| blob | 537bd19487417bf10793bdd3b61a433ad74b335c |
1 /*
2 * Copyright (c) 2007-2008 The DragonFly Project. All rights reserved.
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $DragonFly: src/sys/vfs/hammer/hammer_inode.c,v 1.114 2008/09/24 00:53:51 dillon Exp $
35 */
38 #include <vm/vm_extern.h>
39 #include <sys/buf.h>
40 #include <sys/buf2.h>
47 #if 0
49 #endif
51 hammer_flush_group_t flg);
53 hammer_flush_group_t flg);
56 #ifdef DEBUG_TRUNCATE
58 #endif
60 /*
61 * RB-Tree support for inode structures
62 */
63 int
65 {
79 }
81 /*
82 * RB-Tree support for inode structures / special LOOKUP_INFO
83 */
84 static int
86 {
100 }
102 /*
103 * Used by hammer_scan_inode_snapshots() to locate all of an object's
104 * snapshots. Note that the asof field is not tested, which we can get
105 * away with because it is the lowest-priority field.
106 */
107 static int
109 {
121 }
123 /*
124 * Used by hammer_unload_pseudofs() to locate all inodes associated with
125 * a particular PFS.
126 */
127 static int
129 {
136 }
138 /*
139 * RB-Tree support for pseudofs structures
140 */
141 static int
143 {
149 }
158 /*
159 * The kernel is not actively referencing this vnode but is still holding
160 * it cached.
161 *
162 * This is called from the frontend.
163 */
164 int
166 {
169 /*
170 * Degenerate case
171 */
175 }
177 /*
178 * If the inode no longer has visibility in the filesystem try to
179 * recycle it immediately, even if the inode is dirty. Recycling
180 * it quickly allows the system to reclaim buffer cache and VM
181 * resources which can matter a lot in a heavily loaded system.
182 *
183 * This can deadlock in vfsync() if we aren't careful.
184 *
185 * Do not queue the inode to the flusher if we still have visibility,
186 * otherwise namespace calls such as chmod will unnecessarily generate
187 * multiple inode updates.
188 */
194 }
196 }
198 /*
199 * Release the vnode association. This is typically (but not always)
200 * the last reference on the inode.
201 *
202 * Once the association is lost we are on our own with regards to
203 * flushing the inode.
204 */
205 int
207 {
209 hammer_mount_t hmp;
223 }
225 }
227 }
229 /*
230 * Return a locked vnode for the specified inode. The inode must be
231 * referenced but NOT LOCKED on entry and will remain referenced on
232 * return.
233 *
234 * Called from the frontend.
235 */
236 int
238 {
239 hammer_mount_t hmp;
242 u_int8_t obj_type;
257 }
279 }
281 /*
282 * Only mark as the root vnode if the ip is not
283 * historical, otherwise the VFS cache will get
284 * confused. The other half of the special handling
285 * is in hammer_vop_nlookupdotdot().
286 *
287 * Pseudo-filesystem roots can be accessed via
288 * non-root filesystem paths and setting VROOT may
289 * confuse the namecache. Set VPFSROOT instead.
290 */
295 else
297 }
300 /* vnode locked by getnewvnode() */
301 /* make related vnode dirty if inode dirty? */
306 }
308 /*
309 * loop if the vget fails (aka races), or if the vp
310 * no longer matches ip->vp.
311 */
316 }
317 }
320 }
322 /*
323 * Locate all copies of the inode for obj_id compatible with the specified
324 * asof, reference, and issue the related call-back. This routine is used
325 * for direct-io invalidation and does not create any new inodes.
326 */
327 void
331 {
333 hammer_inode_info_cmp_all_history,
335 }
337 /*
338 * Acquire a HAMMER inode. The returned inode is not locked. These functions
339 * do not attach or detach the related vnode (use hammer_get_vnode() for
340 * that).
341 *
342 * The flags argument is only applied for newly created inodes, and only
343 * certain flags are inherited.
344 *
345 * Called from the frontend.
346 */
351 {
358 /*
359 * Determine if we already have an inode cached. If we do then
360 * we are golden.
361 *
362 * If we find an inode with no vnode we have to mark the
363 * transaction such that hammer_inode_waitreclaims() is
364 * called later on to avoid building up an infinite number
365 * of inodes. Otherwise we can continue to * add new inodes
366 * faster then they can be disposed of, even with the tsleep
367 * delay.
368 */
372 loop:
375 #if 0
378 #endif
382 }
384 /*
385 * Allocate a new inode structure and deal with races later.
386 */
405 /*
406 * Locate the on-disk inode. If this is a PFS root we always
407 * access the current version of the root inode and (if it is not
408 * a master) always access information under it with a snapshot
409 * TID.
410 */
411 retry:
423 HAMMER_CURSOR_ASOF;
429 }
431 /*
432 * On success the B-Tree lookup will hold the appropriate
433 * buffer cache buffers and provide a pointer to the requested
434 * information. Copy the information to the in-memory inode
435 * and cache the B-Tree node to improve future operations.
436 */
441 /*
442 * cache[0] tries to cache the location of the object inode.
443 * The assumption is that it is near the directory inode.
