xfs: fix EFI recovery livelocks
This series fixes a customer-reported transaction reservation bug introduced ten years ago that could result in livelocks during log recovery. Log intent item recovery single-steps each step of a deferred op chain, which means that each step only needs to allocate one transaction's worth of space in the log, not an entire chain all at once. This single-stepping is critical to unpinning the log tail since there's nobody else to do it for us. This has been lightly tested with fstests. Enjoy! Signed-off-by: Darrick J. Wong <djwong@kernel.org> -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQ2qTKExjcn+O1o2YRKO3ySh0YRpgUCZQChOQAKCRBKO3ySh0YR pt1uAQCkc4vnjA7C1eUsCwqnzK/A9fstwTnmx7qlGGfFM7wwowD7BqQX2AAeYUvu iT4UzvG9kao+jNNr0zx+ddYOOTJcrgI= =H9nC -----END PGP SIGNATURE----- Merge tag 'fix-efi-recovery-6.6_2023-09-12' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.6-fixesA xfs: fix EFI recovery livelocks This series fixes a customer-reported transaction reservation bug introduced ten years ago that could result in livelocks during log recovery. Log intent item recovery single-steps each step of a deferred op chain, which means that each step only needs to allocate one transaction's worth of space in the log, not an entire chain all at once. This single-stepping is critical to unpinning the log tail since there's nobody else to do it for us. Signed-off-by: Darrick J. Wong <djwong@kernel.org> Signed-off-by: Chandan Babu R <chandanbabu@kernel.org> * tag 'fix-efi-recovery-6.6_2023-09-12' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: reserve less log space when recovering log intent items
This commit is contained in:
commit
b6c2b6378d
@ -131,4 +131,26 @@ void xlog_check_buf_cancel_table(struct xlog *log);
|
||||
#define xlog_check_buf_cancel_table(log) do { } while (0)
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Transform a regular reservation into one suitable for recovery of a log
|
||||
* intent item.
|
||||
*
|
||||
* Intent recovery only runs a single step of the transaction chain and defers
|
||||
* the rest to a separate transaction. Therefore, we reduce logcount to 1 here
|
||||
* to avoid livelocks if the log grant space is nearly exhausted due to the
|
||||
* recovered intent pinning the tail. Keep the same logflags to avoid tripping
|
||||
* asserts elsewhere. Struct copies abound below.
|
||||
*/
|
||||
static inline struct xfs_trans_res
|
||||
xlog_recover_resv(const struct xfs_trans_res *r)
|
||||
{
|
||||
struct xfs_trans_res ret = {
|
||||
.tr_logres = r->tr_logres,
|
||||
.tr_logcount = 1,
|
||||
.tr_logflags = r->tr_logflags,
|
||||
};
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* __XFS_LOG_RECOVER_H__ */
|
||||
|
@ -547,7 +547,7 @@ xfs_attri_item_recover(
|
||||
struct xfs_inode *ip;
|
||||
struct xfs_da_args *args;
|
||||
struct xfs_trans *tp;
|
||||
struct xfs_trans_res tres;
|
||||
struct xfs_trans_res resv;
|
||||
struct xfs_attri_log_format *attrp;
|
||||
struct xfs_attri_log_nameval *nv = attrip->attri_nameval;
|
||||
int error;
|
||||
@ -618,8 +618,9 @@ xfs_attri_item_recover(
|
||||
goto out;
|
||||
}
|
||||
|
||||
xfs_init_attr_trans(args, &tres, &total);
|
||||
