handling page status update:
- begin_page_read()
For regular case, it does nothing.
For subpage case, it updates the reader counters so that later
end_page_read() can know who is the last one to unlock the page.
- end_page_read()
This is just endio_readpage_uptodate_page_status() renamed.
The original name is a little too long and too specific for endio.
The new thing added is the condition for page unlock.
Now for subpage data, we unlock the page if we're the last reader.
This does not only provide the basis for subpage data read, but also
hide the special handling of page read from the main read loop.
Also, since we're changing how the page lock is handled, there are two
existing error paths where we need to manually unlock the page before
calling begin_page_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-02-02 10:28:36 +08:00
2021-08-17 17:38:52 +08:00
static bool bitmap_test_range_all_zero ( unsigned long * addr , unsigned int start ,
unsigned int nbits )
{
unsigned int found_set ;
found_set = find_next_bit ( addr , start + nbits , start ) ;
if ( found_set = = start + nbits )
return true ;
return false ;
2021-01-26 16:33:52 +08:00
}
2021-08-17 17:38:52 +08:00
# define subpage_calc_start_bit(fs_info, page, name, start, len) \
( { \
unsigned int start_bit ; \
\
btrfs_subpage_assert ( fs_info , page , start , len ) ; \
start_bit = offset_in_page ( start ) > > fs_info - > sectorsize_bits ; \
start_bit + = fs_info - > subpage_info - > name # # _offset ; \
start_bit ; \
} )
# define subpage_test_bitmap_all_set(fs_info, subpage, name) \
bitmap_test_range_all_set ( subpage - > bitmaps , \
fs_info - > subpage_info - > name # # _offset , \
fs_info - > subpage_info - > bitmap_nr_bits )
# define subpage_test_bitmap_all_zero(fs_info, subpage, name) \
bitmap_test_range_all_zero ( subpage - > bitmaps , \
fs_info - > subpage_info - > name # # _offset , \
fs_info - > subpage_info - > bitmap_nr_bits )
2021-01-26 16:33:52 +08:00
void btrfs_subpage_set_uptodate ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
uptodate , start , len ) ;
2021-01-26 16:33:52 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_set ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
if ( subpage_test_bitmap_all_set ( fs_info , subpage , uptodate ) )
2021-01-26 16:33:52 +08:00
SetPageUptodate ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
void btrfs_subpage_clear_uptodate ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
uptodate , start , len ) ;
2021-01-26 16:33:52 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_clear ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
2021-01-26 16:33:52 +08:00
ClearPageUptodate ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
2021-01-26 16:33:53 +08:00
void btrfs_subpage_set_error ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
error , start , len ) ;
2021-01-26 16:33:53 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_set ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
2021-01-26 16:33:53 +08:00
SetPageError ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
void btrfs_subpage_clear_error ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
error , start , len ) ;
2021-01-26 16:33:53 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_clear ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
if ( subpage_test_bitmap_all_zero ( fs_info , subpage , error ) )
2021-01-26 16:33:53 +08:00
ClearPageError ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
2021-03-25 15:14:37 +08:00
void btrfs_subpage_set_dirty ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
dirty , start , len ) ;
2021-03-25 15:14:37 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_set ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
2021-03-25 15:14:37 +08:00
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
set_page_dirty ( page ) ;
}
/*
* Extra clear_and_test function for subpage dirty bitmap .
*
* Return true if we ' re the last bits in the dirty_bitmap and clear the
* dirty_bitmap .
* Return false otherwise .
*
* NOTE : Callers should manually clear page dirty for true case , as we have
* extra handling for tree blocks .
