License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.
By default all files without license information are under the default
license of the kernel, which is GPL version 2.
Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.
This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.
How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,
Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.
The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.
The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.
Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if <5
lines).
All documentation files were explicitly excluded.
The following heuristics were used to determine which SPDX license
identifiers to apply.
- when both scanners couldn't find any license traces, file was
considered to have no license information in it, and the top level
COPYING file license applied.
For non */uapi/* files that summary was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 11139
and resulted in the first patch in this series.
If that file was a */uapi/* path one, it was "GPL-2.0 WITH
Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 WITH Linux-syscall-note 930
and resulted in the second patch in this series.
- if a file had some form of licensing information in it, and was one
of the */uapi/* ones, it was denoted with the Linux-syscall-note if
any GPL family license was found in the file or had no licensing in
it (per prior point). Results summary:
SPDX license identifier # files
---------------------------------------------------|------
GPL-2.0 WITH Linux-syscall-note 270
GPL-2.0+ WITH Linux-syscall-note 169
((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21
((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17
LGPL-2.1+ WITH Linux-syscall-note 15
GPL-1.0+ WITH Linux-syscall-note 14
((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5
LGPL-2.0+ WITH Linux-syscall-note 4
LGPL-2.1 WITH Linux-syscall-note 3
((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3
((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1
and that resulted in the third patch in this series.
- when the two scanners agreed on the detected license(s), that became
the concluded license(s).
- when there was disagreement between the two scanners (one detected a
license but the other didn't, or they both detected different
licenses) a manual inspection of the file occurred.
- In most cases a manual inspection of the information in the file
resulted in a clear resolution of the license that should apply (and
which scanner probably needed to revisit its heuristics).
- When it was not immediately clear, the license identifier was
confirmed with lawyers working with the Linux Foundation.
- If there was any question as to the appropriate license identifier,
the file was flagged for further research and to be revisited later
in time.
In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.
Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights. The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.
Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.
In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.
Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
- a full scancode scan run, collecting the matched texts, detected
license ids and scores
- reviewing anything where there was a license detected (about 500+
files) to ensure that the applied SPDX license was correct
- reviewing anything where there was no detection but the patch license
was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
SPDX license was correct
This produced a worksheet with 20 files needing minor correction. This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.
These .csv files were then reviewed by Greg. Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected. This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.) Finally Greg ran the script using the .csv files to
generate the patches.
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-01 22:07:57 +08:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0 */
|
2013-03-24 07:11:31 +08:00
|
|
|
#ifndef _BCACHE_H
|
|
|
|
#define _BCACHE_H
|
|
|
|
|
|
|
|
/*
|
|
|
|
* SOME HIGH LEVEL CODE DOCUMENTATION:
|
|
|
|
*
|
|
|
|
* Bcache mostly works with cache sets, cache devices, and backing devices.
|
|
|
|
*
|
|
|
|
* Support for multiple cache devices hasn't quite been finished off yet, but
|
|
|
|
* it's about 95% plumbed through. A cache set and its cache devices is sort of
|
|
|
|
* like a md raid array and its component devices. Most of the code doesn't care
|
|
|
|
* about individual cache devices, the main abstraction is the cache set.
|
|
|
|
*
|
|
|
|
* Multiple cache devices is intended to give us the ability to mirror dirty
|
|
|
|
* cached data and metadata, without mirroring clean cached data.
|
|
|
|
*
|
|
|
|
* Backing devices are different, in that they have a lifetime independent of a
|
|
|
|
* cache set. When you register a newly formatted backing device it'll come up
|
|
|
|
* in passthrough mode, and then you can attach and detach a backing device from
|
|
|
|
* a cache set at runtime - while it's mounted and in use. Detaching implicitly
|
|
|
|
* invalidates any cached data for that backing device.
|
|
|
|
*
|
|
|
|
* A cache set can have multiple (many) backing devices attached to it.
|
|
|
|
*
|
|
|
|
* There's also flash only volumes - this is the reason for the distinction
|
|
|
|
* between struct cached_dev and struct bcache_device. A flash only volume
|
|
|
|
* works much like a bcache device that has a backing device, except the
|
|
|
|
* "cached" data is always dirty. The end result is that we get thin
|
|
|
|
* provisioning with very little additional code.
|
|
|
|
*
|
|
|
|
* Flash only volumes work but they're not production ready because the moving
|
|
|
|
* garbage collector needs more work. More on that later.
|
|
|
|
*
|
|
|
|
* BUCKETS/ALLOCATION:
|
|
|
|
*
|
|
|
|
* Bcache is primarily designed for caching, which means that in normal
|
|
|
|
* operation all of our available space will be allocated. Thus, we need an
|
|
|
|
* efficient way of deleting things from the cache so we can write new things to
|
|
|
|
* it.
|
|
|
|
*
|
|
|
|
* To do this, we first divide the cache device up into buckets. A bucket is the
|
|
|
|
* unit of allocation; they're typically around 1 mb - anywhere from 128k to 2M+
|
|
|
|
* works efficiently.
|
|
|
|
*
|
|
|
|
* Each bucket has a 16 bit priority, and an 8 bit generation associated with
|
|
|
|
* it. The gens and priorities for all the buckets are stored contiguously and
|
|
|
|
* packed on disk (in a linked list of buckets - aside from the superblock, all
|
|
|
|
* of bcache's metadata is stored in buckets).
|
|
|
|
*
|
|
|
|
* The priority is used to implement an LRU. We reset a bucket's priority when
|
|
|
|
* we allocate it or on cache it, and every so often we decrement the priority
|
|
|
|
* of each bucket. It could be used to implement something more sophisticated,
|
|
|
|
* if anyone ever gets around to it.
|
|
|
|
*
|
|
|
|
* The generation is used for invalidating buckets. Each pointer also has an 8
|
|
|
|
* bit generation embedded in it; for a pointer to be considered valid, its gen
|
|
|
|
* must match the gen of the bucket it points into. Thus, to reuse a bucket all
|
|
|
|
* we have to do is increment its gen (and write its new gen to disk; we batch
|
|
|
|
* this up).
|
|
|
|
*
|
|
|
|
* Bcache is entirely COW - we never write twice to a bucket, even buckets that
|
|
|
|
* contain metadata (including btree nodes).
|
|
|
|
*
|
|
|
|
* THE BTREE:
|
|
|
|
*
|
|
|
|
* Bcache is in large part design around the btree.
|
|
|
|
*
|
|
|
|
* At a high level, the btree is just an index of key -> ptr tuples.
|
|
|
|
*
|
|
|
|
* Keys represent extents, and thus have a size field. Keys also have a variable
|
|
|
|
* number of pointers attached to them (potentially zero, which is handy for
|
|
|
|
* invalidating the cache).
|
|
|
|
*
|
|
|
|
* The key itself is an inode:offset pair. The inode number corresponds to a
|
|
|
|
* backing device or a flash only volume. The offset is the ending offset of the
|
|
|
|
* extent within the inode - not the starting offset; this makes lookups
|
|
|
|
* slightly more convenient.
|
|
|
|
*
|
|
|
|
* Pointers contain the cache device id, the offset on that device, and an 8 bit
|
|
|
|
* generation number. More on the gen later.
|
|
|
|
*
|
|
|
|
* Index lookups are not fully abstracted - cache lookups in particular are
|
|
|
|
* still somewhat mixed in with the btree code, but things are headed in that
|
|
|
|
* direction.
|
|
|
|
*
|
|
|
|
* Updates are fairly well abstracted, though. There are two different ways of
|
|
|
|
* updating the btree; insert and replace.
|
|
|
|
*
|
|
|
|
* BTREE_INSERT will just take a list of keys and insert them into the btree -
|
|
|
|
* overwriting (possibly only partially) any extents they overlap with. This is
|
|
|
|
* used to update the index after a write.
|
|
|
|
*
|
|
|
|
* BTREE_REPLACE is really cmpxchg(); it inserts a key into the btree iff it is
|
|
|
|
* overwriting a key that matches another given key. This is used for inserting
|
|
|
|
* data into the cache after a cache miss, and for background writeback, and for
|
|
|
|
* the moving garbage collector.
|
|
|
|
*
|
|
|
|
* There is no "delete" operation; deleting things from the index is
|
|
|
|
* accomplished by either by invalidating pointers (by incrementing a bucket's
|
|
|
|
* gen) or by inserting a key with 0 pointers - which will overwrite anything
|
|
|
|
* previously present at that location in the index.
|
|
|
|
*
|
|
|
|
* This means that there are always stale/invalid keys in the btree. They're
|
|
|
|
* filtered out by the code that iterates through a btree node, and removed when
|
|
|
|
* a btree node is rewritten.
|
|
|
|
*
|
|
|
|
* BTREE NODES:
|
|
|
|
*
|
|
|
|
* Our unit of allocation is a bucket, and we we can't arbitrarily allocate and
|
|
|
|
* free smaller than a bucket - so, that's how big our btree nodes are.
|
|
|
|
*
|
|
|
|
* (If buckets are really big we'll only use part of the bucket for a btree node
|
|
|
|
* - no less than 1/4th - but a bucket still contains no more than a single
|
|
|
|
* btree node. I'd actually like to change this, but for now we rely on the
|
|
|
|
* bucket's gen for deleting btree nodes when we rewrite/split a node.)
|
|
|
|
*
|
|
|
|
* Anyways, btree nodes are big - big enough to be inefficient with a textbook
|
|
|
|
* btree implementation.
|
|
|
|
*
|
|
|
|
* The way this is solved is that btree nodes are internally log structured; we
|
|
|
|
* can append new keys to an existing btree node without rewriting it. This
|
|
|
|
* means each set of keys we write is sorted, but the node is not.
|
|
|
|
*
|
|
|
|
* We maintain this log structure in memory - keeping 1Mb of keys sorted would
|
|
|
|
* be expensive, and we have to distinguish between the keys we have written and
|
|
|
|
* the keys we haven't. So to do a lookup in a btree node, we have to search
|
|
|
|
* each sorted set. But we do merge written sets together lazily, so the cost of
|
|
|
|
* these extra searches is quite low (normally most of the keys in a btree node
|
|
|
|
* will be in one big set, and then there'll be one or two sets that are much
|
|
|
|
* smaller).
|
|
|
|
*
|
|
|
|
* This log structure makes bcache's btree more of a hybrid between a
|
|
|
|
* conventional btree and a compacting data structure, with some of the
|
|
|
|
* advantages of both.
|
|
|
|
*
|
|
|
|
* GARBAGE COLLECTION:
|
|
|
|
*
|
|
|
|
* We can't just invalidate any bucket - it might contain dirty data or
|
|
|
|
* metadata. If it once contained dirty data, other writes might overwrite it
|
|
|
|
* later, leaving no valid pointers into that bucket in the index.
|
|
|
|
*
|
|
|
|
* Thus, the primary purpose of garbage collection is to find buckets to reuse.
|
|
|
|
* It also counts how much valid data it each bucket currently contains, so that
|
|
|
|
* allocation can reuse buckets sooner when they've been mostly overwritten.
|
|
|
|
*
|
|
|
|
* It also does some things that are really internal to the btree
|
|
|
|
* implementation. If a btree node contains pointers that are stale by more than
|
|
|
|
* some threshold, it rewrites the btree node to avoid the bucket's generation
|
|
|
|
* wrapping around. It also merges adjacent btree nodes if they're empty enough.
|
|
|
|
*
|
|
|
|
* THE JOURNAL:
|
|
|
|
*
|
|
|
|
* Bcache's journal is not necessary for consistency; we always strictly
|
|
|
|
* order metadata writes so that the btree and everything else is consistent on
|
|
|
|
* disk in the event of an unclean shutdown, and in fact bcache had writeback
|
|
|
|
* caching (with recovery from unclean shutdown) before journalling was
|
|
|
|
* implemented.
|
|
|
|
*
|
|
|
|
* Rather, the journal is purely a performance optimization; we can't complete a
|
|
|
|
* write until we've updated the index on disk, otherwise the cache would be
|
|
|
|
* inconsistent in the event of an unclean shutdown. This means that without the
|
|
|
|
* journal, on random write workloads we constantly have to update all the leaf
|
|
|
|
* nodes in the btree, and those writes will be mostly empty (appending at most
|
|
|
|
* a few keys each) - highly inefficient in terms of amount of metadata writes,
|
|
|
|
* and it puts more strain on the various btree resorting/compacting code.
|
|
|
|
*
|
|
|
|
* The journal is just a log of keys we've inserted; on startup we just reinsert
|
|
|
|
* all the keys in the open journal entries. That means that when we're updating
|
|
|
|
* a node in the btree, we can wait until a 4k block of keys fills up before
|
|
|
|
* writing them out.
|
|
|
|
*
|
|
|
|
* For simplicity, we only journal updates to leaf nodes; updates to parent
|
|
|
|
* nodes are rare enough (since our leaf nodes are huge) that it wasn't worth
|
|
|
|
* the complexity to deal with journalling them (in particular, journal replay)
|
|
|
|
* - updates to non leaf nodes just happen synchronously (see btree_split()).
|
|
|
|
*/
|
|
|
|
|
|
|
|
#define pr_fmt(fmt) "bcache: %s() " fmt "\n", __func__
|
|
|
|
|
2013-11-01 06:46:42 +08:00
|
|
|
#include <linux/bcache.h>
|
2013-03-24 07:11:31 +08:00
|
|
|
#include <linux/bio.h>
|
|
|
|
#include <linux/kobject.h>
|
|
|
|
#include <linux/list.h>
|
|
|
|
#include <linux/mutex.h>
|
|
|
|
#include <linux/rbtree.h>
|
|
|
|
#include <linux/rwsem.h>
|
2017-10-31 05:46:32 +08:00
|
|
|
#include <linux/refcount.h>
|
2013-03-24 07:11:31 +08:00
|
|
|
#include <linux/types.h>
|
|
|
|
#include <linux/workqueue.h>
|
bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags
When too many I/Os failed on cache device, bch_cache_set_error() is called
in the error handling code path to retire whole problematic cache set. If
new I/O requests continue to come and take refcount dc->count, the cache
set won't be retired immediately, this is a problem.
Further more, there are several kernel thread and self-armed kernel work
may still running after bch_cache_set_error() is called. It needs to wait
quite a while for them to stop, or they won't stop at all. They also
prevent the cache set from being retired.
The solution in this patch is, to add per cache set flag to disable I/O
request on this cache and all attached backing devices. Then new coming I/O
requests can be rejected in *_make_request() before taking refcount, kernel
threads and self-armed kernel worker can stop very fast when flags bit
CACHE_SET_IO_DISABLE is set.
Because bcache also do internal I/Os for writeback, garbage collection,
bucket allocation, journaling, this kind of I/O should be disabled after
bch_cache_set_error() is called. So closure_bio_submit() is modified to
check whether CACHE_SET_IO_DISABLE is set on cache_set->flags. If set,
closure_bio_submit() will set bio->bi_status to BLK_STS_IOERR and
return, generic_make_request() won't be called.
A sysfs interface is also added to set or clear CACHE_SET_IO_DISABLE bit
from cache_set->flags, to disable or enable cache set I/O for debugging. It
is helpful to trigger more corner case issues for failed cache device.
Changelog
v4, add wait_for_kthread_stop(), and call it before exits writeback and gc
kernel threads.
v3, change CACHE_SET_IO_DISABLE from 4 to 3, since it is bit index.
remove "bcache: " prefix when printing out kernel message.
v2, more changes by previous review,
- Use CACHE_SET_IO_DISABLE of cache_set->flags, suggested by Junhui.
- Check CACHE_SET_IO_DISABLE in bch_btree_gc() to stop a while-loop, this
is reported and inspired from origal patch of Pavel Vazharov.
v1, initial version.
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Michael Lyle <mlyle@lyle.org>
Cc: Pavel Vazharov <freakpv@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:17 +08:00
|
|
|
#include <linux/kthread.h>
|
2013-03-24 07:11:31 +08:00
|
|
|
|
2013-09-11 13:53:34 +08:00
|
|
|
#include "bset.h"
|
2013-03-24 07:11:31 +08:00
|
|
|
#include "util.h"
|
|
|
|
#include "closure.h"
|
|
|
|
|
|
|
|
struct bucket {
|
|
|
|
atomic_t pin;
|
|
|
|
uint16_t prio;
|
|
|
|
uint8_t gen;
|
|
|
|
uint8_t last_gc; /* Most out of date gen in the btree */
|
2013-11-08 09:53:19 +08:00
|
|
|
uint16_t gc_mark; /* Bitfield used by GC. See below for field */
|
2013-03-24 07:11:31 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* I'd use bitfields for these, but I don't trust the compiler not to screw me
|
|
|
|
* as multiple threads touch struct bucket without locking
|
|
|
|
*/
|
|
|
|
|
|
|
|
BITMASK(GC_MARK, struct bucket, gc_mark, 0, 2);
|
2014-03-14 04:46:29 +08:00
|
|
|
#define GC_MARK_RECLAIMABLE 1
|
|
|
|
#define GC_MARK_DIRTY 2
|
|
|
|
#define GC_MARK_METADATA 3
|
bcache: fix BUG_ON due to integer overflow with GC_SECTORS_USED
The BUG_ON at the end of __bch_btree_mark_key can be triggered due to
an integer overflow error:
BITMASK(GC_SECTORS_USED, struct bucket, gc_mark, 2, 13);
...
SET_GC_SECTORS_USED(g, min_t(unsigned,
GC_SECTORS_USED(g) + KEY_SIZE(k),
(1 << 14) - 1));
BUG_ON(!GC_SECTORS_USED(g));
In bcache.h, the SECTORS_USED bitfield is defined to be 13 bits wide.
While the SET_ code tries to ensure that the field doesn't overflow by
clamping it to (1<<14)-1 == 16383, this is incorrect because 16383
requires 14 bits. Therefore, if GC_SECTORS_USED() + KEY_SIZE() =
8192, the SET_ statement tries to store 8192 into a 13-bit field. In
a 13-bit field, 8192 becomes zero, thus triggering the BUG_ON.
Therefore, create a field width constant and a max value constant, and
use those to create the bitfield and check the inputs to
SET_GC_SECTORS_USED. Arguably the BITMASK() template ought to have
BUG_ON checks for too-large values, but that's a separate patch.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
2014-01-29 08:57:39 +08:00
|
|
|
#define GC_SECTORS_USED_SIZE 13
|
|
|
|
#define MAX_GC_SECTORS_USED (~(~0ULL << GC_SECTORS_USED_SIZE))
|
|
|
|
BITMASK(GC_SECTORS_USED, struct bucket, gc_mark, 2, GC_SECTORS_USED_SIZE);
|
2013-11-08 09:53:19 +08:00
|
|
|
BITMASK(GC_MOVE, struct bucket, gc_mark, 15, 1);
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
#include "journal.h"
|
|
|
|
#include "stats.h"
|
|
|
|
struct search;
|
|
|
|
struct btree;
|
|
|
|
struct keybuf;
|
|
|
|
|
|
|
|
struct keybuf_key {
|
|
|
|
struct rb_node node;
|
|
|
|
BKEY_PADDED(key);
|
|
|
|
void *private;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct keybuf {
|
|
|
|
struct bkey last_scanned;
|
|
|
|
spinlock_t lock;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Beginning and end of range in rb tree - so that we can skip taking
|
|
|
|
* lock and checking the rb tree when we need to check for overlapping
|
|
|
|
* keys.
|
|
|
|
*/
|
|
|
|
struct bkey start;
|
|
|
|
struct bkey end;
|
|
|
|
|
|
|
|
struct rb_root keys;
|
|
|
|
|
2013-11-01 06:43:22 +08:00
|
|
|
#define KEYBUF_NR 500
|
2013-03-24 07:11:31 +08:00
|
|
|
DECLARE_ARRAY_ALLOCATOR(struct keybuf_key, freelist, KEYBUF_NR);
|
|
|
|
};
|
|
|
|
|
|
|
|
struct bcache_device {
|
|
|
|
struct closure cl;
|
|
|
|
|
|
|
|
struct kobject kobj;
|
|
|
|
|
|
|
|
struct cache_set *c;
|
|
|
|
unsigned id;
|
|
|
|
#define BCACHEDEVNAME_SIZE 12
|
|
|
|
char name[BCACHEDEVNAME_SIZE];
|
|
|
|
|
|
|
|
struct gendisk *disk;
|
|
|
|
|
2013-08-22 08:49:09 +08:00
|
|
|
unsigned long flags;
|
bcache: stop dc->writeback_rate_update properly
struct delayed_work writeback_rate_update in struct cache_dev is a delayed
worker to call function update_writeback_rate() in period (the interval is
defined by dc->writeback_rate_update_seconds).
When a metadate I/O error happens on cache device, bcache error handling
routine bch_cache_set_error() will call bch_cache_set_unregister() to
retire whole cache set. On the unregister code path, this delayed work is
stopped by calling cancel_delayed_work_sync(&dc->writeback_rate_update).
dc->writeback_rate_update is a special delayed work from others in bcache.