444 *
445 * cache[1] tries to cache the location of the object data.
446 * The assumption is that it is near the directory data.
447 */
452 /*
453 * The file should not contain any data past the file size
454 * stored in the inode. Setting save_trunc_off to the
455 * file size instead of max reduces B-Tree lookup overheads
456 * on append by allowing the flusher to avoid checking for
457 * record overwrites.
458 */
461 /*
462 * Locate and assign the pseudofs management structure to
463 * the inode.
464 */
471 errorp);
473 }
474 }
476 /*
477 * The inode is placed on the red-black tree and will be synced to
478 * the media when flushed or by the filesystem sync. If this races
479 * another instantiation/lookup the insertion will fail.
480 */
486 }
492 }
496 }
500 }
502 /*
503 * Create a new filesystem object, returning the inode in *ipp. The
504 * returned inode will be referenced. The inode is created in-memory.
505 *
506 * If pfsm is non-NULL the caller wishes to create the root inode for
507 * a master PFS.
508 */
509 int
513 {
514 hammer_mount_t hmp;
515 hammer_inode_t ip;
516 uid_t xuid;
534 }
546 /* ip->save_trunc_off = 0; (already zero) */
555 /*
556 * A nohistory designator on the parent directory is inherited by
557 * the child. We will do this even for pseudo-fs creation... the
558 * sysad can turn it off.
559 */
563 }
567 HAMMER_LOCALIZE_INODE;
580 /*
581 * If we are running version 2 or greater we use dirhash algorithm #1
582 * which is semi-sorted. Algorithm #0 was just a pure crc.
583 */
587 }
588 }
590 /*
591 * Setup the ".." pointer. This only needs to be done for directories
592 * but we do it for all objects as a recovery aid.
593 */
596 #if 0
597 /*
598 * The parent_obj_localization field only applies to pseudo-fs roots.
599 * XXX this is no longer applicable, PFSs are no longer directly
600 * tied into the parent's directory structure.
601 */
606 }
607 #endif
617 }
619 /*
620 * Calculate default uid/gid and overwrite with information from
621 * the vap.
622 */
629 }
636 else
661 }
668 /* not reached */
670 }
673 }
675 /*
676 * Final cleanup / freeing of an inode structure
677 */
678 static void
680 {
695 }
698 }
700 /*
701 * Retrieve pseudo-fs data. NULL will never be returned.
702 *
703 * If an error occurs *errorp will be set and a default template is returned,
704 * otherwise *errorp is set to 0. Typically when an error occurs it will
705 * be ENOENT.
706 */
707 hammer_pseudofs_inmem_t
710 {
712 hammer_inode_t ip;
713 hammer_pseudofs_inmem_t pfsm;
717 retry:
723 }
725 /*
726 * PFS records are stored in the root inode (not the PFS root inode,
727 * but the real root). Avoid an infinite recursion if loading
728 * the PFS for the real root.
729 */
732 HAMMER_MAX_TID,
736 }
745 HAMMER_LOCALIZE_MISC;
757 else
763 HAMMER_PFSD_DELETED) {
770 }
771 }
772 }
782 }
784 }
786 /*
787 * Store pseudo-fs data. The backend will automatically delete any prior
788 * on-disk pseudo-fs data but we have to delete in-memory versions.
789 */
790 int
792 {
794 hammer_record_t record;
795 hammer_inode_t ip;
800 retry:
804 HAMMER_LOCALIZE_MISC;
825 }
826 }
832 HAMMER_LOCALIZE_MISC;
838 }
844 }
846 /*
847 * Create a root directory for a PFS if one does not alredy exist.
848 *
849 * The PFS root stands alone so we must also bump the nlinks count
850 * to prevent it from being destroyed on release.
851 */
852 int
854 hammer_pseudofs_inmem_t pfsm)
855 {
856 hammer_inode_t ip;
870 }
871 }
875 }
877 /*
878 * Unload any vnodes & inodes associated with a PFS, return ENOTEMPTY
879 * if we are unable to disassociate all the inodes.
880 */
881 static
882 int
884 {
892 else
896 }
898 int
900 {
906 hammer_inode_pfs_cmp,
907 hammer_unload_pseudofs_callback,
912 }
916 }
919 /*
920 * Release a reference on a PFS
921 */
922 void
924 {
929 }
930 }
932 /*
933 * Called by hammer_sync_inode().
934 */
935 static int
937 {
939 hammer_record_t record;
943 retry:
946 /*
947 * If the inode has a presence on-disk then locate it and mark
948 * it deleted, setting DELONDISK.
949 *
950 * The record may or may not be physically deleted, depending on
951 * the retention policy.
952 */
954 HAMMER_INODE_ONDISK) {
957 HAMMER_LOCALIZE_INODE;
979 }
982 }
991 }
992 }
994 /*
995 * Ok, write out the initial record or a new record (after deleting
996 * the old one), unless the DELETED flag is set. This routine will
997 * clear DELONDISK if it writes out a record.
998 *
999 * Update our inode statistics if this is the first application of
1000 * the inode on-disk.
1001 */
1003 /*
1004 * Generate a record and write it to the media. We clean-up
1005 * the state before releasing so we do not have to set-up
1006 * a flush_group.