*/
bool btrfs_subpage_clear_and_test_dirty ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
dirty , start , len ) ;
2021-03-25 15:14:37 +08:00
unsigned long flags ;
bool last = false ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_clear ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
if ( subpage_test_bitmap_all_zero ( fs_info , subpage , dirty ) )
2021-03-25 15:14:37 +08:00
last = true ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
return last ;
}
void btrfs_subpage_clear_dirty ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
bool last ;
last = btrfs_subpage_clear_and_test_dirty ( fs_info , page , start , len ) ;
if ( last )
clear_page_dirty_for_io ( page ) ;
}
2021-03-25 15:14:38 +08:00
void btrfs_subpage_set_writeback ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
writeback , start , len ) ;
2021-03-25 15:14:38 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_set ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
2021-03-25 15:14:38 +08:00
set_page_writeback ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
void btrfs_subpage_clear_writeback ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
writeback , start , len ) ;
2021-03-25 15:14:38 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_clear ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
if ( subpage_test_bitmap_all_zero ( fs_info , subpage , writeback ) ) {
2021-07-26 14:35:03 +08:00
ASSERT ( PageWriteback ( page ) ) ;
2021-03-25 15:14:38 +08:00
end_page_writeback ( page ) ;
2021-07-26 14:35:03 +08:00
}
2021-03-25 15:14:38 +08:00
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
2021-05-31 16:50:45 +08:00
void btrfs_subpage_set_ordered ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
ordered , start , len ) ;
2021-05-31 16:50:45 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_set ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
2021-05-31 16:50:45 +08:00
SetPageOrdered ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
void btrfs_subpage_clear_ordered ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
ordered , start , len ) ;
2021-05-31 16:50:45 +08:00
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
2021-08-17 17:38:52 +08:00
bitmap_clear ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
if ( subpage_test_bitmap_all_zero ( fs_info , subpage , ordered ) )
2021-05-31 16:50:45 +08:00
ClearPageOrdered ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
2021-09-27 15:21:49 +08:00
void btrfs_subpage_set_checked ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
checked , start , len ) ;
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
bitmap_set ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
if ( subpage_test_bitmap_all_set ( fs_info , subpage , checked ) )
SetPageChecked ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
void btrfs_subpage_clear_checked ( const struct btrfs_fs_info * fs_info ,
struct page * page , u64 start , u32 len )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page ,
checked , start , len ) ;
unsigned long flags ;
spin_lock_irqsave ( & subpage - > lock , flags ) ;
bitmap_clear ( subpage - > bitmaps , start_bit , len > > fs_info - > sectorsize_bits ) ;
ClearPageChecked ( page ) ;
spin_unlock_irqrestore ( & subpage - > lock , flags ) ;
}
2021-01-26 16:33:52 +08:00
/*
* Unlike set / clear which is dependent on each page status , for test all bits
* are tested in the same way .
*/
# define IMPLEMENT_BTRFS_SUBPAGE_TEST_OP(name) \
bool btrfs_subpage_test_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ; \
2021-08-17 17:38:52 +08:00
unsigned int start_bit = subpage_calc_start_bit ( fs_info , page , \
name , start , len ) ; \
2021-01-26 16:33:52 +08:00
unsigned long flags ; \
bool ret ; \
\
spin_lock_irqsave ( & subpage - > lock , flags ) ; \
2021-08-17 17:38:52 +08:00
ret = bitmap_test_range_all_set ( subpage - > bitmaps , start_bit , \
len > > fs_info - > sectorsize_bits ) ; \
2021-01-26 16:33:52 +08:00
spin_unlock_irqrestore ( & subpage - > lock , flags ) ; \
return ret ; \
}
IMPLEMENT_BTRFS_SUBPAGE_TEST_OP ( uptodate ) ;
2021-01-26 16:33:53 +08:00
IMPLEMENT_BTRFS_SUBPAGE_TEST_OP ( error ) ;
2021-03-25 15:14:37 +08:00
IMPLEMENT_BTRFS_SUBPAGE_TEST_OP ( dirty ) ;
2021-03-25 15:14:38 +08:00
IMPLEMENT_BTRFS_SUBPAGE_TEST_OP ( writeback ) ;
2021-05-31 16:50:45 +08:00
IMPLEMENT_BTRFS_SUBPAGE_TEST_OP ( ordered ) ;
2021-09-27 15:21:49 +08:00
IMPLEMENT_BTRFS_SUBPAGE_TEST_OP ( checked ) ;
2021-01-26 16:33:52 +08:00
/*
* Note that , in selftests ( extent - io - tests ) , we can have empty fs_info passed
* in . We only test sectorsize = = PAGE_SIZE cases so far , thus we can fall
* back to regular sectorsize branch .
