1 /* 2 drbd_req.c 3 4 This file is part of DRBD by Philipp Reisner and Lars Ellenberg. 5 6 Copyright (C) 2001-2008, LINBIT Information Technologies GmbH. 7 Copyright (C) 1999-2008, Philipp Reisner <philipp.reisner@linbit.com>. 8 Copyright (C) 2002-2008, Lars Ellenberg <lars.ellenberg@linbit.com>. 9 10 drbd is free software; you can redistribute it and/or modify 11 it under the terms of the GNU General Public License as published by 12 the Free Software Foundation; either version 2, or (at your option) 13 any later version. 14 15 drbd is distributed in the hope that it will be useful, 16 but WITHOUT ANY WARRANTY; without even the implied warranty of 17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 GNU General Public License for more details. 19 20 You should have received a copy of the GNU General Public License 21 along with drbd; see the file COPYING. If not, write to 22 the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. 23 24 */ 25 26 #include <linux/module.h> 27 28 #include <linux/slab.h> 29 #include <linux/drbd.h> 30 #include "drbd_int.h" 31 #include "drbd_req.h" 32 33 34 /* Update disk stats at start of I/O request */ 35 static void _drbd_start_io_acct(struct drbd_conf *mdev, struct drbd_request *req, struct bio *bio) 36 { 37 const int rw = bio_data_dir(bio); 38 int cpu; 39 cpu = part_stat_lock(); 40 part_round_stats(cpu, &mdev->vdisk->part0); 41 part_stat_inc(cpu, &mdev->vdisk->part0, ios[rw]); 42 part_stat_add(cpu, &mdev->vdisk->part0, sectors[rw], bio_sectors(bio)); 43 part_inc_in_flight(&mdev->vdisk->part0, rw); 44 part_stat_unlock(); 45 } 46 47 /* Update disk stats when completing request upwards */ 48 static void _drbd_end_io_acct(struct drbd_conf *mdev, struct drbd_request *req) 49 { 50 int rw = bio_data_dir(req->master_bio); 51 unsigned long duration = jiffies - req->start_time; 52 int cpu; 53 cpu = part_stat_lock(); 54 part_stat_add(cpu, &mdev->vdisk->part0, ticks[rw], duration); 55 part_round_stats(cpu, &mdev->vdisk->part0); 56 part_dec_in_flight(&mdev->vdisk->part0, rw); 57 part_stat_unlock(); 58 } 59 60 static void _req_is_done(struct drbd_conf *mdev, struct drbd_request *req, const int rw) 61 { 62 const unsigned long s = req->rq_state; 63 64 /* remove it from the transfer log. 65 * well, only if it had been there in the first 66 * place... if it had not (local only or conflicting 67 * and never sent), it should still be "empty" as 68 * initialized in drbd_req_new(), so we can list_del() it 69 * here unconditionally */ 70 list_del(&req->tl_requests); 71 72 /* if it was a write, we may have to set the corresponding 73 * bit(s) out-of-sync first. If it had a local part, we need to 74 * release the reference to the activity log. */ 75 if (rw == WRITE) { 76 /* Set out-of-sync unless both OK flags are set 77 * (local only or remote failed). 78 * Other places where we set out-of-sync: 79 * READ with local io-error */ 80 if (!(s & RQ_NET_OK) || !(s & RQ_LOCAL_OK)) 81 drbd_set_out_of_sync(mdev, req->sector, req->size); 82 83 if ((s & RQ_NET_OK) && (s & RQ_LOCAL_OK) && (s & RQ_NET_SIS)) 84 drbd_set_in_sync(mdev, req->sector, req->size); 85 86 /* one might be tempted to move the drbd_al_complete_io 87 * to the local io completion callback drbd_endio_pri. 88 * but, if this was a mirror write, we may only 89 * drbd_al_complete_io after this is RQ_NET_DONE, 90 * otherwise the extent could be dropped from the al 91 * before it has actually been written on the peer. 92 * if we crash before our peer knows about the request, 93 * but after the extent has been dropped from the al, 94 * we would forget to resync the corresponding extent. 