1007 */
1018 /*
1019 * If this flag is set we cannot sync the new file size
1020 * because we haven't finished related truncations. The
1021 * inode will be flushed in another flush group to finish
1022 * the job.
1023 */
1030 }
1046 }
1048 /*
1049 * The record isn't managed by the inode's record tree,
1050 * destroy it whether we succeed or fail.
1051 */
1057 /*
1058 * Finish up.
1059 */
1064 HAMMER_INODE_ATIME |
1065 HAMMER_INODE_MTIME);
1070 /*
1071 * Root volume count of inodes
1072 */
1077 vol0_stat_inodes);
1083 }
1085 }
1086 }
1088 /*
1089 * If the inode has been destroyed, clean out any left-over flags
1090 * that may have been set by the frontend.
1091 */
1094 HAMMER_INODE_ATIME |
1095 HAMMER_INODE_MTIME);
1096 }
1098 }
1100 /*
1101 * Update only the itimes fields.
1102 *
1103 * ATIME can be updated without generating any UNDO. MTIME is updated
1104 * with UNDO so it is guaranteed to be synchronized properly in case of
1105 * a crash.
1106 *
1107 * Neither field is included in the B-Tree leaf element's CRC, which is how
1108 * we can get away with updating ATIME the way we do.
1109 */
1110 static int
1112 {
1116 retry:
1118 HAMMER_INODE_ONDISK) {
1120 }
1124 HAMMER_LOCALIZE_INODE;
1142 /*
1143 * Updating MTIME requires an UNDO. Just cover
1144 * both atime and mtime.
1145 */
1149 HAMMER_ITIMES_BYTES);
1155 /*
1156 * Updating atime only can be done in-place with
1157 * no UNDO.
1158 */
1165 }
1167 }
1174 }
1176 }
1178 /*
1179 * Release a reference on an inode, flush as requested.
1180 *
1181 * On the last reference we queue the inode to the flusher for its final
1182 * disposition.
1183 */
1184 void
1186 {
1187 /*hammer_mount_t hmp = ip->hmp;*/
1189 /*
1190 * Handle disposition when dropping the last ref.
1191 */
1194 /*
1195 * Determine whether on-disk action is needed for
1196 * the inode's final disposition.
1197 */
1205 }
1210 /*
1211 * The inode still has multiple refs, try to drop
1212 * one ref.
1213 */
1218 }
1219 }
1220 }
1221 }
1223 /*
1224 * Unload and destroy the specified inode. Must be called with one remaining
1225 * reference. The reference is disposed of.
1226 *
1227 * The inode must be completely clean.
1228 */
1229 static int
1231 {
1249 }
1251 /*
1252 * Called during unmounting if a critical error occured. The in-memory
1253 * inode and all related structures are destroyed.
1254 *
1255 * If a critical error did not occur the unmount code calls the standard
1256 * release and asserts that the inode is gone.
1257 */
1258 int
1260 {
1261 hammer_record_t rec;
1263 /*
1264 * Get rid of the inodes in-memory records, regardless of their
1265 * state, and clear the mod-mask.
1266 */
1272 }
1276 else
1284 }
1289 /*
1290 * Remove the inode from any flush group, force it idle. FLUSH
1291 * and SETUP states have an inode ref.
1292 */
1298 /* fall through */
1302 /* fall through */
1305 }
1307 /*
1308 * There shouldn't be any associated vnode. The unload needs at
1309 * least one ref, if we do have a vp steal its ip ref.
1310 */
1318 }
1321 }
1323 /*
1324 * Called on mount -u when switching from RW to RO or vise-versa. Adjust
1325 * the read-only flag for cached inodes.
1326 *
1327 * This routine is called from a RB_SCAN().
1328 */
1329 int
1331 {
1336 else
1339 }
1341 /*
1342 * A transaction has modified an inode, requiring updates as specified by
1343 * the passed flags.
1344 *
1345 * HAMMER_INODE_DDIRTY: Inode data has been updated
1346 * HAMMER_INODE_XDIRTY: Dirty in-memory records
1347 * HAMMER_INODE_BUFS: Dirty buffer cache buffers
1348 * HAMMER_INODE_DELETED: Inode record/data must be deleted
1349 * HAMMER_INODE_ATIME/MTIME: mtime/atime has been updated
1350 */
1351 void
1353 {
1354 /*
1355 * ronly of 0 or 2 does not trigger assertion.
1356 * 2 is a special error state
1357 */
1365 }
1368 }
1370 /*
1371 * Request that an inode be flushed. This whole mess cannot block and may
1372 * recurse (if not synchronous). Once requested HAMMER will attempt to
1373 * actively flush the inode until the flush can be done.
1374 *
1375 * The inode may already be flushing, or may be in a setup state. We can
1376 * place the inode in a flushing state if it is currently idle and flag it
1377 * to reflush if it is currently flushing.
1378 *
1379 * Upon return if the inode could not be flushed due to a setup
1380 * dependancy, then it will be automatically flushed when the dependancy
1381 * is satisfied.