*/
# define IMPLEMENT_BTRFS_PAGE_OPS(name, set_page_func, clear_page_func, \
test_page_func ) \
void btrfs_page_set_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) { \
set_page_func ( page ) ; \
return ; \
} \
btrfs_subpage_set_ # # name ( fs_info , page , start , len ) ; \
} \
void btrfs_page_clear_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) { \
clear_page_func ( page ) ; \
return ; \
} \
btrfs_subpage_clear_ # # name ( fs_info , page , start , len ) ; \
} \
bool btrfs_page_test_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) \
return test_page_func ( page ) ; \
return btrfs_subpage_test_ # # name ( fs_info , page , start , len ) ; \
2021-05-31 16:50:39 +08:00
} \
void btrfs_page_clamp_set_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) { \
set_page_func ( page ) ; \
return ; \
} \
btrfs_subpage_clamp_range ( page , & start , & len ) ; \
btrfs_subpage_set_ # # name ( fs_info , page , start , len ) ; \
} \
void btrfs_page_clamp_clear_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) { \
clear_page_func ( page ) ; \
return ; \
} \
btrfs_subpage_clamp_range ( page , & start , & len ) ; \
btrfs_subpage_clear_ # # name ( fs_info , page , start , len ) ; \
} \
bool btrfs_page_clamp_test_ # # name ( const struct btrfs_fs_info * fs_info , \
struct page * page , u64 start , u32 len ) \
{ \
if ( unlikely ( ! fs_info ) | | fs_info - > sectorsize = = PAGE_SIZE ) \
return test_page_func ( page ) ; \
btrfs_subpage_clamp_range ( page , & start , & len ) ; \
return btrfs_subpage_test_ # # name ( fs_info , page , start , len ) ; \
2021-01-26 16:33:52 +08:00
}
IMPLEMENT_BTRFS_PAGE_OPS ( uptodate , SetPageUptodate , ClearPageUptodate ,
PageUptodate ) ;
2021-01-26 16:33:53 +08:00
IMPLEMENT_BTRFS_PAGE_OPS ( error , SetPageError , ClearPageError , PageError ) ;
2021-03-25 15:14:37 +08:00
IMPLEMENT_BTRFS_PAGE_OPS ( dirty , set_page_dirty , clear_page_dirty_for_io ,
PageDirty ) ;
2021-03-25 15:14:38 +08:00
IMPLEMENT_BTRFS_PAGE_OPS ( writeback , set_page_writeback , end_page_writeback ,
PageWriteback ) ;
2021-05-31 16:50:45 +08:00
IMPLEMENT_BTRFS_PAGE_OPS ( ordered , SetPageOrdered , ClearPageOrdered ,
PageOrdered ) ;
2021-09-27 15:21:49 +08:00
IMPLEMENT_BTRFS_PAGE_OPS ( checked , SetPageChecked , ClearPageChecked , PageChecked ) ;
btrfs: subpage: fix writeback which does not have ordered extent
[BUG]
When running fsstress with subpage RW support, there are random
BUG_ON()s triggered with the following trace:
kernel BUG at fs/btrfs/file-item.c:667!
Internal error: Oops - BUG: 0 [#1] SMP
CPU: 1 PID: 3486 Comm: kworker/u13:2 5.11.0-rc4-custom+ #43
Hardware name: Radxa ROCK Pi 4B (DT)
Workqueue: btrfs-worker-high btrfs_work_helper [btrfs]
pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--)
pc : btrfs_csum_one_bio+0x420/0x4e0 [btrfs]
lr : btrfs_csum_one_bio+0x400/0x4e0 [btrfs]
Call trace:
btrfs_csum_one_bio+0x420/0x4e0 [btrfs]
btrfs_submit_bio_start+0x20/0x30 [btrfs]
run_one_async_start+0x28/0x44 [btrfs]
btrfs_work_helper+0x128/0x1b4 [btrfs]
process_one_work+0x22c/0x430
worker_thread+0x70/0x3a0
kthread+0x13c/0x140
ret_from_fork+0x10/0x30
[CAUSE]
Above BUG_ON() means there is some bio range which doesn't have ordered
extent, which indeed is worth a BUG_ON().
