On 11/12/19 6:37 AM, Brian Foster wrote:
On Wed, Nov 06, 2019 at 06:28:00PM -0700, Allison Collins wrote:
This patch modifies the attr remove routines to be delay ready.
This means they no longer roll or commit transactions, but instead
return -EAGAIN to have the calling routine roll and refresh the
transaction. In this series, xfs_attr_remove_args has become
xfs_attr_remove_later, which uses a state machine to keep track
of where it was when EAGAIN was returned. xfs_attr_node_removename
has also been modified to use the state machine, and a new version of
xfs_attr_remove_args consists of a simple loop to refresh the
transaction until the operation is completed.
Signed-off-by: Allison Collins <allison.henderson@xxxxxxxxxx>
---
On a cursory look, this is definitely more along the lines of what I was
thinking on the previous revisions. I would like to see if we can get a
bit more refactoring/cleanup before this point though. Further thoughts
inline..
fs/xfs/libxfs/xfs_attr.c | 123 +++++++++++++++++++++++++++++++++++++++--------
fs/xfs/libxfs/xfs_attr.h | 1 +
2 files changed, 104 insertions(+), 20 deletions(-)
diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c
index 626d4a98..38d5c5c 100644
--- a/fs/xfs/libxfs/xfs_attr.c
+++ b/fs/xfs/libxfs/xfs_attr.c
@@ -369,10 +369,56 @@ xfs_has_attr(
*/
int
xfs_attr_remove_args(
+ struct xfs_da_args *args)
+{
+ int error = 0;
+ int err2 = 0;
+
+ do {
+ error = xfs_attr_remove_later(args);
+ if (error && error != -EAGAIN)
+ goto out;
xfs_attr_remove_later() strikes me as an odd name with respect to the
functionality. Perhaps something like xfs_attr_remove_step() is
(slightly) more accurate..?
Sure that's fine. I think Darrick had proposed the *_later scheme in an
earlier review but that was when the code paths were split. Darrick,
does the *_step scheme work for you?
+
+ xfs_trans_log_inode(args->trans, args->dp,
+ XFS_ILOG_CORE | XFS_ILOG_ADATA);
+
+ err2 = xfs_trans_roll(&args->trans);
+ if (err2) {
+ error = err2;
Also do we really need two error codes in this function? It seems like
we should be able to write this with one, but I haven't tried it..
No, because then we'll loose the xfs_attr_remove_later return code,
which is either 0 or EAGAIN at this point. And we need that to drive
the loop. To get rid of err2, we'd need another "not_done" variable or
something. Like:
do {
...
not_done = (error == -EAGAIN);
...
} while (not_done)
Not sure if not_done is really preferable to err2?
+ goto out;
+ }
+
+ /* Rejoin inode */
+ xfs_trans_ijoin(args->trans, args->dp, 0);
+
+ } while (error == -EAGAIN);
+out:
+ return error;
+}
+
+/*
+ * Remove the attribute specified in @args.
+ * This routine is meant to function as a delayed operation, and may return
+ * -EGAIN when the transaction needs to be rolled. Calling functions will need
+ * to handle this, and recall the function until a successful error code is
+ * returned.
+ */
+int
+xfs_attr_remove_later(
struct xfs_da_args *args)
{
struct xfs_inode *dp = args->dp;
- int error;
+ int error = 0;
+
+ /* State machine switch */
+ switch (args->dc.dc_state) {
+ case XFS_DC_RM_INVALIDATE:
+ case XFS_DC_RM_SHRINK:
+ case XFS_DC_RM_NODE_BLKS:
+ goto node;
+ default:
+ break;
+ }
if (!xfs_inode_hasattr(dp)) {
error = -ENOATTR;
@@ -382,6 +428,7 @@ xfs_attr_remove_args(
} else if (xfs_bmap_one_block(dp, XFS_ATTR_FORK)) {
error = xfs_attr_leaf_removename(args);
} else {
+node:
error = xfs_attr_node_removename(args);
}
@@ -892,9 +939,6 @@ xfs_attr_leaf_removename(
/* bp is gone due to xfs_da_shrink_inode */
if (error)
return error;
- error = xfs_defer_finish(&args->trans);
- if (error)
- return error;
}
return 0;
}
@@ -1212,6 +1256,11 @@ xfs_attr_node_addname(
* This will involve walking down the Btree, and may involve joining
* leaf nodes and even joining intermediate nodes up to and including
* the root node (a special case of an intermediate node).