In its routine update_writeback_rate(), this delayed work is re-armed
itself. That means when cancel_delayed_work_sync() returns, this delayed
work can still be executed after several seconds defined by
dc->writeback_rate_update_seconds.
The problem is, after cancel_delayed_work_sync() returns, the cache set
unregister code path will continue and release memory of struct cache set.
Then the delayed work is scheduled to run, __update_writeback_rate()
will reference the already released cache_set memory, and trigger a NULL
pointer deference fault.
This patch introduces two more bcache device flags,
- BCACHE_DEV_WB_RUNNING
bit set: bcache device is in writeback mode and running, it is OK for
dc->writeback_rate_update to re-arm itself.
bit clear:bcache device is trying to stop dc->writeback_rate_update,
this delayed work should not re-arm itself and quit.
- BCACHE_DEV_RATE_DW_RUNNING
bit set: routine update_writeback_rate() is executing.
bit clear: routine update_writeback_rate() quits.
This patch also adds a function cancel_writeback_rate_update_dwork() to
wait for dc->writeback_rate_update quits before cancel it by calling
cancel_delayed_work_sync(). In order to avoid a deadlock by unexpected
quit dc->writeback_rate_update, after time_out seconds this function will
give up and continue to call cancel_delayed_work_sync().
And here I explain how this patch stops self re-armed delayed work properly
with the above stuffs.
update_writeback_rate() sets BCACHE_DEV_RATE_DW_RUNNING at its beginning
and clears BCACHE_DEV_RATE_DW_RUNNING at its end. Before calling
cancel_writeback_rate_update_dwork() clear flag BCACHE_DEV_WB_RUNNING.
Before calling cancel_delayed_work_sync() wait utill flag
BCACHE_DEV_RATE_DW_RUNNING is clear. So when calling
cancel_delayed_work_sync(), dc->writeback_rate_update must be already re-
armed, or quite by seeing BCACHE_DEV_WB_RUNNING cleared. In both cases
delayed work routine update_writeback_rate() won't be executed after
cancel_delayed_work_sync() returns.
Inside update_writeback_rate() before calling schedule_delayed_work(), flag
BCACHE_DEV_WB_RUNNING is checked before. If this flag is cleared, it means
someone is about to stop the delayed work. Because flag
BCACHE_DEV_RATE_DW_RUNNING is set already and cancel_delayed_work_sync()
has to wait for this flag to be cleared, we don't need to worry about race
condition here.
If update_writeback_rate() is scheduled to run after checking
BCACHE_DEV_RATE_DW_RUNNING and before calling cancel_delayed_work_sync()
in cancel_writeback_rate_update_dwork(), it is also safe. Because at this
moment BCACHE_DEV_WB_RUNNING is cleared with memory barrier. As I mentioned
previously, update_writeback_rate() will see BCACHE_DEV_WB_RUNNING is clear
and quit immediately.
Because there are more dependences inside update_writeback_rate() to struct
cache_set memory, dc->writeback_rate_update is not a simple self re-arm
delayed work. After trying many different methods (e.g. hold dc->count, or
use locks), this is the only way I can find which works to properly stop
dc->writeback_rate_update delayed work.
Changelog:
v3: change values of BCACHE_DEV_WB_RUNNING and BCACHE_DEV_RATE_DW_RUNNING
to bit index, for test_bit().
v2: Try to fix the race issue which is pointed out by Junhui.
v1: The initial version for review
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Junhui Tang <tang.junhui@zte.com.cn>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Cc: Michael Lyle <mlyle@lyle.org>
Cc: Hannes Reinecke <hare@suse.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:16 +08:00
|
|
|
#define BCACHE_DEV_CLOSING 0
|
|
|
|
#define BCACHE_DEV_DETACHING 1
|
|
|
|
#define BCACHE_DEV_UNLINK_DONE 2
|
|
|
|
#define BCACHE_DEV_WB_RUNNING 3
|
|
|
|
#define BCACHE_DEV_RATE_DW_RUNNING 4
|
2013-11-01 06:43:22 +08:00
|
|
|
unsigned nr_stripes;
|
2013-08-17 17:13:15 +08:00
|
|
|
unsigned stripe_size;
|
2013-06-05 21:21:07 +08:00
|
|
|
atomic_t *stripe_sectors_dirty;
|
2013-11-01 06:43:22 +08:00
|
|
|
unsigned long *full_dirty_stripes;
|
2013-06-05 21:21:07 +08:00
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
struct bio_set *bio_split;
|
|
|
|
|
|
|
|
unsigned data_csum:1;
|
|
|
|
|
|
|
|
int (*cache_miss)(struct btree *, struct search *,
|
|
|
|
struct bio *, unsigned);
|
|
|
|
int (*ioctl) (struct bcache_device *, fmode_t, unsigned, unsigned long);
|
|
|
|
};
|
|
|
|
|
|
|
|
struct io {
|
|
|
|
/* Used to track sequential IO so it can be skipped */
|
|
|
|
struct hlist_node hash;
|
|
|
|
struct list_head lru;
|
|
|
|
|
|
|
|
unsigned long jiffies;
|
|
|
|
unsigned sequential;
|
|
|
|
sector_t last;
|
|
|
|
};
|
|
|
|
|
bcache: add stop_when_cache_set_failed option to backing device
When there are too many I/O errors on cache device, current bcache code
will retire the whole cache set, and detach all bcache devices. But the
detached bcache devices are not stopped, which is problematic when bcache
is in writeback mode.
If the retired cache set has dirty data of backing devices, continue
writing to bcache device will write to backing device directly. If the
LBA of write request has a dirty version cached on cache device, next time
when the cache device is re-registered and backing device re-attached to
it again, the stale dirty data on cache device will be written to backing
device, and overwrite latest directly written data. This situation causes
a quite data corruption.
But we cannot simply stop all attached bcache devices when the cache set is
broken or disconnected. For example, use bcache to accelerate performance
of an email service. In such workload, if cache device is broken but no
dirty data lost, keep the bcache device alive and permit email service
continue to access user data might be a better solution for the cache
device failure.
Nix <nix@esperi.org.uk> points out the issue and provides the above example
to explain why it might be necessary to not stop bcache device for broken
cache device. Pavel Goran <via-bcache@pvgoran.name> provides a brilliant
suggestion to provide "always" and "auto" options to per-cached device
sysfs file stop_when_cache_set_failed. If cache set is retiring and the
backing device has no dirty data on cache, it should be safe to keep the
bcache device alive. In this case, if stop_when_cache_set_failed is set to
"auto", the device failure handling code will not stop this bcache device
and permit application to access the backing device with a unattached
bcache device.
Changelog:
[mlyle: edited to not break string constants across lines]
v3: fix typos pointed out by Nix.
v2: change option values of stop_when_cache_set_failed from 1/0 to
"auto"/"always".
v1: initial version, stop_when_cache_set_failed can be 0 (not stop) or 1
(always stop).
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Signed-off-by: Michael Lyle <mlyle@lyle.org>
Cc: Nix <nix@esperi.org.uk>
Cc: Pavel Goran <via-bcache@pvgoran.name>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Hannes Reinecke <hare@suse.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:18 +08:00
|
|
|
enum stop_on_failure {
|
|
|
|
BCH_CACHED_DEV_STOP_AUTO = 0,
|
|
|
|
BCH_CACHED_DEV_STOP_ALWAYS,
|
|
|
|
BCH_CACHED_DEV_STOP_MODE_MAX,
|
|
|
|
};
|
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
struct cached_dev {
|
|
|
|
struct list_head list;
|
|
|
|
struct bcache_device disk;
|
|
|
|
struct block_device *bdev;
|
|
|
|
|
|
|
|
struct cache_sb sb;
|
|
|
|
struct bio sb_bio;
|
|
|
|
struct bio_vec sb_bv[1];
|
2013-12-17 07:27:25 +08:00
|
|
|
struct closure sb_write;
|
|
|
|
struct semaphore sb_write_mutex;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/* Refcount on the cache set. Always nonzero when we're caching. */
|
2017-10-31 05:46:32 +08:00
|
|
|
refcount_t count;
|
2013-03-24 07:11:31 +08:00
|
|
|
struct work_struct detach;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Device might not be running if it's dirty and the cache set hasn't
|
|
|
|
* showed up yet.
|
|
|
|
*/
|
|
|
|
atomic_t running;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Writes take a shared lock from start to finish; scanning for dirty
|
|
|
|
* data to refill the rb tree requires an exclusive lock.
|
|
|
|
*/
|
|
|
|
struct rw_semaphore writeback_lock;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Nonzero, and writeback has a refcount (d->count), iff there is dirty
|
|
|
|
* data in the cache. Protected by writeback_lock; must have an
|
|
|
|
* shared lock to set and exclusive lock to clear.
|
|
|
|
*/
|
|
|
|
atomic_t has_dirty;
|
|
|
|
|
2018-01-09 04:21:24 +08:00
|
|
|
/*
|
|
|
|
* Set to zero by things that touch the backing volume-- except
|
|
|
|
* writeback. Incremented by writeback. Used to determine when to
|
|
|
|
* accelerate idle writeback.
|
|
|
|
*/
|
|
|
|
atomic_t backing_idle;
|
|
|
|
|
2013-09-24 14:17:31 +08:00
|
|
|
struct bch_ratelimit writeback_rate;
|
2013-03-24 07:11:31 +08:00
|
|
|
struct delayed_work writeback_rate_update;
|
|
|
|
|
2013-09-24 14:17:31 +08:00
|
|
|
/* Limit number of writeback bios in flight */
|
|
|
|
struct semaphore in_flight;
|
2013-07-25 08:50:06 +08:00
|
|
|
struct task_struct *writeback_thread;
|
2017-09-06 14:25:59 +08:00
|
|
|
struct workqueue_struct *writeback_write_wq;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
struct keybuf writeback_keys;
|
|
|
|
|
2018-01-09 04:21:23 +08:00
|
|
|
/*
|
|
|
|
* Order the write-half of writeback operations strongly in dispatch
|
|
|
|
* order. (Maintain LBA order; don't allow reads completing out of
|
|
|
|
* order to re-order the writes...)
|
|
|
|
*/
|
|
|
|
struct closure_waitlist writeback_ordering_wait;
|
|
|
|
atomic_t writeback_sequence_next;
|
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
/* For tracking sequential IO */
|
|
|
|
#define RECENT_IO_BITS 7
|
|
|
|
#define RECENT_IO (1 << RECENT_IO_BITS)
|
|
|
|
struct io io[RECENT_IO];
|
|
|
|
struct hlist_head io_hash[RECENT_IO + 1];
|
|
|
|
struct list_head io_lru;
|
|
|
|
spinlock_t io_lock;
|
|
|
|
|
|
|
|
struct cache_accounting accounting;
|
|
|
|
|
|
|
|
/* The rest of this all shows up in sysfs */
|
|
|
|
unsigned sequential_cutoff;
|
|
|
|
unsigned readahead;
|
|
|
|
|
|
|
|
unsigned verify:1;
|
2013-09-11 05:27:42 +08:00
|
|
|
unsigned bypass_torture_test:1;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
2013-06-05 21:24:39 +08:00
|
|
|
unsigned partial_stripes_expensive:1;
|
2013-03-24 07:11:31 +08:00
|
|
|
unsigned writeback_metadata:1;
|
|
|
|
unsigned writeback_running:1;
|
|
|
|
unsigned char writeback_percent;
|
|
|
|
unsigned writeback_delay;
|
|
|
|
|
|
|
|
uint64_t writeback_rate_target;
|
2013-11-12 05:58:34 +08:00
|
|
|
int64_t writeback_rate_proportional;
|
bcache: implement PI controller for writeback rate
bcache uses a control system to attempt to keep the amount of dirty data
in cache at a user-configured level, while not responding excessively to
transients and variations in write rate. Previously, the system was a
PD controller; but the output from it was integrated, turning the
Proportional term into an Integral term, and turning the Derivative term
into a crude Proportional term. Performance of the controller has been
uneven in production, and it has tended to respond slowly, oscillate,
and overshoot.