1382 */
1383 void
1385 {
1386 hammer_mount_t hmp;
1387 hammer_flush_group_t flg;
1390 /*
1391 * next_flush_group is the first flush group we can place the inode
1392 * in. It may be NULL. If it becomes full we append a new flush
1393 * group and make that the next_flush_group.
1394 */
1402 }
1408 }
1410 /*
1411 * Trivial 'nothing to flush' case. If the inode is in a SETUP
1412 * state we have to put it back into an IDLE state so we can
1413 * drop the extra ref.
1414 *
1415 * If we have a parent dependancy we must still fall through
1416 * so we can run it.
1417 */
1423 }
1426 }
1428 /*
1429 * Our flush action will depend on the current state.
1430 */
1433 /*
1434 * We have no dependancies and can flush immediately. Some
1435 * our children may not be flushable so we have to re-test
1436 * with that additional knowledge.
1437 */
1441 /*
1442 * Recurse upwards through dependancies via target_list
1443 * and start their flusher actions going if possible.
1444 *
1445 * 'good' is our connectivity. -1 means we have none and
1446 * can't flush, 0 means there weren't any dependancies, and
1447 * 1 means we have good connectivity.
1448 */
1452 /*
1453 * We can continue if good >= 0. Determine how
1454 * many records under our inode can be flushed (and
1455 * mark them).
1456 */
1459 /*
1460 * Parent has no connectivity, tell it to flush
1461 * us as soon as it does.
1462 *
1463 * The REFLUSH flag is also needed to trigger
1464 * dependancy wakeups.
1465 */
1467 HAMMER_INODE_REFLUSH;
1471 }
1472 }
1475 /*
1476 * We are already flushing, flag the inode to reflush
1477 * if needed after it completes its current flush.
1478 *
1479 * The REFLUSH flag is also needed to trigger
1480 * dependancy wakeups.
1481 */
1487 }
1489 }
1490 }
1492 /*
1493 * Scan ip->target_list, which is a list of records owned by PARENTS to our
1494 * ip which reference our ip.
1495 *
1496 * XXX This is a huge mess of recursive code, but not one bit of it blocks
1497 * so for now do not ref/deref the structures. Note that if we use the
1498 * ref/rel code later, the rel CAN block.
1499 */
1500 static int
1502 {
1503 hammer_record_t depend;
1515 }
1517 }
1519 /*
1520 * This helper function takes a record representing the dependancy between
1521 * the parent inode and child inode.
1522 *
1523 * record->ip = parent inode
1524 * record->target_ip = child inode
1525 *
1526 * We are asked to recurse upwards and convert the record from SETUP
1527 * to FLUSH if possible.
1528 *
1529 * Return 1 if the record gives us connectivity
1530 *
1531 * Return 0 if the record is not relevant
1532 *
1533 * Return -1 if we can't resolve the dependancy and there is no connectivity.
1534 */
1535 static int
1537 hammer_flush_group_t flg)
1538 {
1539 hammer_mount_t hmp;
1540 hammer_inode_t pip;
1547 /*
1548 * If the record is already flushing, is it in our flush group?
1549 *
1550 * If it is in our flush group but it is a general record or a
1551 * delete-on-disk, it does not improve our connectivity (return 0),
1552 * and if the target inode is not trying to destroy itself we can't
1553 * allow the operation yet anyway (the second return -1).
1554 */
1556 /*
1557 * If not in our flush group ask the parent to reflush
1558 * us as soon as possible.
1559 */
1564 }
1566 /*
1567 * If in our flush group everything is already set up,
1568 * just return whether the record will improve our
1569 * visibility or not.
1570 */
1574 }
1576 /*
1577 * It must be a setup record. Try to resolve the setup dependancies
1578 * by recursing upwards so we can place ip on the flush list.
1579 */
1584 /*
1585 * If good < 0 the parent has no connectivity and we cannot safely
1586 * flush the directory entry, which also means we can't flush our
1587 * ip. Flag the parent and us for downward recursion once the
1588 * parent's connectivity is resolved.
1589 */
1591 /* pip->flags |= HAMMER_INODE_CONN_DOWN; set by recursion */
1594 }
1596 /*
1597 * We are go, place the parent inode in a flushing state so we can
1598 * place its record in a flushing state. Note that the parent
1599 * may already be flushing. The record must be in the same flush
1600 * group as the parent.
1601 */
1607 #if 0
1610 /*
1611 * Regardless of flushing state we cannot sync this path if the
1612 * record represents a delete-on-disk but the target inode
1613 * is not ready to sync its own deletion.
1614 *
1615 * XXX need to count effective nlinks to determine whether
1616 * the flush is ok, otherwise removing a hardlink will
1617 * just leave the DEL record to rot.
1618 */
1622 #endif
1624 /*
1625 * Because we have not calculated nlinks yet we can just
1626 * set records to the flush state if the parent is in
1627 * the same flush group as we are.
1628 */
1634 /*
1635 * A general directory-add contributes to our visibility.
1636 *
1637 * Otherwise it is probably a directory-delete or
1638 * delete-on-disk record and does not contribute to our
1639 * visbility (but we can still flush it).
