Re: xfstests failure generic/239

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2013/8/1 17:10, Jan Kara wrote:
> On Thu 01-08-13 10:49:41, Jan Kara wrote:
>>   Hi,
>>
>> On Thu 01-08-13 10:05:08, Zhao Hongjiang wrote:
>>> It hit this bug, the "Bug happened!" is come out everytime while the test
>>> is fail.  Any suggestion for fix this?
>>   OK, so the test is still failing after using io_end instead of
>> iocb->private? If yes, I'm not sure where the problem exactly is, sorry.
>   Just one addition: But from the fact that debug printk triggers we see
> that really the problem happens when DIO is completed before
> __blockdev_direct_IO() returns and thus extent conversion can race with
> parts of __blockdev_direct_IO() or ext4_ext_direct_IO(). That is impossible
> after my patch because ext4_ext_direct_IO() holds a reference to io_end so
> it gets queued for completion only after __blockdev_direct_IO() returns. So
> at least I somewhat understand why my patch makes a difference.
> 
So is this might be the solution to fix the problem?

Regards,
Zhao 
> 
>>> On 2013/7/31 22:13, Jan Kara wrote:
>>>> On Wed 31-07-13 10:42:37, Zhao Hongjiang wrote:
>>>>> On 2013/7/30 23:48, Jan Kara wrote:
>>>>>> On Tue 30-07-13 11:28:58, Zhao Hongjiang wrote:
>>>>>>> Hi, jack
>>>>>>>
>>>>>>> I test the latest kernel 3.11-rc2 and it seems the problem is fix by the
>>>>>>> follow patch: commit id:97a851ed71cd9cc2542955e92a001c6ea3d21d35 (ext4:
>>>>>>> use io_end for multiple bios).  But it's so difficult to backport to
>>>>>>> kernel 3.4-stable, any suggestion for this?
>>>>>>   Backporting that patch to stable kernels is no-go. It is far to intrusive
>>>>>> for stable kernels. I was looking for a while how that patch could fix the
>>>>>> problem you were observing. I think there is a subtle race possible when
>>>>>> AIO DIO write completes before __blockdev_direct_IO() returns. In that case
>>>>>> we set iocb->private to NULL in ext4_end_io_dio() but we also key off
>>>>>> iocb->private in ext4_ext_direct_IO() as:
>>>>>>                 if (iocb->private)
>>>>>>                         ext4_inode_aio_set(inode, NULL);
>>>>>>
>>>>>> So in the case above we forget to reset inode's AIO pointer. That can then
>>>>>> cause strange effects with unwritten extent handling (although I admit I'm
>>>>>> not sure whether it can also cause the failure you observe) and
>>>>>> 97a851ed71cd9cc2542955e92a001c6ea3d21d35 actually fixes that bug. You can
>>>>>> easily check whether you are hitting that bug or not by changing the above
>>>>>> condition from testing iocb->private to testing some private variable...
>>>>>> E.g. you could declare io_end and set it to NULL one level up in 
>>>>>> ext4_ext_direct_IO() and then test io_end != NULL in that condition.
>>>>>>
>>>>> Thanks for your reply first. 
>>>>> I change the code like the follow:
>>>>>
>>>>> @@ -2921,6 +2921,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
>>>>>         struct inode *inode = file->f_mapping->host;
>>>>>         ssize_t ret;
>>>>>         size_t count = iov_length(iov, nr_segs);
>>>>> +       ext4_io_end_t *io_end = NULL;
>>>>>
>>>>>         loff_t final_size = offset + count;
>>>>>         if (rw == WRITE && final_size <= inode->i_size) {
>>>>> @@ -2947,8 +2948,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
>>>>>                 iocb->private = NULL;
>>>>>                 EXT4_I(inode)->cur_aio_dio = NULL;
>>>>>                 if (!is_sync_kiocb(iocb)) {
>>>>> -                       ext4_io_end_t *io_end =
>>>>> -                               ext4_init_io_end(inode, GFP_NOFS);
>>>>> +                       io_end = ext4_init_io_end(inode, GFP_NOFS);
>>>>>                         if (!io_end)
>>>>>                                 return -ENOMEM;
>>>>>                         io_end->flag |= EXT4_IO_END_DIRECT;
>>>>> @@ -2970,8 +2970,10 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
>>>>>                                          ext4_end_io_dio,
>>>>>                                          NULL,
>>>>>                                          DIO_LOCKING);
>>>>> -               if (iocb->private)
>>>>> +               if (io_end != NULL) {