95 */ 96 if (s & RQ_LOCAL_MASK) { 97 if (get_ldev_if_state(mdev, D_FAILED)) { 98 if (s & RQ_IN_ACT_LOG) 99 drbd_al_complete_io(mdev, req->sector); 100 put_ldev(mdev); 101 } else if (__ratelimit(&drbd_ratelimit_state)) { 102 dev_warn(DEV, "Should have called drbd_al_complete_io(, %llu), " 103 "but my Disk seems to have failed :(\n", 104 (unsigned long long) req->sector); 105 } 106 } 107 } 108 109 drbd_req_free(req); 110 } 111 112 static void queue_barrier(struct drbd_conf *mdev) 113 { 114 struct drbd_tl_epoch *b; 115 116 /* We are within the req_lock. Once we queued the barrier for sending, 117 * we set the CREATE_BARRIER bit. It is cleared as soon as a new 118 * barrier/epoch object is added. This is the only place this bit is 119 * set. It indicates that the barrier for this epoch is already queued, 120 * and no new epoch has been created yet. */ 121 if (test_bit(CREATE_BARRIER, &mdev->flags)) 122 return; 123 124 b = mdev->newest_tle; 125 b->w.cb = w_send_barrier; 126 /* inc_ap_pending done here, so we won't 127 * get imbalanced on connection loss. 128 * dec_ap_pending will be done in got_BarrierAck 129 * or (on connection loss) in tl_clear. */ 130 inc_ap_pending(mdev); 131 drbd_queue_work(&mdev->data.work, &b->w); 132 set_bit(CREATE_BARRIER, &mdev->flags); 133 } 134 135 static void _about_to_complete_local_write(struct drbd_conf *mdev, 136 struct drbd_request *req) 137 { 138 const unsigned long s = req->rq_state; 139 struct drbd_request *i; 140 struct drbd_epoch_entry *e; 141 struct hlist_node *n; 142 struct hlist_head *slot; 143 144 /* Before we can signal completion to the upper layers, 145 * we may need to close the current epoch. 146 * We can skip this, if this request has not even been sent, because we 147 * did not have a fully established connection yet/anymore, during 148 * bitmap exchange, or while we are C_AHEAD due to congestion policy. 149 */ 150 if (mdev->state.conn >= C_CONNECTED && 151 (s & RQ_NET_SENT) != 0 && 152 req->epoch == mdev->newest_tle->br_number) 153 queue_barrier(mdev); 154 155 /* we need to do the conflict detection stuff, 156 * if we have the ee_hash (two_primaries) and 157 * this has been on the network */ 158 if ((s & RQ_NET_DONE) && mdev->ee_hash != NULL) { 159 const sector_t sector = req->sector; 160 const int size = req->size; 161 162 /* ASSERT: 163 * there must be no conflicting requests, since 164 * they must have been failed on the spot */ 165 #define OVERLAPS overlaps(sector, size, i->sector, i->size) 166 slot = tl_hash_slot(mdev, sector); 167 hlist_for_each_entry(i, n, slot, collision) { 168 if (OVERLAPS) { 169 dev_alert(DEV, "LOGIC BUG: completed: %p %llus +%u; " 170 "other: %p %llus +%u\n", 171 req, (unsigned long long)sector, size, 172 i, (unsigned long long)i->sector, i->size); 173 } 174 } 175 176 /* maybe "wake" those conflicting epoch entries 177 * that wait for this request to finish. 178 * 179 * currently, there can be only _one_ such ee 180 * (well, or some more, which would be pending 181 * P_DISCARD_ACK not yet sent by the asender...), 182 * since we block the receiver thread upon the 183 * first conflict detection, which will wait on 184 * misc_wait. maybe we want to assert that? 185 * 186 * anyways, if we found one, 187 * we just have to do a wake_up. */ 188 #undef OVERLAPS 189 #define OVERLAPS overlaps(sector, size, e->sector, e->size) 190 slot = ee_hash_slot(mdev, req->sector); 191 hlist_for_each_entry(e, n, slot, collision) { 192 if (OVERLAPS) { 193 wake_up(&mdev->misc_wait); 194 break; 195 } 196 } 197 } 198 #undef OVERLAPS 199 } 200 201 void complete_master_bio(struct drbd_conf *mdev, 202 struct bio_and_error *m) 203 { 204 bio_endio(m->bio, m->error); 205 dec_ap_bio(mdev); 206 } 207 208 /* Helper for __req_mod(). 209 * Set m->bio to the master bio, if it is fit to be completed, 210 * or leave it alone (it is initialized to NULL in __req_mod), 211 * if it has already been completed, or cannot be completed yet. 212 * If m->bio is set, the error status to be returned is placed in m->error. 