This patch set replaces the current control system with an explicit PI
controller and tuning that should be correct for most hardware. By
default, it attempts to write at a rate that would retire 1/40th of the
current excess blocks per second. An integral term in turn works to
remove steady state errors.
IMO, this yields benefits in simplicity (removing weighted average
filtering, etc) and system performance.
Another small change is a tunable parameter is introduced to allow the
user to specify a minimum rate at which dirty blocks are retired.
There is a slight difference from earlier versions of the patch in
integral handling to prevent excessive negative integral windup.
Signed-off-by: Michael Lyle <mlyle@lyle.org>
Reviewed-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2017-10-14 07:35:36 +08:00
|
|
|
int64_t writeback_rate_integral;
|
|
|
|
int64_t writeback_rate_integral_scaled;
|
2017-10-14 07:35:38 +08:00
|
|
|
int32_t writeback_rate_change;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
unsigned writeback_rate_update_seconds;
|
bcache: implement PI controller for writeback rate
bcache uses a control system to attempt to keep the amount of dirty data
in cache at a user-configured level, while not responding excessively to
transients and variations in write rate. Previously, the system was a
PD controller; but the output from it was integrated, turning the
Proportional term into an Integral term, and turning the Derivative term
into a crude Proportional term. Performance of the controller has been
uneven in production, and it has tended to respond slowly, oscillate,
and overshoot.
This patch set replaces the current control system with an explicit PI
controller and tuning that should be correct for most hardware. By
default, it attempts to write at a rate that would retire 1/40th of the
current excess blocks per second. An integral term in turn works to
remove steady state errors.
IMO, this yields benefits in simplicity (removing weighted average
filtering, etc) and system performance.
Another small change is a tunable parameter is introduced to allow the
user to specify a minimum rate at which dirty blocks are retired.
There is a slight difference from earlier versions of the patch in
integral handling to prevent excessive negative integral windup.
Signed-off-by: Michael Lyle <mlyle@lyle.org>
Reviewed-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2017-10-14 07:35:36 +08:00
|
|
|
unsigned writeback_rate_i_term_inverse;
|
2013-03-24 07:11:31 +08:00
|
|
|
unsigned writeback_rate_p_term_inverse;
|
bcache: implement PI controller for writeback rate
bcache uses a control system to attempt to keep the amount of dirty data
in cache at a user-configured level, while not responding excessively to
transients and variations in write rate. Previously, the system was a
PD controller; but the output from it was integrated, turning the
Proportional term into an Integral term, and turning the Derivative term
into a crude Proportional term. Performance of the controller has been
uneven in production, and it has tended to respond slowly, oscillate,
and overshoot.
This patch set replaces the current control system with an explicit PI
controller and tuning that should be correct for most hardware. By
default, it attempts to write at a rate that would retire 1/40th of the
current excess blocks per second. An integral term in turn works to
remove steady state errors.
IMO, this yields benefits in simplicity (removing weighted average
filtering, etc) and system performance.
Another small change is a tunable parameter is introduced to allow the
user to specify a minimum rate at which dirty blocks are retired.
There is a slight difference from earlier versions of the patch in
integral handling to prevent excessive negative integral windup.
Signed-off-by: Michael Lyle <mlyle@lyle.org>
Reviewed-by: Coly Li <colyli@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2017-10-14 07:35:36 +08:00
|
|
|
unsigned writeback_rate_minimum;
|
bcache: add stop_when_cache_set_failed option to backing device
When there are too many I/O errors on cache device, current bcache code
will retire the whole cache set, and detach all bcache devices. But the
detached bcache devices are not stopped, which is problematic when bcache
is in writeback mode.
If the retired cache set has dirty data of backing devices, continue
writing to bcache device will write to backing device directly. If the
LBA of write request has a dirty version cached on cache device, next time
when the cache device is re-registered and backing device re-attached to
it again, the stale dirty data on cache device will be written to backing
device, and overwrite latest directly written data. This situation causes
a quite data corruption.
But we cannot simply stop all attached bcache devices when the cache set is
broken or disconnected. For example, use bcache to accelerate performance
of an email service. In such workload, if cache device is broken but no
dirty data lost, keep the bcache device alive and permit email service
continue to access user data might be a better solution for the cache
device failure.
Nix <nix@esperi.org.uk> points out the issue and provides the above example
to explain why it might be necessary to not stop bcache device for broken
cache device. Pavel Goran <via-bcache@pvgoran.name> provides a brilliant
suggestion to provide "always" and "auto" options to per-cached device
sysfs file stop_when_cache_set_failed. If cache set is retiring and the
backing device has no dirty data on cache, it should be safe to keep the
bcache device alive. In this case, if stop_when_cache_set_failed is set to
"auto", the device failure handling code will not stop this bcache device
and permit application to access the backing device with a unattached
bcache device.
Changelog:
[mlyle: edited to not break string constants across lines]
v3: fix typos pointed out by Nix.
v2: change option values of stop_when_cache_set_failed from 1/0 to
"auto"/"always".
v1: initial version, stop_when_cache_set_failed can be 0 (not stop) or 1
(always stop).
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Signed-off-by: Michael Lyle <mlyle@lyle.org>
Cc: Nix <nix@esperi.org.uk>
Cc: Pavel Goran <via-bcache@pvgoran.name>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Hannes Reinecke <hare@suse.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:18 +08:00
|
|
|
|
|
|
|
enum stop_on_failure stop_when_cache_set_failed;
|
2013-03-24 07:11:31 +08:00
|
|
|
};
|
|
|
|
|
2013-12-17 17:29:34 +08:00
|
|
|
enum alloc_reserve {
|
|
|
|
RESERVE_BTREE,
|
|
|
|
RESERVE_PRIO,
|
|
|
|
RESERVE_MOVINGGC,
|
|
|
|
RESERVE_NONE,
|
|
|
|
RESERVE_NR,
|
2013-03-24 07:11:31 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
struct cache {
|
|
|
|
struct cache_set *set;
|
|
|
|
struct cache_sb sb;
|
|
|
|
struct bio sb_bio;
|
|
|
|
struct bio_vec sb_bv[1];
|
|
|
|
|
|
|
|
struct kobject kobj;
|
|
|
|
struct block_device *bdev;
|
|
|
|
|
2013-04-25 10:01:12 +08:00
|
|
|
struct task_struct *alloc_thread;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
struct closure prio;
|
|
|
|
struct prio_set *disk_buckets;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* When allocating new buckets, prio_write() gets first dibs - since we
|
|
|
|
* may not be allocate at all without writing priorities and gens.
|
|
|
|
* prio_buckets[] contains the last buckets we wrote priorities to (so
|
|
|
|
* gc can mark them as metadata), prio_next[] contains the buckets
|
|
|
|
* allocated for the next prio write.
|
|
|
|
*/
|
|
|
|
uint64_t *prio_buckets;
|
|
|
|
uint64_t *prio_last_buckets;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* free: Buckets that are ready to be used
|
|
|
|
*
|
|
|
|
* free_inc: Incoming buckets - these are buckets that currently have
|
|
|
|
* cached data in them, and we can't reuse them until after we write
|
|
|
|
* their new gen to disk. After prio_write() finishes writing the new
|
|
|
|
* gens/prios, they'll be moved to the free list (and possibly discarded
|
|
|
|
* in the process)
|
|
|
|
*/
|
2013-12-17 17:29:34 +08:00
|
|
|
DECLARE_FIFO(long, free)[RESERVE_NR];
|
2013-03-24 07:11:31 +08:00
|
|
|
DECLARE_FIFO(long, free_inc);
|
|
|
|
|
|
|
|
size_t fifo_last_bucket;
|
|
|
|
|
|
|
|
/* Allocation stuff: */
|
|
|
|
struct bucket *buckets;
|
|
|
|
|
|
|
|
DECLARE_HEAP(struct bucket *, heap);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If nonzero, we know we aren't going to find any buckets to invalidate
|
|
|
|
* until a gc finishes - otherwise we could pointlessly burn a ton of
|
|
|
|
* cpu
|
|
|
|
*/
|
2016-10-27 11:31:17 +08:00
|
|
|
unsigned invalidate_needs_gc;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
bool discard; /* Get rid of? */
|
|
|
|
|
|
|
|
struct journal_device journal;
|
|
|
|
|
|
|
|
/* The rest of this all shows up in sysfs */
|
|
|
|
#define IO_ERROR_SHIFT 20
|
|
|
|
atomic_t io_errors;
|
|
|
|
atomic_t io_count;
|
|
|
|
|
|
|
|
atomic_long_t meta_sectors_written;
|
|
|
|
atomic_long_t btree_sectors_written;
|
|
|
|
atomic_long_t sectors_written;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct gc_stat {
|
|
|
|
size_t nodes;
|
|
|
|
size_t key_bytes;
|
|
|
|
|
|
|
|
size_t nkeys;
|
|
|
|
uint64_t data; /* sectors */
|
|
|
|
unsigned in_use; /* percent */
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Flag bits, for how the cache set is shutting down, and what phase it's at:
|
|
|
|
*
|
|
|
|
* CACHE_SET_UNREGISTERING means we're not just shutting down, we're detaching
|
|
|
|
* all the backing devices first (their cached data gets invalidated, and they
|
|
|
|
* won't automatically reattach).
|
|
|
|
*
|
|
|
|
* CACHE_SET_STOPPING always gets set first when we're closing down a cache set;
|
|
|
|
* we'll continue to run normally for awhile with CACHE_SET_STOPPING set (i.e.
|
|
|
|
* flushing dirty data).
|
2014-07-12 03:17:41 +08:00
|
|
|
*
|
|
|
|
* CACHE_SET_RUNNING means all cache devices have been registered and journal
|
|
|
|
* replay is complete.
|
bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags
When too many I/Os failed on cache device, bch_cache_set_error() is called
in the error handling code path to retire whole problematic cache set. If
new I/O requests continue to come and take refcount dc->count, the cache
set won't be retired immediately, this is a problem.