>>>>> +                       printk("Zhao Hongjiang Ext4 test!\n");
>>>>>                         EXT4_I(inode)->cur_aio_dio = NULL;
>>>>> +               }
>>>>>                 /*
>>>>>                  * The io_end structure takes a reference to the inode,
>>>>>                  * that structure needs to be destroyed and the
>>>>>
>>>>> And the print come out when i run the test everytime. So i think the test
>>>>> hit the bug that you mentioned, Am i right or miss something?
>>>>   It is not a bug that you hit the branch with printk(). It would be a bug
>>>> if the debug check looked like:
>>>> 	if (io_end != NULL) {
>>>> 		if (iocb->private == NULL)
>>>> 			printk("Bug happened!\n");
>>>> 		EXT4_I(inode)->cur_aio_dio = NULL;
>>>> 	}
>>>>
>>>> 								Honza
>>>>
>>>>>>> On 2013/6/9 6:30, Theodore Ts'o wrote:
>>>>>>>> On Sat, Jun 08, 2013 at 11:13:35AM +0800, Zhao Hongjiang wrote:
>>>>>>>>>
>>>>>>>>> I run xfstests #239 against mainline 3.10.0-rc3, unfortunately it failure in my QEMU. I run the
>>>>>>>>> case a hundred times, it certainly hit the failure several times. The failure msg is as follow:
>>>>>>>>>
>>>>>>>>> FSTYP         -- ext4
>>>>>>>>> PLATFORM      -- Linux/x86_64  3.10.0-rc3-mainline
>>>>>>>>>
>>>>>>>>> generic/239 1s ... - output mismatch (see /home/zhj/xfstests/results/generic/239.out.bad)
>>>>>>>>>     --- tests/generic/239.out   2013-06-07 22:04:09.000000000 -0400
>>>>>>>>>     +++ /home/zff/xfstests/results/generic/239.out.bad  2013-06-07 22:04:09.000000000 -0400
>>>>>>>>>     @@ -1,2 +1,515 @@
>>>>>>>>>      QA output created by 239
>>>>>>>>>     +hostname: Host name lookup failure
>>>>>>>>
>>>>>>>> OK, so this hostname failure is weird; I'm not sure what's causing
>>>>>>>> this, but this I presume unrelated to the failure at hand.
>>>>>>>>
>>>>>>>>>      Silence is golden
>>>>>>>>>     +0: 0x0
>>>>>>>>>     +1: 0x0
>>>>>>>>>     +2: 0x0
>>>>>>>>>     +3: 0x0
>>>>>>>>
>>>>>>>> This indicates a problem.  Test generic/239 is running
>>>>>>>> aio-dio-hole-filling-race.c, which submits an asynchronous, direct I/O
>>>>>>>> 4k write with a buffer containing non-zero contents to a sparse file,
>>>>>>>> and once the I/O has completed, it uses pread to read it back, using
>>>>>>>> the same descriptor, so it is doing the read using direct I/O.  It
>>>>>>>> then checks to see if the read returns zero or not.  
>>>>>>>>
>>>>>>>> The "XX: 0x0" lines indicates that buffer is zero, which implies that
>>>>>>>> somehow aio_complete() is getting called before the uninitialized to
>>>>>>>> initialized conversion is taking place.  I'm not seeing how this is
>>>>>>>> happening, though, so I'm a bit puzzled.  If there are any unwritten
>>>>>>>> extents, we don't call aio_complete() in ext4_end_io_dio(), but
>>>>>>>> instead the conversion is queued via a call to ext4_add_compete_io(),
>>>>>>>> and and aio_done() is only called on the iocb after the conversion is
>>>>>>>> complete.
>>>>>>>>
>>>>>>>> Can anyone see something that I might be missing?
>>>>>>>>
>>>>>>>>     	       		      	      - Ted
>>>>>>>>
>>>>>>>> P.S.  Zhao, what was the hardware that you using to find this failure?
>>>>>>>> I'm not seeing it, but then again if the failure is only happening
>>>>>>>> once every few hundred runs that might explain it.  I'm perhaps
>>>>>>>> wondering if we should add a mode to aio-dio-hole-filling-race.c which
>>>>>>>> allows it to try the race a large number of times, instead of just
>>>>>>>> once.
>>>>>>>>
>>>>>>>> P.P.S.  One thought.... perhaps it might be useful to have a debug
>>>>>>>> mode where we use queue_delayed_work() to submit the conversion
>>>>>>>> request to the workqueue.  It will of course make certain workloads
>>>>>>>> run slow as molasses, but it might expose some races so we can see
>>>>>>>> them more easily.
>>>>>>>>
>>>>>>>> .
>>>
>>>
>> -- 
>> Jan Kara <jack@xxxxxxx>
>> SUSE Labs, CR


--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Reiser Filesystem Development]     [Ceph FS]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite National Park]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]     [Linux Media]

  Powered by Linux