213 */ 214 void _req_may_be_done(struct drbd_request *req, struct bio_and_error *m) 215 { 216 const unsigned long s = req->rq_state; 217 struct drbd_conf *mdev = req->mdev; 218 int rw = req->rq_state & RQ_WRITE ? WRITE : READ; 219 220 /* we must not complete the master bio, while it is 221 * still being processed by _drbd_send_zc_bio (drbd_send_dblock) 222 * not yet acknowledged by the peer 223 * not yet completed by the local io subsystem 224 * these flags may get cleared in any order by 225 * the worker, 226 * the receiver, 227 * the bio_endio completion callbacks. 228 */ 229 if (s & RQ_NET_QUEUED) 230 return; 231 if (s & RQ_NET_PENDING) 232 return; 233 if (s & RQ_LOCAL_PENDING && !(s & RQ_LOCAL_ABORTED)) 234 return; 235 236 if (req->master_bio) { 237 /* this is data_received (remote read) 238 * or protocol C P_WRITE_ACK 239 * or protocol B P_RECV_ACK 240 * or protocol A "handed_over_to_network" (SendAck) 241 * or canceled or failed, 242 * or killed from the transfer log due to connection loss. 243 */ 244 245 /* 246 * figure out whether to report success or failure. 247 * 248 * report success when at least one of the operations succeeded. 249 * or, to put the other way, 250 * only report failure, when both operations failed. 251 * 252 * what to do about the failures is handled elsewhere. 253 * what we need to do here is just: complete the master_bio. 254 * 255 * local completion error, if any, has been stored as ERR_PTR 256 * in private_bio within drbd_endio_pri. 257 */ 258 int ok = (s & RQ_LOCAL_OK) || (s & RQ_NET_OK); 259 int error = PTR_ERR(req->private_bio); 260 261 /* remove the request from the conflict detection 262 * respective block_id verification hash */ 263 if (!hlist_unhashed(&req->collision)) 264 hlist_del(&req->collision); 265 else 266 D_ASSERT((s & (RQ_NET_MASK & ~RQ_NET_DONE)) == 0); 267 268 /* for writes we need to do some extra housekeeping */ 269 if (rw == WRITE) 270 _about_to_complete_local_write(mdev, req); 271 272 /* Update disk stats */ 273 _drbd_end_io_acct(mdev, req); 274 275 m->error = ok ? 0 : (error ?: -EIO); 276 m->bio = req->master_bio; 277 req->master_bio = NULL; 278 } 279 280 if (s & RQ_LOCAL_PENDING) 281 return; 282 283 if ((s & RQ_NET_MASK) == 0 || (s & RQ_NET_DONE)) { 284 /* this is disconnected (local only) operation, 285 * or protocol C P_WRITE_ACK, 286 * or protocol A or B P_BARRIER_ACK, 287 * or killed from the transfer log due to connection loss. */ 288 _req_is_done(mdev, req, rw); 289 } 290 /* else: network part and not DONE yet. that is 291 * protocol A or B, barrier ack still pending... */ 292 } 293 294 static void _req_may_be_done_not_susp(struct drbd_request *req, struct bio_and_error *m) 295 { 296 struct drbd_conf *mdev = req->mdev; 297 298 if (!is_susp(mdev->state)) 299 _req_may_be_done(req, m); 300 } 301 302 /* 303 * checks whether there was an overlapping request 304 * or ee already registered. 305 * 306 * if so, return 1, in which case this request is completed on the spot, 307 * without ever being submitted or send. 308 * 309 * return 0 if it is ok to submit this request. 310 * 311 * NOTE: 312 * paranoia: assume something above us is broken, and issues different write 313 * requests for the same block simultaneously... 314 * 315 * To ensure these won't be reordered differently on both nodes, resulting in 316 * diverging data sets, we discard the later one(s). Not that this is supposed 317 * to happen, but this is the rationale why we also have to check for 318 * conflicting requests with local origin, and why we have to do so regardless 319 * of whether we allowed multiple primaries. 