1640 */
1645 /*
1646 * If the parent is not in our flush group we cannot
1647 * flush this record yet, there is no visibility.
1648 * We tell the parent to reflush and mark ourselves
1649 * so the parent knows it should flush us too.
1650 */
1654 }
1655 }
1657 /*
1658 * This is the core routine placing an inode into the FST_FLUSH state.
1659 */
1660 static void
1662 {
1665 /*
1666 * Set flush state and prevent the flusher from cycling into
1667 * the next flush group. Do not place the ip on the list yet.
1668 * Inodes not in the idle state get an extra reference.
1669 */
1680 /*
1681 * If the flush group reaches the autoflush limit we want to signal
1682 * the flusher. This is particularly important for remove()s.
1683 */
1687 /*
1688 * We need to be able to vfsync/truncate from the backend.
1689 */
1694 }
1696 /*
1697 * Figure out how many in-memory records we can actually flush
1698 * (not including inode meta-data, buffers, etc).
1699 */
1702 /*
1703 * If this is a upwards recursion we do not want to
1704 * recurse down again!
1705 */
1707 #if 0
1709 /*
1710 * No new records are added if we must complete a flush
1711 * from a previous cycle, but we do have to move the records
1712 * from the previous cycle to the current one.
1713 */
1714 #if 0
1717 #endif
1719 #endif
1721 /*
1722 * Normal flush, scan records and bring them into the flush.
1723 * Directory adds and deletes are usually skipped (they are
1724 * grouped with the related inode rather then with the
1725 * directory).
1726 *
1727 * go_count can be negative, which means the scan aborted
1728 * due to the flush group being over-full and we should
1729 * flush what we have.
1730 */
1733 }
1735 /*
1736 * This is a more involved test that includes go_count. If we
1737 * can't flush, flag the inode and return. If go_count is 0 we
1738 * were are unable to flush any records in our rec_tree and
1739 * must ignore the XDIRTY flag.
1740 */
1752 }
1754 /*
1755 * REFLUSH is needed to trigger dependancy wakeups
1756 * when an inode is in SETUP.
1757 */
1762 }
1766 }
1767 }
1769 /*
1770 * Snapshot the state of the inode for the backend flusher.
1771 *
1772 * We continue to retain save_trunc_off even when all truncations
1773 * have been resolved as an optimization to determine if we can
1774 * skip the B-Tree lookup for overwrite deletions.
1775 *
1776 * NOTE: The DELETING flag is a mod flag, but it is also sticky,
1777 * and stays in ip->flags. Once set, it stays set until the
1778 * inode is destroyed.
1779 */
1787 /*
1788 * The save_trunc_off used to cache whether the B-Tree
1789 * holds any records past that point is not used until
1790 * after the truncation has succeeded, so we can safely
1791 * set it now.
1792 */
1795 }
1801 #ifdef DEBUG_TRUNCATE
1804 #endif
1806 /*
1807 * The flusher list inherits our inode and reference.
1808 */
1816 }
1817 }
1819 /*
1820 * Callback for scan of ip->rec_tree. Try to include each record in our
1821 * flush. ip->flush_group has been set but the inode has not yet been
1822 * moved into a flushing state.
1823 *
1824 * If we get stuck on a record we have to set HAMMER_INODE_REFLUSH on
1825 * both inodes.
1826 *
1827 * We return 1 for any record placed or found in FST_FLUSH, which prevents
1828 * the caller from shortcutting the flush.
1829 */
1830 static int
1832 {
1833 hammer_flush_group_t flg;
1834 hammer_inode_t target_ip;
1835 hammer_inode_t ip;
1838 /*
1839 * Deleted records are ignored. Note that the flush detects deleted
1840 * front-end records at multiple points to deal with races. This is
1841 * just the first line of defense. The only time DELETED_FE cannot
1842 * be set is when HAMMER_RECF_INTERLOCK_BE is set.
1843 *
1844 * Don't get confused between record deletion and, say, directory
1845 * entry deletion. The deletion of a directory entry that is on
1846 * the media has nothing to do with the record deletion flags.
1847 */
1854 }
1856 }
1858 /*
1859 * If the record is in an idle state it has no dependancies and
1860 * can be flushed.
1861 */
1868 /*
1869 * The record has no setup dependancy, we can flush it.
1870 */
1879 /*
1880 * The record has a setup dependancy. These are typically
1881 * directory entry adds and deletes. Such entries will be
1882 * flushed when their inodes are flushed so we do not
1883 * usually have to add them to the flush here. However,
1884 * if the target_ip has set HAMMER_INODE_CONN_DOWN then
1885 * it is asking us to flush this record (and it).
1886 */
1891 /*
1892 * If the target IP is already flushing in our group
1893 * we could associate the record, but target_ip has
1894 * already synced ino_data to sync_ino_data and we
1895 * would also have to adjust nlinks. Plus there are
1896 * ordering issues for adds and deletes.
1897 *
1898 * Reflush downward if this is an ADD, and upward if
1899 * this is a DEL.
1900 */
1904 else
1907 }
1909 /*
1910 * Target IP is not yet flushing. This can get complex
1911 * because we have to be careful about the recursion.
