linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dave Chinner <david@fromorbit.com>
To: "Darrick J. Wong" <darrick.wong@oracle.com>
Cc: xfs <linux-xfs@vger.kernel.org>,
	Matthew Wilcox <willy@infradead.org>,
	linux-fsdevel@vger.kernel.org, fstests@vger.kernel.org,
	Jeff Layton <jlayton@kernel.org>,
	Brian Foster <bfoster@redhat.com>
Subject: Re: [PATCH v3] fs: clear writeback errors in inode_init_always
Date: Wed, 23 May 2018 08:05:52 +1000	[thread overview]
Message-ID: <20180522220552.GV10363@dastard> (raw)
In-Reply-To: <20180522164359.GB12940@magnolia>

On Tue, May 22, 2018 at 09:43:59AM -0700, Darrick J. Wong wrote:
> From: Darrick J. Wong <darrick.wong@oracle.com>
> 
> In inode_init_always(), we clear the inode mapping flags, which clears
> any retained error (AS_EIO, AS_ENOSPC) bits.  Unfortunately, we do not
> also clear wb_err, which means that old mapping errors can leak through
> to new inodes.
> 
> This is crucial for the XFS inode allocation path because we recycle old
> in-core inodes and we do not want error state from an old file to leak
> into the new file.  This bug was discovered by running generic/036 and
> generic/047 in a loop and noticing that the EIOs generated by the
> collision of direct and buffered writes in generic/036 would survive the
> remount between 036 and 047, and get reported to the fsyncs (on
> different files!) in generic/047.
> 
> Since we're changing the semantics of inode_init_always, we must also
> change xfs_reinit_inode to retain the writeback error state when we go
> to recover an inode that has been torn down in the vfs but not yet
> disposed of by XFS.
> 
> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
> Reviewed-by: Jeff Layton <jlayton@kernel.org>
> ---
> v3: clear error state when allocating new inode
> v2: retain AS_EIO/AS_ENOSPC across xfs inode reinit
> ---
>  fs/inode.c          |    1 +
>  fs/xfs/xfs_icache.c |    9 +++++++++
>  fs/xfs/xfs_inode.c  |    5 +++++
>  3 files changed, 15 insertions(+)
> 
> diff --git a/fs/inode.c b/fs/inode.c
> index 13ceb98c3bd3..3b55391072f3 100644
> --- a/fs/inode.c
> +++ b/fs/inode.c
> @@ -178,6 +178,7 @@ int inode_init_always(struct super_block *sb, struct inode *inode)
>  	mapping->a_ops = &empty_aops;
>  	mapping->host = inode;
>  	mapping->flags = 0;
> +	mapping->wb_err = 0;
>  	atomic_set(&mapping->i_mmap_writable, 0);
>  	mapping_set_gfp_mask(mapping, GFP_HIGHUSER_MOVABLE);
>  	mapping->private_data = NULL;
> diff --git a/fs/xfs/xfs_icache.c b/fs/xfs/xfs_icache.c
> index 164350d91efc..d01f9544ff01 100644
> --- a/fs/xfs/xfs_icache.c
> +++ b/fs/xfs/xfs_icache.c
> @@ -298,6 +298,10 @@ xfs_reinit_inode(
>  	uint64_t	version = inode_peek_iversion(inode);
>  	umode_t		mode = inode->i_mode;
>  	dev_t		dev = inode->i_rdev;
> +	errseq_t	old_err = inode->i_mapping->wb_err;
> +	bool		as_eio = test_bit(AS_EIO, &inode->i_mapping->flags);
> +	bool		as_enospc = test_bit(AS_ENOSPC,
> +					     &inode->i_mapping->flags);
>  
>  	error = inode_init_always(mp->m_super, inode);
>  
> @@ -306,6 +310,11 @@ xfs_reinit_inode(
>  	inode_set_iversion_queried(inode, version);
>  	inode->i_mode = mode;
>  	inode->i_rdev = dev;
> +	inode->i_mapping->wb_err = old_err;
> +	if (as_eio)
> +		set_bit(AS_EIO, &inode->i_mapping->flags);
> +	if (as_enospc)
> +		set_bit(AS_ENOSPC, &inode->i_mapping->flags);

I just don't see this as valid.