Unlike regular sectorsize == PAGE_SIZE case, in subpage we have extra
subpage dirty bitmap to record which range is dirty and should be
written back.
This means, if we submit bio for a subpage range, we do not only need to
clear page dirty, but also need to clear subpage dirty bits.
In __extent_writepage_io(), we will call btrfs_page_clear_dirty() for
any range we submit a bio.
But there is loophole, if we hit a range which is beyond i_size, we just
call btrfs_writepage_endio_finish_ordered() to finish the ordered io,
then break out, without clearing the subpage dirty.
This means, if we hit above branch, the subpage dirty bits are still
there, if other range of the page get dirtied and we need to writeback
that page again, we will submit bio for the old range, leaving a wild
bio range which doesn't have ordered extent.
[FIX]
Fix it by always calling btrfs_page_clear_dirty() in
__extent_writepage_io().
Also to avoid such problem from happening again, add a new assert,
btrfs_page_assert_not_dirty(), to make sure both page dirty and subpage
dirty bits are cleared before exiting __extent_writepage_io().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-07-26 14:34:58 +08:00
/*
* Make sure not only the page dirty bit is cleared , but also subpage dirty bit
* is cleared .
*/
void btrfs_page_assert_not_dirty ( const struct btrfs_fs_info * fs_info ,
struct page * page )
{
struct btrfs_subpage * subpage = ( struct btrfs_subpage * ) page - > private ;
if ( ! IS_ENABLED ( CONFIG_BTRFS_ASSERT ) )
return ;
ASSERT ( ! PageDirty ( page ) ) ;
if ( fs_info - > sectorsize = = PAGE_SIZE )
return ;
ASSERT ( PagePrivate ( page ) & & page - > private ) ;
2021-08-17 17:38:52 +08:00
ASSERT ( subpage_test_bitmap_all_zero ( fs_info , subpage , dirty ) ) ;
btrfs: subpage: fix writeback which does not have ordered extent
[BUG]
When running fsstress with subpage RW support, there are random
BUG_ON()s triggered with the following trace:
kernel BUG at fs/btrfs/file-item.c:667!
Internal error: Oops - BUG: 0 [#1] SMP
CPU: 1 PID: 3486 Comm: kworker/u13:2 5.11.0-rc4-custom+ #43
Hardware name: Radxa ROCK Pi 4B (DT)
Workqueue: btrfs-worker-high btrfs_work_helper [btrfs]
pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--)
pc : btrfs_csum_one_bio+0x420/0x4e0 [btrfs]
lr : btrfs_csum_one_bio+0x400/0x4e0 [btrfs]
Call trace:
btrfs_csum_one_bio+0x420/0x4e0 [btrfs]
btrfs_submit_bio_start+0x20/0x30 [btrfs]
run_one_async_start+0x28/0x44 [btrfs]
btrfs_work_helper+0x128/0x1b4 [btrfs]
process_one_work+0x22c/0x430
worker_thread+0x70/0x3a0
kthread+0x13c/0x140
ret_from_fork+0x10/0x30
[CAUSE]
Above BUG_ON() means there is some bio range which doesn't have ordered
extent, which indeed is worth a BUG_ON().
Unlike regular sectorsize == PAGE_SIZE case, in subpage we have extra
subpage dirty bitmap to record which range is dirty and should be
written back.
This means, if we submit bio for a subpage range, we do not only need to
clear page dirty, but also need to clear subpage dirty bits.
In __extent_writepage_io(), we will call btrfs_page_clear_dirty() for
any range we submit a bio.