Further more, there are several kernel thread and self-armed kernel work
may still running after bch_cache_set_error() is called. It needs to wait
quite a while for them to stop, or they won't stop at all. They also
prevent the cache set from being retired.
The solution in this patch is, to add per cache set flag to disable I/O
request on this cache and all attached backing devices. Then new coming I/O
requests can be rejected in *_make_request() before taking refcount, kernel
threads and self-armed kernel worker can stop very fast when flags bit
CACHE_SET_IO_DISABLE is set.
Because bcache also do internal I/Os for writeback, garbage collection,
bucket allocation, journaling, this kind of I/O should be disabled after
bch_cache_set_error() is called. So closure_bio_submit() is modified to
check whether CACHE_SET_IO_DISABLE is set on cache_set->flags. If set,
closure_bio_submit() will set bio->bi_status to BLK_STS_IOERR and
return, generic_make_request() won't be called.
A sysfs interface is also added to set or clear CACHE_SET_IO_DISABLE bit
from cache_set->flags, to disable or enable cache set I/O for debugging. It
is helpful to trigger more corner case issues for failed cache device.
Changelog
v4, add wait_for_kthread_stop(), and call it before exits writeback and gc
kernel threads.
v3, change CACHE_SET_IO_DISABLE from 4 to 3, since it is bit index.
remove "bcache: " prefix when printing out kernel message.
v2, more changes by previous review,
- Use CACHE_SET_IO_DISABLE of cache_set->flags, suggested by Junhui.
- Check CACHE_SET_IO_DISABLE in bch_btree_gc() to stop a while-loop, this
is reported and inspired from origal patch of Pavel Vazharov.
v1, initial version.
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Michael Lyle <mlyle@lyle.org>
Cc: Pavel Vazharov <freakpv@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:17 +08:00
|
|
|
*
|
|
|
|
* CACHE_SET_IO_DISABLE is set when bcache is stopping the whold cache set, all
|
|
|
|
* external and internal I/O should be denied when this flag is set.
|
|
|
|
*
|
2013-03-24 07:11:31 +08:00
|
|
|
*/
|
|
|
|
#define CACHE_SET_UNREGISTERING 0
|
|
|
|
#define CACHE_SET_STOPPING 1
|
2014-07-12 03:17:41 +08:00
|
|
|
#define CACHE_SET_RUNNING 2
|
bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags
When too many I/Os failed on cache device, bch_cache_set_error() is called
in the error handling code path to retire whole problematic cache set. If
new I/O requests continue to come and take refcount dc->count, the cache
set won't be retired immediately, this is a problem.
Further more, there are several kernel thread and self-armed kernel work
may still running after bch_cache_set_error() is called. It needs to wait
quite a while for them to stop, or they won't stop at all. They also
prevent the cache set from being retired.
The solution in this patch is, to add per cache set flag to disable I/O
request on this cache and all attached backing devices. Then new coming I/O
requests can be rejected in *_make_request() before taking refcount, kernel
threads and self-armed kernel worker can stop very fast when flags bit
CACHE_SET_IO_DISABLE is set.
Because bcache also do internal I/Os for writeback, garbage collection,
bucket allocation, journaling, this kind of I/O should be disabled after
bch_cache_set_error() is called. So closure_bio_submit() is modified to
check whether CACHE_SET_IO_DISABLE is set on cache_set->flags. If set,
closure_bio_submit() will set bio->bi_status to BLK_STS_IOERR and
return, generic_make_request() won't be called.
A sysfs interface is also added to set or clear CACHE_SET_IO_DISABLE bit
from cache_set->flags, to disable or enable cache set I/O for debugging. It
is helpful to trigger more corner case issues for failed cache device.
Changelog
v4, add wait_for_kthread_stop(), and call it before exits writeback and gc
kernel threads.
v3, change CACHE_SET_IO_DISABLE from 4 to 3, since it is bit index.
remove "bcache: " prefix when printing out kernel message.
v2, more changes by previous review,
- Use CACHE_SET_IO_DISABLE of cache_set->flags, suggested by Junhui.
- Check CACHE_SET_IO_DISABLE in bch_btree_gc() to stop a while-loop, this
is reported and inspired from origal patch of Pavel Vazharov.
v1, initial version.
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Michael Lyle <mlyle@lyle.org>
Cc: Pavel Vazharov <freakpv@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:17 +08:00
|
|
|
#define CACHE_SET_IO_DISABLE 3
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
struct cache_set {
|
|
|
|
struct closure cl;
|
|
|
|
|
|
|
|
struct list_head list;
|
|
|
|
struct kobject kobj;
|
|
|
|
struct kobject internal;
|
|
|
|
struct dentry *debug;
|
|
|
|
struct cache_accounting accounting;
|
|
|
|
|
|
|
|
unsigned long flags;
|
|
|
|
|
|
|
|
struct cache_sb sb;
|
|
|
|
|
|
|
|
struct cache *cache[MAX_CACHES_PER_SET];
|
|
|
|
struct cache *cache_by_alloc[MAX_CACHES_PER_SET];
|
|
|
|
int caches_loaded;
|
|
|
|
|
|
|
|
struct bcache_device **devices;
|
2018-01-09 04:21:28 +08:00
|
|
|
unsigned devices_max_used;
|
2013-03-24 07:11:31 +08:00
|
|
|
struct list_head cached_devs;
|
|
|
|
uint64_t cached_dev_sectors;
|
|
|
|
struct closure caching;
|
|
|
|
|
2013-12-17 07:27:25 +08:00
|
|
|
struct closure sb_write;
|
|
|
|
struct semaphore sb_write_mutex;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
mempool_t *search;
|
|
|
|
mempool_t *bio_meta;
|
|
|
|
struct bio_set *bio_split;
|
|
|
|
|
|
|
|
/* For the btree cache */
|
|
|
|
struct shrinker shrink;
|
|
|
|
|
|
|
|
/* For the btree cache and anything allocation related */
|
|
|
|
struct mutex bucket_lock;
|
|
|
|
|
|
|
|
/* log2(bucket_size), in sectors */
|
|
|
|
unsigned short bucket_bits;
|
|
|
|
|
|
|
|
/* log2(block_size), in sectors */
|
|
|
|
unsigned short block_bits;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Default number of pages for a new btree node - may be less than a
|
|
|
|
* full bucket
|
|
|
|
*/
|
|
|
|
unsigned btree_pages;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Lists of struct btrees; lru is the list for structs that have memory
|
|
|
|
* allocated for actual btree node, freed is for structs that do not.
|
|
|
|
*
|
|
|
|
* We never free a struct btree, except on shutdown - we just put it on
|
|
|
|
* the btree_cache_freed list and reuse it later. This simplifies the
|
|
|
|
* code, and it doesn't cost us much memory as the memory usage is
|
|
|
|
* dominated by buffers that hold the actual btree node data and those
|
|
|
|
* can be freed - and the number of struct btrees allocated is
|
|
|
|
* effectively bounded.
|
|
|
|
*
|
|
|
|
* btree_cache_freeable effectively is a small cache - we use it because
|
|
|
|
* high order page allocations can be rather expensive, and it's quite
|
|
|
|
* common to delete and allocate btree nodes in quick succession. It
|
|
|
|
* should never grow past ~2-3 nodes in practice.
|
|
|
|
*/
|
|
|
|
struct list_head btree_cache;
|
|
|
|
struct list_head btree_cache_freeable;
|
|
|
|
struct list_head btree_cache_freed;
|
|
|
|
|
|
|
|
/* Number of elements in btree_cache + btree_cache_freeable lists */
|
2014-03-18 08:15:53 +08:00
|
|
|
unsigned btree_cache_used;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If we need to allocate memory for a new btree node and that
|
|
|
|
* allocation fails, we can cannibalize another node in the btree cache
|
2014-03-18 08:15:53 +08:00
|
|
|
* to satisfy the allocation - lock to guarantee only one thread does
|
|
|
|
* this at a time:
|
2013-03-24 07:11:31 +08:00
|
|
|
*/
|
2014-03-18 08:15:53 +08:00
|
|
|
wait_queue_head_t btree_cache_wait;
|
|
|
|
struct task_struct *btree_cache_alloc_lock;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* When we free a btree node, we increment the gen of the bucket the
|
|
|
|
* node is in - but we can't rewrite the prios and gens until we
|
|
|
|
* finished whatever it is we were doing, otherwise after a crash the
|
|
|
|
* btree node would be freed but for say a split, we might not have the
|
|
|
|
* pointers to the new nodes inserted into the btree yet.
|
|
|
|
*
|
|
|
|
* This is a refcount that blocks prio_write() until the new keys are
|
|
|
|
* written.
|
|
|
|
*/
|
|
|
|
atomic_t prio_blocked;
|
2013-07-25 08:29:09 +08:00
|
|
|
wait_queue_head_t bucket_wait;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* For any bio we don't skip we subtract the number of sectors from
|
|
|
|
* rescale; when it hits 0 we rescale all the bucket priorities.
|
|
|
|
*/
|
|
|
|
atomic_t rescale;
|
|
|
|
/*
|
|
|
|
* When we invalidate buckets, we use both the priority and the amount
|
|
|
|
* of good data to determine which buckets to reuse first - to weight
|
|
|
|
* those together consistently we keep track of the smallest nonzero
|
|
|
|
* priority of any bucket.
|
|
|
|
*/
|
|
|
|
uint16_t min_prio;
|
|
|
|
|
|
|
|
/*
|
2014-02-28 09:51:12 +08:00
|
|
|
* max(gen - last_gc) for all buckets. When it gets too big we have to gc
|
2013-03-24 07:11:31 +08:00
|
|
|
* to keep gens from wrapping around.
|
|
|
|
*/
|
|
|
|
uint8_t need_gc;
|
|
|
|
struct gc_stat gc_stats;
|
|
|
|
size_t nbuckets;
|
2017-10-31 05:46:33 +08:00
|
|
|
size_t avail_nbuckets;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
2013-10-25 08:19:26 +08:00
|
|
|
struct task_struct *gc_thread;
|
2013-03-24 07:11:31 +08:00
|
|
|
/* Where in the btree gc currently is */
|
|
|
|
struct bkey gc_done;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The allocation code needs gc_mark in struct bucket to be correct, but
|
|
|
|
* it's not while a gc is in progress. Protected by bucket_lock.