1912 *
1913 * Directories create an issue for us in that if a flush
1914 * of a directory is requested the expectation is to flush
1915 * any pending directory entries, but this will cause the
1916 * related inodes to recursively flush as well. We can't
1917 * really defer the operation so just get as many as we
1918 * can and
1919 */
1920 #if 0
1923 /*
1924 * We aren't reclaiming and the target ip was not
1925 * previously prevented from flushing due to this
1926 * record dependancy. Do not flush this record.
1927 */
1928 /*r = 0;*/
1930 #endif
1933 /*
1934 * Our flush group is over-full and we risk blowing
1935 * out the UNDO FIFO. Stop the scan, flush what we
1936 * have, then reflush the directory.
1937 *
1938 * The directory may be forced through multiple
1939 * flush groups before it can be completely
1940 * flushed.
1941 */
1943 HAMMER_INODE_REFLUSH;
1946 /*
1947 * If the target IP is not flushing we can force
1948 * it to flush, even if it is unable to write out
1949 * any of its own records we have at least one in
1950 * hand that we CAN deal with.
1951 */
1957 HAMMER_FLUSH_RECURSION);
1960 /*
1961 * General or delete-on-disk record.
1962 *
1963 * XXX this needs help. If a delete-on-disk we could
1964 * disconnect the target. If the target has its own
1965 * dependancies they really need to be flushed.
1966 *
1967 * XXX
1968 */
1974 HAMMER_FLUSH_RECURSION);
1976 }
1979 /*
1980 * The flush_group should already match.
1981 */
1985 }
1987 }
1989 #if 0
1990 /*
1991 * This version just moves records already in a flush state to the new
1992 * flush group and that is it.
1993 */
1994 static int
1996 {
2005 }
2007 }
2008 #endif
2010 /*
2011 * Wait for a previously queued flush to complete.
2012 *
2013 * If a critical error occured we don't try to wait.
2014 */
2015 void
2017 {
2018 hammer_flush_group_t flg;
2029 }
2030 }
2031 }
2032 }
2034 /*
2035 * Called by the backend code when a flush has been completed.
2036 * The inode has already been removed from the flush list.
2037 *
2038 * A pipelined flush can occur, in which case we must re-enter the
2039 * inode on the list and re-copy its fields.
2040 */
2041 void
2043 {
2044 hammer_mount_t hmp;
2051 /*
2052 * Auto-reflush if the backend could not completely flush
2053 * the inode. This fixes a case where a deferred buffer flush
2054 * could cause fsync to return early.
2055 */
2059 /*
2060 * Merge left-over flags back into the frontend and fix the state.
2061 * Incomplete truncations are retained by the backend.
2062 */
2067 /*
2068 * The backend may have adjusted nlinks, so if the adjusted nlinks
2069 * does not match the fronttend set the frontend's RDIRTY flag again.
2070 */
2074 /*
2075 * Fix up the dirty buffer status.
2076 */
2079 }
2081 /*
2082 * Re-set the XDIRTY flag if some of the inode's in-memory records
2083 * could not be flushed.
2084 */
2090 /*
2091 * Do not lose track of inodes which no longer have vnode
2092 * assocations, otherwise they may never get flushed again.
2093 *
2094 * The reflush flag can be set superfluously, causing extra pain
2095 * for no reason. If the inode is no longer modified it no longer
2096 * needs to be flushed.
2097 */
2103 }
2105 /*
2106 * Adjust the flush state.
2107 */
2109 /*
2110 * We were unable to flush out all our records, leave the
2111 * inode in a flush state and in the current flush group.
2112 * The flush group will be re-run.
2113 *
2114 * This occurs if the UNDO block gets too full or there is
2115 * too much dirty meta-data and allows the flusher to
2116 * finalize the UNDO block and then re-flush.
2117 */
2121 /*
2122 * Remove from the flush_group
2123 */
2127 /*
2128 * Clean up the vnode ref and tracking counts.
2129 */
2133 }
2137 /*
2138 * And adjust the state.
2139 */
2146 }
2148 /*
2149 * If the frontend is waiting for a flush to complete,
2150 * wake it up.
2151 */
2155 }
2157 /*
2158 * If the frontend made more changes and requested another
2159 * flush, then try to get it running.
2160 *
2161 * Reflushes are aborted when the inode is errored out.
2162 */
2170 }
2171 }
2172 }
2174 /*
2175 * If we have no parent dependancies we can clear CONN_DOWN
2176 */
2180 /*
2181 * If the inode is now clean drop the space reservation.
2182 */
2187 }
2191 }
2193 /*
2194 * Called from hammer_sync_inode() to synchronize in-memory records
2195 * to the media.
2196 */
2197 static int
2199 {
2205 /*
2206 * Skip records that do not belong to the current flush.
2207 */
2212 #if 1
2214 kprintf("sync_record %p ip %p bad flush group %p %p\n", record, record->ip, record->flush_group ,record->ip->flush_group);
2217 }
2218 #endif
2221 /*
2222 * Interlock the record using the BE flag. Once BE is set the
2223 * frontend cannot change the state of FE.