+ *
+ * This routine is meant to function as a delayed operation, and may return
+ * -EAGAIN when the transaction needs to be rolled. Calling functions
+ * will need to handle this, and recall the function until a successful error
+ * code is returned.
*/
STATIC int
xfs_attr_node_removename(
@@ -1222,12 +1271,29 @@ xfs_attr_node_removename(
struct xfs_buf *bp;
int retval, error, forkoff;
struct xfs_inode *dp = args->dp;
+ int done = 0;
trace_xfs_attr_node_removename(args);
+ state = args->dc.da_state;
+ blk = args->dc.blk;
+
+ /* State machine switch */
+ switch (args->dc.dc_state) {
+ case XFS_DC_RM_NODE_BLKS:
+ goto rm_node_blks;
+ case XFS_DC_RM_INVALIDATE:
+ goto rm_invalidate;
+ case XFS_DC_RM_SHRINK:
+ goto rm_shrink;
+ default:
+ break;
I wonder if it's worth having an explicit state for the initial path.
That could be useful for readability and debuggability in the future.
We could, it will just require to the calling function to set that
before state calling it.
Mechanically, I dont think it would hurt anything, but it may lead to
developer wonderments like... "Where's the EAGAIN for this state?"
"Shouldnt this state appear in the switch up top too?" Or if it does
"Why do we have it here, if it never executes?" "I wonder if i should
sent a patch to take it out..." :-)
Puzzlement aside though, I cant quite think of what condition it would
help to debug? It's not an error for the statemachine to hold a value
outside of the helpers scope. It just means the caller was using it up
to this point. Helpers really shouldnt have enough context about their
callers to know or care what the caller states mean. If we added a
special init state, all the default statement would really mean is: "The
caller forgot to set the init state".
Thoughts?
+ }
error = xfs_attr_node_hasname(args, &state);
if (error != -EEXIST)
goto out;
+ else
+ error = 0;
/*
* If there is an out-of-line value, de-allocate the blocks.
@@ -1237,6 +1303,14 @@ xfs_attr_node_removename(
blk = &state->path.blk[ state->path.active-1 ];
ASSERT(blk->bp != NULL);
ASSERT(blk->magic == XFS_ATTR_LEAF_MAGIC);
+
+ /*
+ * Store blk and state in the context incase we need to cycle out the
+ * transaction
+ */
+ args->dc.blk = blk;
+ args->dc.da_state = state;
+
if (args->rmtblkno > 0) {
/*
* Fill in disk block numbers in the state structure
@@ -1255,13 +1329,30 @@ xfs_attr_node_removename(
if (error)
goto out;
- error = xfs_trans_roll_inode(&args->trans, args->dp);
+ args->dc.dc_state = XFS_DC_RM_INVALIDATE;
+ return -EAGAIN;
+rm_invalidate:
+ error = xfs_attr_rmtval_invalidate(args);
if (error)
goto out;
+rm_node_blks:
While I think the design is the right idea, jumping down into a function
like this is pretty hairy. I think we should try to further break this
function down into smaller elements one way or another that model the
steps defined by the state structure. There's probably multiple ways to
do that. For example, the remote attr bits could be broken down into
a subfunction that processes the couple of states associated with remote
blocks. That said, ISTM it might be wiser to try and keep the state
processing in one place if possible. That would imply to break the
remote processing loop down into a couple functions. All in all, this
function might end up looking something like:
xfs_attr_node_removename()
{
/* switch statement and comment to document each state */
error = xfs_attr_node_hasname(args, &state);
...
if (remote) {
error = do_setflag();
if (error)
return error;
/* roll */
state = INVALIDATE;
return -EAGAIN;
}
rmt_invalidate:
state = INVALIDATE;
if (remote)
do_invalidate();
/* fallthru */
rmt_rm_blks:
state = RM_NODE_BLKS;
if (remote) {
/* loops and returns -EAGAIN until we fallthru */
error = rmt_remove_step();
if (error)
return error;
xfs_attr_refillstate();
}
/* maybe worth a new state here? */
removename:
state = REMOVENAME;
xfs_attr3_leaf_remove();
...