|
|
|
|
*/
|
|
|
|
int gc_mark_valid;
|
|
|
|
|
|
|
|
/* Counts how many sectors bio_insert has added to the cache */
|
|
|
|
atomic_t sectors_to_gc;
|
2016-10-27 11:31:17 +08:00
|
|
|
wait_queue_head_t gc_wait;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
struct keybuf moving_gc_keys;
|
|
|
|
/* Number of moving GC bios in flight */
|
2013-10-25 08:19:26 +08:00
|
|
|
struct semaphore moving_in_flight;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
2014-01-10 08:03:04 +08:00
|
|
|
struct workqueue_struct *moving_gc_wq;
|
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
struct btree *root;
|
|
|
|
|
|
|
|
#ifdef CONFIG_BCACHE_DEBUG
|
|
|
|
struct btree *verify_data;
|
2013-12-18 14:49:08 +08:00
|
|
|
struct bset *verify_ondisk;
|
2013-03-24 07:11:31 +08:00
|
|
|
struct mutex verify_lock;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
unsigned nr_uuids;
|
|
|
|
struct uuid_entry *uuids;
|
|
|
|
BKEY_PADDED(uuid_bucket);
|
2013-12-17 07:27:25 +08:00
|
|
|
struct closure uuid_write;
|
|
|
|
struct semaphore uuid_write_mutex;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* A btree node on disk could have too many bsets for an iterator to fit
|
2013-04-26 04:58:35 +08:00
|
|
|
* on the stack - have to dynamically allocate them
|
2013-03-24 07:11:31 +08:00
|
|
|
*/
|
2013-04-26 04:58:35 +08:00
|
|
|
mempool_t *fill_iter;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
2013-09-11 13:53:34 +08:00
|
|
|
struct bset_sort_state sort;
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/* List of buckets we're currently writing data to */
|
|
|
|
struct list_head data_buckets;
|
|
|
|
spinlock_t data_bucket_lock;
|
|
|
|
|
|
|
|
struct journal journal;
|
|
|
|
|
|
|
|
#define CONGESTED_MAX 1024
|
|
|
|
unsigned congested_last_us;
|
|
|
|
atomic_t congested;
|
|
|
|
|
|
|
|
/* The rest of this all shows up in sysfs */
|
|
|
|
unsigned congested_read_threshold_us;
|
|
|
|
unsigned congested_write_threshold_us;
|
|
|
|
|
|
|
|
struct time_stats btree_gc_time;
|
|
|
|
struct time_stats btree_split_time;
|
|
|
|
struct time_stats btree_read_time;
|
|
|
|
|
|
|
|
atomic_long_t cache_read_races;
|
|
|
|
atomic_long_t writeback_keys_done;
|
|
|
|
atomic_long_t writeback_keys_failed;
|
2013-07-12 10:42:51 +08:00
|
|
|
|
2018-02-08 03:41:39 +08:00
|
|
|
atomic_long_t reclaim;
|
|
|
|
atomic_long_t flush_write;
|
|
|
|
atomic_long_t retry_flush_write;
|
|
|
|
|
2013-07-12 10:42:51 +08:00
|
|
|
enum {
|
|
|
|
ON_ERROR_UNREGISTER,
|
|
|
|
ON_ERROR_PANIC,
|
|
|
|
} on_error;
|
bcache: set error_limit correctly
Struct cache uses io_errors for two purposes,
- Error decay: when cache set error_decay is set, io_errors is used to
generate a small piece of delay when I/O error happens.
- I/O errors counter: in order to generate big enough value for error
decay, I/O errors counter value is stored by left shifting 20 bits (a.k.a
IO_ERROR_SHIFT).
In function bch_count_io_errors(), if I/O errors counter reaches cache set
error limit, bch_cache_set_error() will be called to retire the whold cache
set. But current code is problematic when checking the error limit, see the
following code piece from bch_count_io_errors(),
90 if (error) {
91 char buf[BDEVNAME_SIZE];
92 unsigned errors = atomic_add_return(1 << IO_ERROR_SHIFT,
93 &ca->io_errors);
94 errors >>= IO_ERROR_SHIFT;
95
96 if (errors < ca->set->error_limit)
97 pr_err("%s: IO error on %s, recovering",
98 bdevname(ca->bdev, buf), m);
99 else
100 bch_cache_set_error(ca->set,
101 "%s: too many IO errors %s",
102 bdevname(ca->bdev, buf), m);
103 }
At line 94, errors is right shifting IO_ERROR_SHIFT bits, now it is real
errors counter to compare at line 96. But ca->set->error_limit is initia-
lized with an amplified value in bch_cache_set_alloc(),
1545 c->error_limit = 8 << IO_ERROR_SHIFT;
It means by default, in bch_count_io_errors(), before 8<<20 errors happened
bch_cache_set_error() won't be called to retire the problematic cache
device. If the average request size is 64KB, it means bcache won't handle
failed device until 512GB data is requested. This is too large to be an I/O
threashold. So I believe the correct error limit should be much less.
This patch sets default cache set error limit to 8, then in
bch_count_io_errors() when errors counter reaches 8 (if it is default
value), function bch_cache_set_error() will be called to retire the whole
cache set. This patch also removes bits shifting when store or show
io_error_limit value via sysfs interface.
Nowadays most of SSDs handle internal flash failure automatically by LBA
address re-indirect mapping. If an I/O error can be observed by upper layer
code, it will be a notable error because that SSD can not re-indirect
map the problematic LBA address to an available flash block. This situation
indicates the whole SSD will be failed very soon. Therefore setting 8 as
the default io error limit value makes sense, it is enough for most of
cache devices.
Changelog:
v2: add reviewed-by from Hannes.
v1: initial version for review.
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Tang Junhui <tang.junhui@zte.com.cn>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-02-08 03:41:42 +08:00
|
|
|
#define DEFAULT_IO_ERROR_LIMIT 8
|
2013-03-24 07:11:31 +08:00
|
|
|
unsigned error_limit;
|
|
|
|
unsigned error_decay;
|
2013-07-12 10:42:51 +08:00
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
unsigned short journal_delay_ms;
|
2013-12-21 09:28:16 +08:00
|
|
|
bool expensive_debug_checks;
|
2013-03-24 07:11:31 +08:00
|
|
|
unsigned verify:1;
|
|
|
|
unsigned key_merging_disabled:1;
|
|
|
|
unsigned gc_always_rewrite:1;
|
|
|
|
unsigned shrinker_disabled:1;
|
|
|
|
unsigned copy_gc_enabled:1;
|
|
|
|
|
|
|
|
#define BUCKET_HASH_BITS 12
|
|
|
|
struct hlist_head bucket_hash[1 << BUCKET_HASH_BITS];
|
bcache: fix high CPU occupancy during journal
After long time small writing I/O running, we found the occupancy of CPU
is very high and I/O performance has been reduced by about half:
[root@ceph151 internal]# top
top - 15:51:05 up 1 day,2:43, 4 users, load average: 16.89, 15.15, 16.53
Tasks: 2063 total, 4 running, 2059 sleeping, 0 stopped, 0 zombie
%Cpu(s):4.3 us, 17.1 sy 0.0 ni, 66.1 id, 12.0 wa, 0.0 hi, 0.5 si, 0.0 st
KiB Mem : 65450044 total, 24586420 free, 38909008 used, 1954616 buff/cache
KiB Swap: 65667068 total, 65667068 free, 0 used. 25136812 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2023 root 20 0 0 0 0 S 55.1 0.0 0:04.42 kworker/11:191
14126 root 20 0 0 0 0 S 42.9 0.0 0:08.72 kworker/10:3
9292 root 20 0 0 0 0 S 30.4 0.0 1:10.99 kworker/6:1
8553 ceph 20 0 4242492 1.805g 18804 S 30.0 2.9 410:07.04 ceph-osd
12287 root 20 0 0 0 0 S 26.7 0.0 0:28.13 kworker/7:85
31019 root 20 0 0 0 0 S 26.1 0.0 1:30.79 kworker/22:1
1787 root 20 0 0 0 0 R 25.7 0.0 5:18.45 kworker/8:7
32169 root 20 0 0 0 0 S 14.5 0.0 1:01.92 kworker/23:1
21476 root 20 0 0 0 0 S 13.9 0.0 0:05.09 kworker/1:54
2204 root 20 0 0 0 0 S 12.5 0.0 1:25.17 kworker/9:10
16994 root 20 0 0 0 0 S 12.2 0.0 0:06.27 kworker/5:106
15714 root 20 0 0 0 0 R 10.9 0.0 0:01.85 kworker/19:2
9661 ceph 20 0 4246876 1.731g 18800 S 10.6 2.8 403:00.80 ceph-osd
11460 ceph 20 0 4164692 2.206g 18876 S 10.6 3.5 360:27.19 ceph-osd
9960 root 20 0 0 0 0 S 10.2 0.0 0:02.75 kworker/2:139
11699 ceph 20 0 4169244 1.920g 18920 S 10.2 3.1 355:23.67 ceph-osd
6843 ceph 20 0 4197632 1.810g 18900 S 9.6 2.9 380:08.30 ceph-osd
The kernel work consumed a lot of CPU, and I found they are running journal
work, The journal is reclaiming source and flush btree node with surprising
frequency.
Through further analysis, we found that in btree_flush_write(), we try to
get a btree node with the smallest fifo idex to flush by traverse all the
btree nodein c->bucket_hash, after we getting it, since no locker protects
it, this btree node may have been written to cache device by other works,
and if this occurred, we retry to traverse in c->bucket_hash and get
another btree node. When the problem occurrd, the retry times is very high,
and we consume a lot of CPU in looking for a appropriate btree node.
In this patch, we try to record 128 btree nodes with the smallest fifo idex
in heap, and pop one by one when we need to flush btree node. It greatly
reduces the time for the loop to find the appropriate BTREE node, and also
reduce the occupancy of CPU.