2224 *
2225 * NOTE: If FE is set prior to us setting BE we still sync the
2226 * record out, but the flush completion code converts it to
2227 * a delete-on-disk record instead of destroying it.
2228 */
2232 /*
2233 * The backend may have already disposed of the record.
2234 */
2238 }
2240 /*
2241 * If the whole inode is being deleting all on-disk records will
2242 * be deleted very soon, we can't sync any new records to disk
2243 * because they will be deleted in the same transaction they were
2244 * created in (delete_tid == create_tid), which will assert.
2245 *
2246 * XXX There may be a case with RECORD_ADD with DELETED_FE set
2247 * that we currently panic on.
2248 */
2252 /*
2253 * We don't have to do anything, if the record was
2254 * committed the space will have been accounted for
2255 * in the blockmap.
2256 */
2257 /* fall through */
2272 /*
2273 * Follow through and issue the on-disk deletion
2274 */
2276 }
2277 }
2279 /*
2280 * If DELETED_FE is set special handling is needed for directory
2281 * entries. Dependant pieces related to the directory entry may
2282 * have already been synced to disk. If this occurs we have to
2283 * sync the directory entry and then change the in-memory record
2284 * from an ADD to a DELETE to cover the fact that it's been
2285 * deleted by the frontend.
2286 *
2287 * A directory delete covering record (MEM_RECORD_DEL) can never
2288 * be deleted by the frontend.
2289 *
2290 * Any other record type (aka DATA) can be deleted by the frontend.
2291 * XXX At the moment the flusher must skip it because there may
2292 * be another data record in the flush group for the same block,
2293 * meaning that some frontend data changes can leak into the backend's
2294 * synchronization point.
2295 */
2304 }
2305 }
2307 /*
2308 * Assign the create_tid for new records. Deletions already
2309 * have the record's entire key properly set up.
2310 */
2323 }
2328 done:
2331 /*
2332 * Do partial finalization if we have built up too many dirty
2333 * buffers. Otherwise a buffer cache deadlock can occur when
2334 * doing things like creating tens of thousands of tiny files.
2335 *
2336 * We must release our cursor lock to avoid a 3-way deadlock
2337 * due to the exclusive sync lock the finalizer must get.
2338 */
2343 }
2346 }
2348 /*
2349 * Backend function called by the flusher to sync an inode to media.
2350 */
2351 int
2353 {
2355 hammer_node_t tmp_node;
2356 hammer_record_t depend;
2357 hammer_record_t next;
2359 u_int64_t nlinks;
2368 /*
2369 * Any directory records referencing this inode which are not in
2370 * our current flush group must adjust our nlink count for the
2371 * purposes of synchronization to disk.
2372 *
2373 * Records which are in our flush group can be unlinked from our
2374 * inode now, potentially allowing the inode to be physically
2375 * deleted.
2376 *
2377 * This cannot block.
2378 */
2385 /*
2386 * If this is an ADD that was deleted by the frontend
2387 * the frontend nlinks count will have already been
2388 * decremented, but the backend is going to sync its
2389 * directory entry and must account for it. The
2390 * record will be converted to a delete-on-disk when
2391 * it gets synced.
2392 *
2393 * If the ADD was not deleted by the frontend we
2394 * can remove the dependancy from our target_list.
2395 */
2400 target_entry);
2402 }
2404 /*
2405 * Not part of our flush group
2406 */
2417 }
2418 }
2419 }
2421 /*
2422 * Set dirty if we had to modify the link count.
2423 */
2428 }
2430 /*
2431 * If there is a trunction queued destroy any data past the (aligned)
2432 * truncation point. Userland will have dealt with the buffer
2433 * containing the truncation point for us.
2434 *
2435 * We don't flush pending frontend data buffers until after we've
2436 * dealt with the truncation.
2437 */
2439 /*
2440 * Interlock trunc_off. The VOP front-end may continue to
2441 * make adjustments to it while we are blocked.
2442 */
2443 off_t trunc_off;
2444 off_t aligned_trunc_off;
2451 /*
2452 * Delete any whole blocks on-media. The front-end has
2453 * already cleaned out any partial block and made it
2454 * pending. The front-end may have updated trunc_off
2455 * while we were blocked so we only use sync_trunc_off.
2456 *
2457 * This operation can blow out the buffer cache, EWOULDBLOCK
2458 * means we were unable to complete the deletion. The
2459 * deletion will update sync_trunc_off in that case.
2460 */
2462 aligned_trunc_off,
2468 }
2473 /*
2474 * Clear the truncation flag on the backend after we have
2475 * complete the deletions. Backend data is now good again
2476 * (including new records we are about to sync, below).
2477 *
2478 * Leave sync_trunc_off intact. As we write additional
2479 * records the backend will update sync_trunc_off. This
2480 * tells the backend whether it can skip the overwrite
2481 * test. This should work properly even when the backend
2482 * writes full blocks where the truncation point straddles
2483 * the block because the comparison is against the base
2484 * offset of the record.
2485 */
2487 /* ip->sync_trunc_off = 0x7FFFFFFFFFFFFFFFLL; */
2490 }
2492 /*
2493 * Now sync related records. These will typically be directory
2494 * entries, records tracking direct-writes, or delete-on-disk records.