if (...) {
state = SHRINK;
return -EAGAIN;
}
shrink:
state = SHRINK;
error = do_shrink();
return 0;
}
Ok, I had to go over this a few times, but I think I understand what
you're describing. Will update in the next version
I'm not totally sold on the idea of rolling the state forward explicitly
like this, but it seems like it could be a bit more maintainable.
I think it is. Having a dedicated struct just for this purpose
alleviates a lot of struggle with trying to grab onto things like the
fork or the incomplete flags to represent what we're trying to do here.
Doing so also overloads their original intent in that if these
structures ever change in the future, it may break something that the
state machine depends on. In this solution, they remain disjoint
concepts dedicated to their purpose. And anyway, I couldn't completely
escape the state machine in the previous set. I still had to add the
extra flag space which functioned more or less like "i was here" tick
marks. If we have to have it, we may as well leverage what it can do.
For example I can drop patch 11 from this set because I don't need the
extra isset helpers to see if it's already been done.
All in
all this is still fairly ugly, but this is mostly a mechanical attempt
to keep state management isolated and we can polish it up from there.
Thoughts?
Yes, at this point, I do kind of feel like it's the least of the ugly
prototypes. So I'm just kind of proceeding, with caution. :-)
Thanks for the in depths reviews!! I know its a lot! Much appreciated!!
Allison
Brian
+ /*
+ * Unmap value blocks for this attr. This is similar to
+ * xfs_attr_rmtval_remove, but open coded here to return EAGAIN
+ * for new transactions
+ */
+ while (!done && !error) {
+ error = xfs_bunmapi(args->trans, args->dp,
+ args->rmtblkno, args->rmtblkcnt,
+ XFS_BMAPI_ATTRFORK, 1, &done);
+ if (error)
+ return error;
- error = xfs_attr_rmtval_remove(args);
- if (error)
- goto out;
+ if (!done) {
+ args->dc.dc_state = XFS_DC_RM_NODE_BLKS;
+ return -EAGAIN;
+ }
+ }
/*
* Refill the state structure with buffers, the prior calls
@@ -1287,17 +1378,12 @@ xfs_attr_node_removename(
error = xfs_da3_join(state);
if (error)
goto out;
- error = xfs_defer_finish(&args->trans);
- if (error)
- goto out;
- /*
- * Commit the Btree join operation and start a new trans.
- */
- error = xfs_trans_roll_inode(&args->trans, dp);
- if (error)
- goto out;
+
+ args->dc.dc_state = XFS_DC_RM_SHRINK;
+ return -EAGAIN;
}
+rm_shrink:
/*
* If the result is small enough, push it all into the inode.
*/
@@ -1319,9 +1405,6 @@ xfs_attr_node_removename(
/* bp is gone due to xfs_da_shrink_inode */
if (error)
goto out;
- error = xfs_defer_finish(&args->trans);
- if (error)
- goto out;
} else
xfs_trans_brelse(args->trans, bp);
}
diff --git a/fs/xfs/libxfs/xfs_attr.h b/fs/xfs/libxfs/xfs_attr.h
index 3b5dad4..fb8bf5b 100644
--- a/fs/xfs/libxfs/xfs_attr.h
+++ b/fs/xfs/libxfs/xfs_attr.h
@@ -152,6 +152,7 @@ int xfs_attr_set_args(struct xfs_da_args *args);
int xfs_attr_remove(struct xfs_inode *dp, struct xfs_name *name, int flags);
int xfs_has_attr(struct xfs_da_args *args);
int xfs_attr_remove_args(struct xfs_da_args *args);
+int xfs_attr_remove_later(struct xfs_da_args *args);
int xfs_attr_list(struct xfs_inode *dp, char *buffer, int bufsize,
int flags, struct attrlist_cursor_kern *cursor);
bool xfs_attr_namecheck(const void *name, size_t length);
--
2.7.4