But there is loophole, if we hit a range which is beyond i_size, we just
call btrfs_writepage_endio_finish_ordered() to finish the ordered io,
then break out, without clearing the subpage dirty.
This means, if we hit above branch, the subpage dirty bits are still
there, if other range of the page get dirtied and we need to writeback
that page again, we will submit bio for the old range, leaving a wild
bio range which doesn't have ordered extent.
[FIX]
Fix it by always calling btrfs_page_clear_dirty() in
__extent_writepage_io().
Also to avoid such problem from happening again, add a new assert,
btrfs_page_assert_not_dirty(), to make sure both page dirty and subpage
dirty bits are cleared before exiting __extent_writepage_io().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2021-07-26 14:34:58 +08:00
}
2021-09-27 15:22:05 +08:00
/*
* Handle different locked pages with different page sizes :
*
* - Page locked by plain lock_page ( )
* It should not have any subpage : : writers count .
* Can be unlocked by unlock_page ( ) .
* This is the most common locked page for __extent_writepage ( ) called
* inside extent_write_cache_pages ( ) or extent_write_full_page ( ) .
* Rarer cases include the @ locked_page from extent_write_locked_range ( ) .
*
* - Page locked by lock_delalloc_pages ( )
* There is only one caller , all pages except @ locked_page for
* extent_write_locked_range ( ) .
* In this case , we have to call subpage helper to handle the case .
*/
void btrfs_page_unlock_writer ( struct btrfs_fs_info * fs_info , struct page * page ,
u64 start , u32 len )
{
struct btrfs_subpage * subpage ;
ASSERT ( PageLocked ( page ) ) ;
/* For regular page size case, we just unlock the page */
if ( fs_info - > sectorsize = = PAGE_SIZE )
return unlock_page ( page ) ;
ASSERT ( PagePrivate ( page ) & & page - > private ) ;
subpage = ( struct btrfs_subpage * ) page - > private ;
/*
* For subpage case , there are two types of locked page . With or
* without writers number .
*
* Since we own the page lock , no one else could touch subpage : : writers
* and we are safe to do several atomic operations without spinlock .
*/
btrfs: subpage: fix a wrong check on subpage->writers
[BUG]
When looping btrfs/074 with 64K page size and 4K sectorsize, there is a
low chance (1/50~1/100) to crash with the following ASSERT() triggered
in btrfs_subpage_start_writer():
ret = atomic_add_return(nbits, &subpage->writers);
ASSERT(ret == nbits); <<< This one <<<
[CAUSE]
With more debugging output on the parameters of
btrfs_subpage_start_writer(), it shows a very concerning error:
ret=29 nbits=13 start=393216 len=53248
For @nbits it's correct, but @ret which is the returned value from
atomic_add_return(), it's not only larger than nbits, but also larger
than max sectors per page value (for 64K page size and 4K sector size,
it's 16).
This indicates that some call sites are not properly decreasing the value.
And that's exactly the case, in btrfs_page_unlock_writer(), due to the
fact that we can have page locked either by lock_page() or
process_one_page(), we have to check if the subpage has any writer.
If no writers, it's locked by lock_page() and we only need to unlock it.
But unfortunately the check for the writers are completely opposite:
if (atomic_read(&subpage->writers))
/* No writers, locked by plain lock_page() */
return unlock_page(page);
We directly unlock the page if it has writers, which is the completely
opposite what we want.
Thankfully the affected call site is only limited to
extent_write_locked_range(), so it's mostly affecting compressed write.
[FIX]
Just fix the wrong check condition to fix the bug.
Fixes: e55a0de18572 ("btrfs: rework page locking in __extent_writepage()")
CC: stable@vger.kernel.org # 5.16
Signed-off-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2022-02-18 10:13:00 +08:00
if ( atomic_read ( & subpage - > writers ) = = 0 )
2021-09-27 15:22:05 +08:00
/* No writers, locked by plain lock_page() */
return unlock_page ( page ) ;
/* Have writers, use proper subpage helper to end it */
btrfs_page_end_writer_lock ( fs_info , page , start , len ) ;
}