2495 */
2503 }
2506 /*
2507 * Re-seek for inode update, assuming our cache hasn't been ripped
2508 * out from under us.
2509 */
2519 }
2521 }
2523 /*
2524 * If we are deleting the inode the frontend had better not have
2525 * any active references on elements making up the inode.
2526 *
2527 * The call to hammer_ip_delete_clean() cleans up auxillary records
2528 * but not DB or DATA records. Those must have already been deleted
2529 * by the normal truncation mechanic.
2530 */
2544 /*
2545 * Set delete_tid in both the frontend and backend
2546 * copy of the inode record. The DELETED flag handles
2547 * this, do not set RDIRTY.
2548 */
2555 /*
2556 * Adjust the inode count in the volume header
2557 */
2562 vol0_stat_inodes);
2565 }
2567 }
2568 }
2574 defer_buffer_flush:
2575 /*
2576 * Now update the inode's on-disk inode-data and/or on-disk record.
2577 * DELETED and ONDISK are managed only in ip->flags.
2578 *
2579 * In the case of a defered buffer flush we still update the on-disk
2580 * inode to satisfy visibility requirements if there happen to be
2581 * directory dependancies.
2582 */
2585 /*
2586 * If deleted and on-disk, don't set any additional flags.
2587 * the delete flag takes care of things.
2588 *
2589 * Clear flags which may have been set by the frontend.
2590 */
2593 HAMMER_INODE_DELETING);
2596 /*
2597 * Take care of the case where a deleted inode was never
2598 * flushed to the disk in the first place.
2599 *
2600 * Clear flags which may have been set by the frontend.
2601 */
2604 HAMMER_INODE_DELETING);
2612 }
2615 /*
2616 * If already on-disk, do not set any additional flags.
2617 */
2620 /*
2621 * If not on-disk and not deleted, set DDIRTY to force
2622 * an initial record to be written.
2623 *
2624 * Also set the create_tid in both the frontend and backend
2625 * copy of the inode record.
2626 */
2633 }
2635 /*
2636 * If RDIRTY or DDIRTY is set, write out a new record. If the inode
2637 * is already on-disk the old record is marked as deleted.
2638 *
2639 * If DELETED is set hammer_update_inode() will delete the existing
2640 * record without writing out a new one.
2641 *
2642 * If *ONLY* the ITIMES flag is set we can update the record in-place.
2643 */
2653 }
2654 done:
2658 }
2661 }
2663 /*
2664 * This routine is called when the OS is no longer actively referencing
2665 * the inode (but might still be keeping it cached), or when releasing
2666 * the last reference to an inode.
2667 *
2668 * At this point if the inode's nlinks count is zero we want to destroy
2669 * it, which may mean destroying it on-media too.
2670 */
2671 void
2673 {
2676 /*
2677 * Set the DELETING flag when the link count drops to 0 and the
2678 * OS no longer has any opens on the inode.
2679 *
2680 * The backend will clear DELETING (a mod flag) and set DELETED
2681 * (a state flag) when it is actually able to perform the
2682 * operation.
2683 *
2684 * Don't reflag the deletion if the flusher is currently syncing
2685 * one that was already flagged. A previously set DELETING flag
2686 * may bounce around flags and sync_flags until the operation is
2687 * completely done.
2688 */
2698 }
2700 /*
2701 * Final cleanup
2702 */
2706 }
2709 }
2710 }
2711 }
2713 /*
2714 * After potentially resolving a dependancy the inode is tested
2715 * to determine whether it needs to be reflushed.
2716 */
2717 void
2719 {
2728 }
2730 }
2731 }
2733 /*
2734 * Clear the RECLAIM flag on an inode. This occurs when the inode is
2735 * reassociated with a vp or just before it gets freed.
2736 *
2737 * Pipeline wakeups to threads blocked due to an excessive number of
2738 * detached inodes. The reclaim count generates a bit of negative
2739 * feedback.
2740 */
2741 static void
2743 {
2759 }
2760 }
2761 }
2763 /*
2764 * Setup our reclaim pipeline. We only let so many detached (and dirty)
2765 * inodes build up before we start blocking.
2766 *
2767 * When we block we don't care *which* inode has finished reclaiming,
2768 * as lone as one does. This is somewhat heuristical... we also put a
2769 * cap on how long we are willing to wait.
2770 */
2771 void
2773 {
2787 }
2788 }
2790 /*
2791 * A larger then normal backlog of inodes is sitting in the flusher,
2792 * enforce a general slowdown to let it catch up. This routine is only
2793 * called on completion of a non-flusher-related transaction which
2794 * performed B-Tree node I/O.
2795 *
2796 * It is possible for the flusher to stall in a continuous load.
2797 * blogbench -i1000 -o seems to do a good job generating this sort of load.
2798 * If the flusher is unable to catch up the inode count can bloat until
2799 * we run out of kvm.
2800 *
2801 * This is a bit of a hack.
2802 */
2803 void
2805 {
2806 /*
2807 * Hysteresis.
2808 */
2814 }
2819 }
2821 }
2823 /*
2824 * Block for one flush cycle.
2825 */
2827 }