Commit e4d3c4a4 authored by Dave Chinner's avatar Dave Chinner Committed by Alex Elder

xfs: fix race condition in AIL push trigger

The recent conversion of the xfsaild functionality to a work queue
introduced a hard-to-hit log space grant hang. One is caused by a
race condition in determining whether there is a psh in progress or
not.

The XFS_AIL_PUSHING_BIT is used to determine whether a push is
currently in progress.  When the AIL push work completes, it checked
whether the target changed and cleared the PUSHING bit to allow a
new push to be requeued. The race condition is as follows:

	Thread 1		push work

	smp_wmb()
				smp_rmb()
				check ailp->xa_target unchanged
	update ailp->xa_target
	test/set PUSHING bit
	does not queue
				clear PUSHING bit
				does not requeue

Now that the push target is updated, new attempts to push the AIL
will not trigger as the push target will be the same, and hence
despite trying to push the AIL we won't ever wake it again.

The fix is to ensure that the AIL push work clears the PUSHING bit
before it checks if the target is unchanged.

As a result, both push triggers operate on the same test/set bit
criteria, so even if we race in the push work and miss the target
update, the thread requesting the push will still set the PUSHING
bit and queue the push work to occur. For safety sake, the same
queue check is done if the push work detects the target change,
though only one of the two will will queue new work due to the use
of test_and_set_bit() checks.
Signed-off-by: default avatarDave Chinner <dchinner@redhat.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Reviewed-by: default avatarAlex Elder <aelder@sgi.com>
parent fd5670f2
...@@ -487,15 +487,19 @@ xfs_ail_worker( ...@@ -487,15 +487,19 @@ xfs_ail_worker(
ailp->xa_last_pushed_lsn = 0; ailp->xa_last_pushed_lsn = 0;
/* /*
* Check for an updated push target before clearing the * We clear the XFS_AIL_PUSHING_BIT first before checking
* XFS_AIL_PUSHING_BIT. If the target changed, we've got more * whether the target has changed. If the target has changed,
* work to do. Wait a bit longer before starting that work. * this pushes the requeue race directly onto the result of the
* atomic test/set bit, so we are guaranteed that either the
* the pusher that changed the target or ourselves will requeue
* the work (but not both).
*/ */
smp_rmb();
if (XFS_LSN_CMP(ailp->xa_target, target) == 0) {
clear_bit(XFS_AIL_PUSHING_BIT, &ailp->xa_flags); clear_bit(XFS_AIL_PUSHING_BIT, &ailp->xa_flags);
smp_rmb();
if (XFS_LSN_CMP(ailp->xa_target, target) == 0 ||
test_and_set_bit(XFS_AIL_PUSHING_BIT, &ailp->xa_flags))
return; return;
}
tout = 50; tout = 50;
} else if (XFS_LSN_CMP(lsn, target) >= 0) { } else if (XFS_LSN_CMP(lsn, target) >= 0) {
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment