| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Found by: Coverity Prevent(tm)
Coverity ID: CID104
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
| |
o The only indication of error condition is NULL value returned by
the function;
o value pointed to by error argument is undefined in the case when
operation completes successfully.
Discussed with: phk
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Prefer '_' to ' ', as it results in more easily parsed results in
memory monitoring tools such as vmstat.
- Remove punctuation that is incompatible with using memory type names
as file names, such as '/' characters.
- Disambiguate some collisions by adding subsystem prefixes to some
memory types.
- Generally prefer lower case to upper case.
- If the same type is defined in multiple architecture directories,
attempt to use the same name in additional cases.
Not all instances were caught in this change, so more work is required to
finish this conversion. Similar changes are required for UMA zone names.
|
| | |
|
| |
|
|
|
| |
This should close the race observed by Daniel Eriksson.
- Remove redundant wakeup().
|
| |
|
|
| |
Reported by: Daniel Eriksson
|
| |
|
|
| |
Suggested by: Coverity Prevent analysis tool
|
| |
|
|
|
|
| |
Before this fix one was able to insert one sector too small provider.
MFC after: 3 days
|
| |
|
|
| |
use root_mount KPI instead.
|
| |
|
|
| |
detach and destroy consumer before returning.
|
| |
|
|
|
| |
Submitted by: sam
Found by: Coverity Prevent analysis tool
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
shared-last-sector problem.
After this change, even if there is more than one provider with the same
last sector, the proper one will be chosen based on its size.
It still doesn't fix the 'c' partition problem (when da0s1 can be confused
with da0s1c) and situation when 'a' partition starts at offset 0
(then da0s1a can be confused with da0s1 and da0s1c). One can use '-h'
option there, when creating device or avoid sharing last sector.
Actually, when providers share the same last sector and their size is equal,
they provide exactly the same data, so the name (da0s1, da0s1a, da0s1c)
isn't important at all.
- Provide backward compatibility.
- Update copyright's year.
MFC after: 1 week
|
| | |
|
| |
|
|
| |
MFC after: 3 days
|
| |
|
|
|
|
| |
all the time. Remove unused code then.
MFC after: 4 days
|
| | |
|
| |
|
|
|
| |
set a thread's priority via sched_prio() when that is the desired action.
The schedulers will start managing td_base_pri internally shortly.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After this change, when component is disconnected because of an I/O error,
it will not be connected and synchronized automatically, it will be logged
as broken and skipped. Autosynchronization can occur, when component is
disconnected (on orphan event) and connected again - there were no I/O
error, so there is no need to not connected the component, but when there were
writes while it wasn't connected, it will be synchronized.
This fix cases, when component is disconnected because of I/O error and can be
connected again and again.
- Bump version number.
- Add version change history.
- Implement backward compatibility mechanism. After this change when metadata in
old version is detected, it is automatically upgraded to the new (current)
version.
|
| |
|
|
|
|
| |
that device cannot be destroyed immediately, under debug=1.
Suggested by: simon
|
| |
|
|
|
|
| |
while doing g_(read|write)_data() (e.g. BSD). This can cause a deadlock
in MIRROR class. Not sure if this is safe to drop the topology lock in BSD
class, so change the code in MIRROR class to avoid this deadlock.
|
| | |
|
| |
|
|
|
|
| |
mark it as such.
- Before closing consumer check if it is open. It can be closed here
when g_mirror_connect_disk() fails on g_access().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keeping consumers open when device is closed is very hard. We need to
open consumers sometimes to update metadata, etc.
Many hacks was introduced in the past to made it possible. You cannot
be sure that you can open consumer for writing always, even if you think
it should be allowed. If one of the mirror components is for example da0
and you try to open it, you can get EPERM when da0s1 is opened for reading
(because BSD class opens consumers (da0) with an extra 'e' bit set).
Waiting for the events queue to be empty may do the trick, but it makes
code much uglier (as you cannot always call g_waitidle()), it doesn't
solve all edge cases and it can introduce deadlocks if there are events
in the queue that wait for gmirror.
I removed those hacks. Now all consumers are open r1w1e1 always, even if
device is closed. Maybe it is less clean from GEOM perspective, but simpify
code a lot and make it much more reliable.
The only issue was retaste event which is sent when we close consumers
opened for writing. I ignore retaste event by not detaching consumer
immediately (so retaste event is not send to my class) and sending event
right after it to detach and destroy consumer.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
that the events queue is empty. In other case we're able to hit the race
where for example da0s1 is tasted by some other class, which means that
da0 is open with exclusive bit set, which means that we can't open da0
for writing if it is our component.
Reported by: Attila Nagy <bra@fsn.hu> (and somebody else sometime ago,
but I cannot find who it was)
|
| |
|
|
|
| |
DIRTY flag can be removed in idle process. Use consumer's acw field
instead to avoid opening consumer twice.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
marking components as clean.
Pointed out by: scottl
|
| |
|
|
|
|
| |
unmounted.
Suggested by: scottl
|
| | |
|
| |
|
|
|
|
|
|
| |
seconds of idling, DRITY flags are removed.
- If mirror is in idle state or is not open for writing, sleep without
timeout when waiting for I/O requests.
- Don't use atomic operations, for now sysctls are protected by Giant.
- Update debugs.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fix for good (I hope) force-stopping mirrors and some filure cases
(e.g. the last good component dies when synchronization is in progress).
Don't use ->nstart/->nend consumer's fields, as this could be racy,
because those fields are used in g_down/g_up, use ->index consumer's
field instead for tracking number of not finished requests.
Reported by: marcel
- After 5 seconds of idle time (this should be configurable) mark all
dirty providers as clean, so when mirror is not used in 5 seconds
and there will be power failure, no synchronization on boot is needed.
Idea from: sorry, I can't find who suggested this
- When there are no ACTIVE components and no NEW components destroy whole
mirror, not only provider.
- Fix one debug to show information about I/O request, before we change
its command.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
providers for tasting. Before this hack, race below is possible:
SI_SUB_RAID (no not-fully-configured geoms, so don't block)
GEOM tasting (now geoms are created)
SI_SUB_MOUNT_ROOT (if root file system is placed on a mirror, it is
possible that this mirror is not fully configured yet)
There is a lot of work to do to avoid such hacks and I need a working
solution before 5.3, sorry.
Reported by: John Hay <jhay@icomtek.csir.co.za>
|
| |
|
|
| |
Reported by: Maciej Kucharz <qk@comp.waw.pl>
|
| | |
|
| |
|
|
| |
Reported by: tegge
|
| | |
|
| |
|
|
|
| |
#define for this purpose.
No functional change.
|
| | |
|
| |
|
|
| |
vfs.root.mountdelay by default.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
but it is possible:
1. Read data from good component for synchronization.
2. Write data to the same area.
3. Write synchronization data, which are now stale.
Found by: tegge
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Actually, it can even cause some problems, because GEOM requires sectorsize
to be more than 0 on first access, not on provider creation, so we can skip
valid providers by doing this check here.
Reported by: Divacky Roman <xdivac02@stud.fit.vutbr.cz>
Sven Willenberger <sven@dmv.com>
|
| |
|
|
| |
Suggested by: Krzysztof CiepĀ³ucha <kris@home.pl>
|
| | |
|
| | |
|
| |
|
|
| |
Reported by: kuriyama
|