The inode has already been removed from the VFS cache when this
happens (i.e. it's gone through iput_final()->evict->destroy_inode)
and so any VFS-specific state is already invalid.

We're retaining XFS-specific inode information across the recycling
of the xfs_inode (i.e. stuff that doesn't change *on-disk* across
recycling an inode, but is reset by inode_init_always()). This is a
creating a new life cycle for the VFS inode (i.e. I_NEW is set), so 
*there is no VFS state retained* across this operation from it's
previous life.

Trying to do this is just going to lead us into nasty layering
violations where the VFS state has to be hacked around just in case
this recycling of the previous life cycle's state was the wrong
thing to do.

> diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c
> index 02eae5059231..6c47ea3e577b 100644
> --- a/fs/xfs/xfs_inode.c
> +++ b/fs/xfs/xfs_inode.c
> @@ -835,6 +835,11 @@ xfs_ialloc(
>  			inode->i_mode |= S_ISGID;
>  	}
>  
> +	/* Reset all vfs error state. */
> +	inode->i_mapping->wb_err = 0;
> +	clear_bit(AS_EIO, &inode->i_mapping->flags);
> +	clear_bit(AS_ENOSPC, &inode->i_mapping->flags);

Just like this. This is a sure sign we're doing the wrong thing in
xfs_reinit_inode(). VFS inode lifecycle state is trashed at
->destroy_inode. It does not persist into new instantiations of VFS
inode state, regardless of that new inode lifecycle gets to the
I_NEW state...

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com

  parent reply	other threads:[~2018-05-22 22:05 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-18 22:50 commit b4678df184b causing xfstests regressions Theodore Y. Ts'o
2018-05-19  2:17 ` Matthew Wilcox
2018-05-19 13:09 ` Jeff Layton
2018-05-19 15:25   ` Darrick J. Wong
2018-05-19 15:27   ` [PATCH] fs: clear writeback errors in inode_init_always Darrick J. Wong
2018-05-19 15:36     ` Matthew Wilcox
2018-05-21 17:54       ` Darrick J. Wong
2018-05-22 10:30         ` Jeff Layton
2018-05-22 22:09           ` Dave Chinner
2018-05-23 10:56             ` Jeff Layton
2018-05-24  3:59               ` Dave Chinner
2018-05-19 23:19     ` Theodore Y. Ts'o
2018-05-20 11:45       ` Jeff Layton
2018-05-20 12:58         ` Matthew Wilcox
2018-05-20 13:18           ` Jeff Layton
2018-05-20 16:29           ` Theodore Y. Ts'o
2018-05-20 19:20             ` Matthew Wilcox
2018-05-20 19:41               ` Theodore Y. Ts'o
2018-05-21 11:20                 ` Jeff Layton
2018-05-21 14:43                   ` Theodore Y. Ts'o
2018-05-20 17:57         ` Theodore Y. Ts'o
2018-05-22  4:06     ` [PATCH v2] " Darrick J. Wong
2018-05-22 10:14       ` Jeff Layton
2018-05-22 12:14       ` Brian Foster
2018-05-22 14:37         ` Darrick J. Wong
2018-05-22 16:43     ` [PATCH v3] " Darrick J. Wong
2018-05-22 18:40       ` Brian Foster
2018-05-22 18:47         ` Darrick J. Wong
2018-05-22 22:05       ` Dave Chinner [this message]
2018-05-23  3:00         ` Darrick J. Wong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180522220552.GV10363@dastard \
    --to=david@fromorbit.com \
    --cc=bfoster@redhat.com \
    --cc=darrick.wong@oracle.com \
    --cc=fstests@vger.kernel.org \
    --cc=jlayton@kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-xfs@vger.kernel.org \
    --cc=willy@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).