[note by mpl: this triggers a checkpatch error because of adjacent,
pre-existing style violations]
Signed-off-by: Tang Junhui <tang.junhui@zte.com.cn>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-02-08 03:41:40 +08:00
|
|
|
|
|
|
|
DECLARE_HEAP(struct btree *, flush_btree);
|
2013-03-24 07:11:31 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
struct bbio {
|
|
|
|
unsigned submit_time_us;
|
|
|
|
union {
|
|
|
|
struct bkey key;
|
|
|
|
uint64_t _pad[3];
|
|
|
|
/*
|
|
|
|
* We only need pad = 3 here because we only ever carry around a
|
|
|
|
* single pointer - i.e. the pointer we're doing io to/from.
|
|
|
|
*/
|
|
|
|
};
|
|
|
|
struct bio bio;
|
|
|
|
};
|
|
|
|
|
|
|
|
#define BTREE_PRIO USHRT_MAX
|
2013-11-13 05:49:10 +08:00
|
|
|
#define INITIAL_PRIO 32768U
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
#define btree_bytes(c) ((c)->btree_pages * PAGE_SIZE)
|
|
|
|
#define btree_blocks(b) \
|
|
|
|
((unsigned) (KEY_SIZE(&b->key) >> (b)->c->block_bits))
|
|
|
|
|
|
|
|
#define btree_default_blocks(c) \
|
|
|
|
((unsigned) ((PAGE_SECTORS * (c)->btree_pages) >> (c)->block_bits))
|
|
|
|
|
|
|
|
#define bucket_pages(c) ((c)->sb.bucket_size / PAGE_SECTORS)
|
|
|
|
#define bucket_bytes(c) ((c)->sb.bucket_size << 9)
|
|
|
|
#define block_bytes(c) ((c)->sb.block_size << 9)
|
|
|
|
|
|
|
|
#define prios_per_bucket(c) \
|
|
|
|
((bucket_bytes(c) - sizeof(struct prio_set)) / \
|
|
|
|
sizeof(struct bucket_disk))
|
|
|
|
#define prio_buckets(c) \
|
|
|
|
DIV_ROUND_UP((size_t) (c)->sb.nbuckets, prios_per_bucket(c))
|
|
|
|
|
|
|
|
static inline size_t sector_to_bucket(struct cache_set *c, sector_t s)
|
|
|
|
{
|
|
|
|
return s >> c->bucket_bits;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline sector_t bucket_to_sector(struct cache_set *c, size_t b)
|
|
|
|
{
|
|
|
|
return ((sector_t) b) << c->bucket_bits;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline sector_t bucket_remainder(struct cache_set *c, sector_t s)
|
|
|
|
{
|
|
|
|
return s & (c->sb.bucket_size - 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline struct cache *PTR_CACHE(struct cache_set *c,
|
|
|
|
const struct bkey *k,
|
|
|
|
unsigned ptr)
|
|
|
|
{
|
|
|
|
return c->cache[PTR_DEV(k, ptr)];
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline size_t PTR_BUCKET_NR(struct cache_set *c,
|
|
|
|
const struct bkey *k,
|
|
|
|
unsigned ptr)
|
|
|
|
{
|
|
|
|
return sector_to_bucket(c, PTR_OFFSET(k, ptr));
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline struct bucket *PTR_BUCKET(struct cache_set *c,
|
|
|
|
const struct bkey *k,
|
|
|
|
unsigned ptr)
|
|
|
|
{
|
|
|
|
return PTR_CACHE(c, k, ptr)->buckets + PTR_BUCKET_NR(c, k, ptr);
|
|
|
|
}
|
|
|
|
|
2013-12-21 09:24:46 +08:00
|
|
|
static inline uint8_t gen_after(uint8_t a, uint8_t b)
|
|
|
|
{
|
|
|
|
uint8_t r = a - b;
|
|
|
|
return r > 128U ? 0 : r;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline uint8_t ptr_stale(struct cache_set *c, const struct bkey *k,
|
|
|
|
unsigned i)
|
|
|
|
{
|
|
|
|
return gen_after(PTR_BUCKET(c, k, i)->gen, PTR_GEN(k, i));
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool ptr_available(struct cache_set *c, const struct bkey *k,
|
|
|
|
unsigned i)
|
|
|
|
{
|
|
|
|
return (PTR_DEV(k, i) < MAX_CACHES_PER_SET) && PTR_CACHE(c, k, i);
|
|
|
|
}
|
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
/* Btree key macros */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This is used for various on disk data structures - cache_sb, prio_set, bset,
|
|
|
|
* jset: The checksum is _always_ the first 8 bytes of these structs
|
|
|
|
*/
|
|
|
|
#define csum_set(i) \
|
2013-03-29 02:50:55 +08:00
|
|
|
bch_crc64(((void *) (i)) + sizeof(uint64_t), \
|
2013-12-18 13:56:21 +08:00
|
|
|
((void *) bset_bkey_last(i)) - \
|
|
|
|
(((void *) (i)) + sizeof(uint64_t)))
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
/* Error handling macros */
|
|
|
|
|
|
|
|
#define btree_bug(b, ...) \
|
|
|
|
do { \
|
|
|
|
if (bch_cache_set_error((b)->c, __VA_ARGS__)) \
|
|
|
|
dump_stack(); \
|
|
|
|
} while (0)
|
|
|
|
|
|
|
|
#define cache_bug(c, ...) \
|
|
|
|
do { \
|
|
|
|
if (bch_cache_set_error(c, __VA_ARGS__)) \
|
|
|
|
dump_stack(); \
|
|
|
|
} while (0)
|
|
|
|
|
|
|
|
#define btree_bug_on(cond, b, ...) \
|
|
|
|
do { \
|
|
|
|
if (cond) \
|
|
|
|
btree_bug(b, __VA_ARGS__); \
|
|
|
|
} while (0)
|
|
|
|
|
|
|
|
#define cache_bug_on(cond, c, ...) \
|
|
|
|
do { \
|
|
|
|
if (cond) \
|
|
|
|
cache_bug(c, __VA_ARGS__); \
|
|
|
|
} while (0)
|
|
|
|
|
|
|
|
#define cache_set_err_on(cond, c, ...) \
|
|
|
|
do { \
|
|
|
|
if (cond) \
|
|
|
|
bch_cache_set_error(c, __VA_ARGS__); \
|
|
|
|
} while (0)
|
|
|
|
|
|
|
|
/* Looping macros */
|
|
|
|
|
|
|
|
#define for_each_cache(ca, cs, iter) \
|
|
|
|
for (iter = 0; ca = cs->cache[iter], iter < (cs)->sb.nr_in_set; iter++)
|
|
|
|
|
|
|
|
#define for_each_bucket(b, ca) \
|
|
|
|
for (b = (ca)->buckets + (ca)->sb.first_bucket; \
|
|
|
|
b < (ca)->buckets + (ca)->sb.nbuckets; b++)
|
|
|
|
|
|
|
|
static inline void cached_dev_put(struct cached_dev *dc)
|
|
|
|
{
|
2017-10-31 05:46:32 +08:00
|
|
|
if (refcount_dec_and_test(&dc->count))
|
2013-03-24 07:11:31 +08:00
|
|
|
schedule_work(&dc->detach);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool cached_dev_get(struct cached_dev *dc)
|
|
|
|
{
|
2017-10-31 05:46:32 +08:00
|
|
|
if (!refcount_inc_not_zero(&dc->count))
|
2013-03-24 07:11:31 +08:00
|
|
|
return false;
|
|
|
|
|
|
|
|
/* Paired with the mb in cached_dev_attach */
|
2014-03-18 01:06:10 +08:00
|
|
|
smp_mb__after_atomic();
|
2013-03-24 07:11:31 +08:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* bucket_gc_gen() returns the difference between the bucket's current gen and
|
|
|
|
* the oldest gen of any pointer into that bucket in the btree (last_gc).
|
|
|
|
*/
|
|
|
|
|
|
|
|
static inline uint8_t bucket_gc_gen(struct bucket *b)
|
|
|
|
{
|
|
|
|
return b->gen - b->last_gc;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define BUCKET_GC_GEN_MAX 96U
|
|
|
|
|
|
|
|
#define kobj_attribute_write(n, fn) \
|
|
|
|
static struct kobj_attribute ksysfs_##n = __ATTR(n, S_IWUSR, NULL, fn)
|
|
|
|
|
|
|
|
#define kobj_attribute_rw(n, show, store) \
|
|
|
|
static struct kobj_attribute ksysfs_##n = \
|
|
|
|
__ATTR(n, S_IWUSR|S_IRUSR, show, store)
|
|
|
|
|
2013-04-25 10:01:12 +08:00
|
|
|
static inline void wake_up_allocators(struct cache_set *c)
|
|
|
|
{
|
|
|
|
struct cache *ca;
|
|
|
|
unsigned i;
|
|
|
|
|
|
|
|
for_each_cache(ca, c, i)
|
|
|
|
wake_up_process(ca->alloc_thread);
|
|
|
|
}
|
|
|
|
|
bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags
When too many I/Os failed on cache device, bch_cache_set_error() is called
in the error handling code path to retire whole problematic cache set. If
new I/O requests continue to come and take refcount dc->count, the cache
set won't be retired immediately, this is a problem.
Further more, there are several kernel thread and self-armed kernel work
may still running after bch_cache_set_error() is called. It needs to wait
quite a while for them to stop, or they won't stop at all. They also
prevent the cache set from being retired.
The solution in this patch is, to add per cache set flag to disable I/O
request on this cache and all attached backing devices. Then new coming I/O
requests can be rejected in *_make_request() before taking refcount, kernel
threads and self-armed kernel worker can stop very fast when flags bit
CACHE_SET_IO_DISABLE is set.
Because bcache also do internal I/Os for writeback, garbage collection,
bucket allocation, journaling, this kind of I/O should be disabled after
bch_cache_set_error() is called. So closure_bio_submit() is modified to
check whether CACHE_SET_IO_DISABLE is set on cache_set->flags. If set,
closure_bio_submit() will set bio->bi_status to BLK_STS_IOERR and
return, generic_make_request() won't be called.
A sysfs interface is also added to set or clear CACHE_SET_IO_DISABLE bit
from cache_set->flags, to disable or enable cache set I/O for debugging. It
is helpful to trigger more corner case issues for failed cache device.
Changelog
v4, add wait_for_kthread_stop(), and call it before exits writeback and gc
kernel threads.
v3, change CACHE_SET_IO_DISABLE from 4 to 3, since it is bit index.
remove "bcache: " prefix when printing out kernel message.
v2, more changes by previous review,
- Use CACHE_SET_IO_DISABLE of cache_set->flags, suggested by Junhui.
- Check CACHE_SET_IO_DISABLE in bch_btree_gc() to stop a while-loop, this
is reported and inspired from origal patch of Pavel Vazharov.
v1, initial version.