error = xfs_trans_alloc(mp, &tres, total, 0, XFS_TRANS_RESERVE, &tp);
|
||||
xfs_init_attr_trans(args, &resv, &total);
|
||||
resv = xlog_recover_resv(&resv);
|
||||
error = xfs_trans_alloc(mp, &resv, total, 0, XFS_TRANS_RESERVE, &tp);
|
||||
if (error)
|
||||
goto out;
|
||||
|
||||
|
@ -490,6 +490,7 @@ xfs_bui_item_recover(
|
||||
struct list_head *capture_list)
|
||||
{
|
||||
struct xfs_bmap_intent fake = { };
|
||||
struct xfs_trans_res resv;
|
||||
struct xfs_bui_log_item *buip = BUI_ITEM(lip);
|
||||
struct xfs_trans *tp;
|
||||
struct xfs_inode *ip = NULL;
|
||||
@ -515,7 +516,8 @@ xfs_bui_item_recover(
|
||||
return error;
|
||||
|
||||
/* Allocate transaction and do the work. */
|
||||
error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate,
|
||||
resv = xlog_recover_resv(&M_RES(mp)->tr_itruncate);
|
||||
error = xfs_trans_alloc(mp, &resv,
|
||||
XFS_EXTENTADD_SPACE_RES(mp, XFS_DATA_FORK), 0, 0, &tp);
|
||||
if (error)
|
||||
goto err_rele;
|
||||
|
@ -660,6 +660,7 @@ xfs_efi_item_recover(
|
||||
struct xfs_log_item *lip,
|
||||
struct list_head *capture_list)
|
||||
{
|
||||
struct xfs_trans_res resv;
|
||||
struct xfs_efi_log_item *efip = EFI_ITEM(lip);
|
||||
struct xfs_mount *mp = lip->li_log->l_mp;
|
||||
struct xfs_efd_log_item *efdp;
|
||||
@ -683,7 +684,8 @@ xfs_efi_item_recover(
|
||||
}
|
||||
}
|
||||
|
||||
error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate, 0, 0, 0, &tp);
|
||||
resv = xlog_recover_resv(&M_RES(mp)->tr_itruncate);
|
||||
error = xfs_trans_alloc(mp, &resv, 0, 0, 0, &tp);
|
||||
if (error)
|
||||
return error;
|
||||
efdp = xfs_trans_get_efd(tp, efip, efip->efi_format.efi_nextents);
|
||||
|
@ -477,6 +477,7 @@ xfs_cui_item_recover(
|
||||
struct xfs_log_item *lip,
|
||||
struct list_head *capture_list)
|
||||
{
|
||||
struct xfs_trans_res resv;
|
||||
struct xfs_cui_log_item *cuip = CUI_ITEM(lip);
|
||||
struct xfs_cud_log_item *cudp;
|
||||
struct xfs_trans *tp;
|
||||
@ -514,8 +515,9 @@ xfs_cui_item_recover(
|
||||
* doesn't fit. We need to reserve enough blocks to handle a
|
||||
* full btree split on either end of the refcount range.
|
||||
*/
|
||||
error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate,
|
||||
mp->m_refc_maxlevels * 2, 0, XFS_TRANS_RESERVE, &tp);
|
||||
resv = xlog_recover_resv(&M_RES(mp)->tr_itruncate);
|
||||
error = xfs_trans_alloc(mp, &resv, mp->m_refc_maxlevels * 2, 0,
|
||||
XFS_TRANS_RESERVE, &tp);
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
|
@ -507,6 +507,7 @@ xfs_rui_item_recover(
|
||||
struct xfs_log_item *lip,
|
||||
struct list_head *capture_list)
|
||||
{
|
||||
struct xfs_trans_res resv;
|
||||
struct xfs_rui_log_item *ruip = RUI_ITEM(lip);
|
||||
struct xfs_rud_log_item *rudp;
|
||||
struct xfs_trans *tp;
|
||||
@ -530,8 +531,9 @@ xfs_rui_item_recover(
|
||||
}
|
||||
}
|
||||
|
||||
error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate,
|
||||
mp->m_rmap_maxlevels, 0, XFS_TRANS_RESERVE, &tp);
|
||||
resv = xlog_recover_resv(&M_RES(mp)->tr_itruncate);
|
||||
error = xfs_trans_alloc(mp, &resv, mp->m_rmap_maxlevels, 0,
|
||||
XFS_TRANS_RESERVE, &tp);
|
||||
if (error)
|
||||
return error;
|
||||
rudp = xfs_trans_get_rud(tp, ruip);
|
||||
|
Loading…
Reference in New Issue
Block a user