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Michael Lyle <mlyle@lyle.org>
Cc: Pavel Vazharov <freakpv@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:17 +08:00
|
|
|
static inline void closure_bio_submit(struct cache_set *c,
|
|
|
|
struct bio *bio,
|
|
|
|
struct closure *cl)
|
|
|
|
{
|
|
|
|
closure_get(cl);
|
|
|
|
if (unlikely(test_bit(CACHE_SET_IO_DISABLE, &c->flags))) {
|
|
|
|
bio->bi_status = BLK_STS_IOERR;
|
|
|
|
bio_endio(bio);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
generic_make_request(bio);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Prevent the kthread exits directly, and make sure when kthread_stop()
|
|
|
|
* is called to stop a kthread, it is still alive. If a kthread might be
|
|
|
|
* stopped by CACHE_SET_IO_DISABLE bit set, wait_for_kthread_stop() is
|
|
|
|
* necessary before the kthread returns.
|
|
|
|
*/
|
|
|
|
static inline void wait_for_kthread_stop(void)
|
|
|
|
{
|
|
|
|
while (!kthread_should_stop()) {
|
|
|
|
set_current_state(TASK_INTERRUPTIBLE);
|
|
|
|
schedule();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-03-24 07:11:31 +08:00
|
|
|
/* Forward declarations */
|
|
|
|
|
2018-01-09 04:21:29 +08:00
|
|
|
void bch_count_io_errors(struct cache *, blk_status_t, int, const char *);
|
2013-03-24 07:11:31 +08:00
|
|
|
void bch_bbio_count_io_errors(struct cache_set *, struct bio *,
|
2017-06-03 15:38:06 +08:00
|
|
|
blk_status_t, const char *);
|
|
|
|
void bch_bbio_endio(struct cache_set *, struct bio *, blk_status_t,
|
|
|
|
const char *);
|
2013-03-24 07:11:31 +08:00
|
|
|
void bch_bbio_free(struct bio *, struct cache_set *);
|
|
|
|
struct bio *bch_bbio_alloc(struct cache_set *);
|
|
|
|
|
|
|
|
void __bch_submit_bbio(struct bio *, struct cache_set *);
|
|
|
|
void bch_submit_bbio(struct bio *, struct cache_set *, struct bkey *, unsigned);
|
|
|
|
|
|
|
|
uint8_t bch_inc_gen(struct cache *, struct bucket *);
|
|
|
|
void bch_rescale_priorities(struct cache_set *, int);
|
|
|
|
|
2014-03-18 07:55:55 +08:00
|
|
|
bool bch_can_invalidate_bucket(struct cache *, struct bucket *);
|
|
|
|
void __bch_invalidate_one_bucket(struct cache *, struct bucket *);
|
|
|
|
|
|
|
|
void __bch_bucket_free(struct cache *, struct bucket *);
|
2013-03-24 07:11:31 +08:00
|
|
|
void bch_bucket_free(struct cache_set *, struct bkey *);
|
|
|
|
|
2014-03-18 07:55:55 +08:00
|
|
|
long bch_bucket_alloc(struct cache *, unsigned, bool);
|
2013-03-24 07:11:31 +08:00
|
|
|
int __bch_bucket_alloc_set(struct cache_set *, unsigned,
|
2013-07-25 08:29:09 +08:00
|
|
|
struct bkey *, int, bool);
|
2013-03-24 07:11:31 +08:00
|
|
|
int bch_bucket_alloc_set(struct cache_set *, unsigned,
|
2013-07-25 08:29:09 +08:00
|
|
|
struct bkey *, int, bool);
|
2013-07-25 09:11:11 +08:00
|
|
|
bool bch_alloc_sectors(struct cache_set *, struct bkey *, unsigned,
|
|
|
|
unsigned, unsigned, bool);
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
__printf(2, 3)
|
|
|
|
bool bch_cache_set_error(struct cache_set *, const char *, ...);
|
|
|
|
|
|
|
|
void bch_prio_write(struct cache *);
|
|
|
|
void bch_write_bdev_super(struct cached_dev *, struct closure *);
|
|
|
|
|
2013-10-25 08:19:26 +08:00
|
|
|
extern struct workqueue_struct *bcache_wq;
|
2013-03-24 07:11:31 +08:00
|
|
|
extern const char * const bch_cache_modes[];
|
bcache: add stop_when_cache_set_failed option to backing device
When there are too many I/O errors on cache device, current bcache code
will retire the whole cache set, and detach all bcache devices. But the
detached bcache devices are not stopped, which is problematic when bcache
is in writeback mode.
If the retired cache set has dirty data of backing devices, continue
writing to bcache device will write to backing device directly. If the
LBA of write request has a dirty version cached on cache device, next time
when the cache device is re-registered and backing device re-attached to
it again, the stale dirty data on cache device will be written to backing
device, and overwrite latest directly written data. This situation causes
a quite data corruption.
But we cannot simply stop all attached bcache devices when the cache set is
broken or disconnected. For example, use bcache to accelerate performance
of an email service. In such workload, if cache device is broken but no
dirty data lost, keep the bcache device alive and permit email service
continue to access user data might be a better solution for the cache
device failure.
Nix <nix@esperi.org.uk> points out the issue and provides the above example
to explain why it might be necessary to not stop bcache device for broken
cache device. Pavel Goran <via-bcache@pvgoran.name> provides a brilliant
suggestion to provide "always" and "auto" options to per-cached device
sysfs file stop_when_cache_set_failed. If cache set is retiring and the
backing device has no dirty data on cache, it should be safe to keep the
bcache device alive. In this case, if stop_when_cache_set_failed is set to
"auto", the device failure handling code will not stop this bcache device
and permit application to access the backing device with a unattached
bcache device.
Changelog:
[mlyle: edited to not break string constants across lines]
v3: fix typos pointed out by Nix.
v2: change option values of stop_when_cache_set_failed from 1/0 to
"auto"/"always".
v1: initial version, stop_when_cache_set_failed can be 0 (not stop) or 1
(always stop).
Signed-off-by: Coly Li <colyli@suse.de>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Signed-off-by: Michael Lyle <mlyle@lyle.org>
Cc: Nix <nix@esperi.org.uk>
Cc: Pavel Goran <via-bcache@pvgoran.name>
Cc: Junhui Tang <tang.junhui@zte.com.cn>
Cc: Hannes Reinecke <hare@suse.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-03-19 08:36:18 +08:00
|
|
|
extern const char * const bch_stop_on_failure_modes[];
|
2013-03-24 07:11:31 +08:00
|
|
|
extern struct mutex bch_register_lock;
|
|
|
|
extern struct list_head bch_cache_sets;
|
|
|
|
|
|
|
|
extern struct kobj_type bch_cached_dev_ktype;
|
|
|
|
extern struct kobj_type bch_flash_dev_ktype;
|
|
|
|
extern struct kobj_type bch_cache_set_ktype;
|
|
|
|
extern struct kobj_type bch_cache_set_internal_ktype;
|
|
|
|
extern struct kobj_type bch_cache_ktype;
|
|
|
|
|
|
|
|
void bch_cached_dev_release(struct kobject *);
|
|
|
|
void bch_flash_dev_release(struct kobject *);
|
|
|
|
void bch_cache_set_release(struct kobject *);
|
|
|
|
void bch_cache_release(struct kobject *);
|
|
|
|
|
|
|
|
int bch_uuid_write(struct cache_set *);
|
|
|
|
void bcache_write_super(struct cache_set *);
|
|
|
|
|
|
|
|
int bch_flash_dev_create(struct cache_set *c, uint64_t size);
|
|
|
|
|
bcache: fix for data collapse after re-attaching an attached device
back-end device sdm has already attached a cache_set with ID
f67ebe1f-f8bc-4d73-bfe5-9dc88607f119, then try to attach with
another cache set, and it returns with an error:
[root]# cd /sys/block/sdm/bcache
[root]# echo 5ccd0a63-148e-48b8-afa2-aca9cbd6279f > attach
-bash: echo: write error: Invalid argument
After that, execute a command to modify the label of bcache
device:
[root]# echo data_disk1 > label
Then we reboot the system, when the system power on, the back-end
device can not attach to cache_set, a messages show in the log:
Feb 5 12:05:52 ceph152 kernel: [922385.508498] bcache:
bch_cached_dev_attach() couldn't find uuid for sdm in set
In sysfs_attach(), dc->sb.set_uuid was assigned to the value
which input through sysfs, no matter whether it is success
or not in bch_cached_dev_attach(). For example, If the back-end
device has already attached to an cache set, bch_cached_dev_attach()
would fail, but dc->sb.set_uuid was changed. Then modify the
label of bcache device, it will call bch_write_bdev_super(),
which would write the dc->sb.set_uuid to the super block, so we
record a wrong cache set ID in the super block, after the system
reboot, the cache set couldn't find the uuid of the back-end
device, so the bcache device couldn't exist and use any more.
In this patch, we don't assigned cache set ID to dc->sb.set_uuid
in sysfs_attach() directly, but input it into bch_cached_dev_attach(),
and assigned dc->sb.set_uuid to the cache set ID after the back-end
device attached to the cache set successful.
Signed-off-by: Tang Junhui <tang.junhui@zte.com.cn>
Reviewed-by: Michael Lyle <mlyle@lyle.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-02-08 03:41:46 +08:00
|
|
|
int bch_cached_dev_attach(struct cached_dev *, struct cache_set *, uint8_t *);
|
2013-03-24 07:11:31 +08:00
|
|
|
void bch_cached_dev_detach(struct cached_dev *);
|
|
|
|
void bch_cached_dev_run(struct cached_dev *);
|
|
|
|
void bcache_device_stop(struct bcache_device *);
|
|
|
|
|
|
|
|
void bch_cache_set_unregister(struct cache_set *);
|
|
|
|
void bch_cache_set_stop(struct cache_set *);
|
|
|
|
|
|
|
|
struct cache_set *bch_cache_set_alloc(struct cache_sb *);
|
|
|
|
void bch_btree_cache_free(struct cache_set *);
|
|
|
|
int bch_btree_cache_alloc(struct cache_set *);
|
|
|
|
void bch_moving_init_cache_set(struct cache_set *);
|
2013-07-25 09:11:11 +08:00
|
|
|
int bch_open_buckets_alloc(struct cache_set *);
|
|
|
|
void bch_open_buckets_free(struct cache_set *);
|
2013-03-24 07:11:31 +08:00
|
|
|
|
2013-04-25 10:01:12 +08:00
|
|
|
int bch_cache_allocator_start(struct cache *ca);
|
2013-03-24 07:11:31 +08:00
|
|
|
|
|
|
|
void bch_debug_exit(void);
|
|
|
|
int bch_debug_init(struct kobject *);
|
|
|
|
void bch_request_exit(void);
|
|
|
|
int bch_request_init(void);
|
|
|
|
|
|
|
|
#endif /* _BCACHE_H */
|