320 * 321 * BTW, in case we only have one primary, the ee_hash is empty anyways, and the 322 * second hlist_for_each_entry becomes a noop. This is even simpler than to 323 * grab a reference on the net_conf, and check for the two_primaries flag... 324 */ 325 static int _req_conflicts(struct drbd_request *req) 326 { 327 struct drbd_conf *mdev = req->mdev; 328 const sector_t sector = req->sector; 329 const int size = req->size; 330 struct drbd_request *i; 331 struct drbd_epoch_entry *e; 332 struct hlist_node *n; 333 struct hlist_head *slot; 334 335 D_ASSERT(hlist_unhashed(&req->collision)); 336 337 if (!get_net_conf(mdev)) 338 return 0; 339 340 /* BUG_ON */ 341 ERR_IF (mdev->tl_hash_s == 0) 342 goto out_no_conflict; 343 BUG_ON(mdev->tl_hash == NULL); 344 345 #define OVERLAPS overlaps(i->sector, i->size, sector, size) 346 slot = tl_hash_slot(mdev, sector); 347 hlist_for_each_entry(i, n, slot, collision) { 348 if (OVERLAPS) { 349 dev_alert(DEV, "%s[%u] Concurrent local write detected! " 350 "[DISCARD L] new: %llus +%u; " 351 "pending: %llus +%u\n", 352 current->comm, current->pid, 353 (unsigned long long)sector, size, 354 (unsigned long long)i->sector, i->size); 355 goto out_conflict; 356 } 357 } 358 359 if (mdev->ee_hash_s) { 360 /* now, check for overlapping requests with remote origin */ 361 BUG_ON(mdev->ee_hash == NULL); 362 #undef OVERLAPS 363 #define OVERLAPS overlaps(e->sector, e->size, sector, size) 364 slot = ee_hash_slot(mdev, sector); 365 hlist_for_each_entry(e, n, slot, collision) { 366 if (OVERLAPS) { 367 dev_alert(DEV, "%s[%u] Concurrent remote write detected!" 368 " [DISCARD L] new: %llus +%u; " 369 "pending: %llus +%u\n", 370 current->comm, current->pid, 371 (unsigned long long)sector, size, 372 (unsigned long long)e->sector, e->size); 373 goto out_conflict; 374 } 375 } 376 } 377 #undef OVERLAPS 378 379 out_no_conflict: 380 /* this is like it should be, and what we expected. 381 * our users do behave after all... */ 382 put_net_conf(mdev); 383 return 0; 384 385 out_conflict: 386 put_net_conf(mdev); 387 return 1; 388 } 389 390 /* obviously this could be coded as many single functions 391 * instead of one huge switch, 392 * or by putting the code directly in the respective locations 393 * (as it has been before). 394 * 395 * but having it this way 396 * enforces that it is all in this one place, where it is easier to audit, 397 * it makes it obvious that whatever "event" "happens" to a request should 398 * happen "atomically" within the req_lock, 399 * and it enforces that we have to think in a very structured manner 400 * about the "events" that may happen to a request during its life time ... 401 */ 402 int __req_mod(struct drbd_request *req, enum drbd_req_event what, 403 struct bio_and_error *m) 404 { 405 struct drbd_conf *mdev = req->mdev; 406 int rv = 0; 407 m->bio = NULL; 408 409 switch (what) { 410 default: 411 dev_err(DEV, "LOGIC BUG in %s:%u\n", __FILE__ , __LINE__); 412 break; 413 414 /* does not happen... 415 * initialization done in drbd_req_new 416 case created: 417 break; 418 */ 419 420 case to_be_send: /* via network */ 421 /* reached via drbd_make_request_common 422 * and from w_read_retry_remote */ 423 D_ASSERT(!(req->rq_state & RQ_NET_MASK)); 424 req->rq_state |= RQ_NET_PENDING; 425 inc_ap_pending(mdev); 426 break; 427 428 case to_be_submitted: /* locally */ 429 /* reached via drbd_make_request_common */ 430 D_ASSERT(!(req->rq_state & RQ_LOCAL_MASK)); 431 req->rq_state |= RQ_LOCAL_PENDING; 432 break; 433 434 case completed_ok: 435 if (req->rq_state & RQ_WRITE) 436 mdev->writ_cnt += req->size>>9; 437 else 438 mdev->read_cnt += req->size>>9; 439 440 req->rq_state |= (RQ_LOCAL_COMPLETED|RQ_LOCAL_OK); 441 req->rq_state &= ~RQ_LOCAL_PENDING; 442 443 _req_may_be_done_not_susp(req, m); 444 break; 445 446 case abort_disk_io: 447 req->rq_state |= RQ_LOCAL_ABORTED; 448 if (req->rq_state & RQ_WRITE) 449 _req_may_be_done_not_susp(req, m); 450 else 451 goto goto_queue_for_net_read; 452 break; 453 454 case write_completed_with_error: 455 req->rq_state |= RQ_LOCAL_COMPLETED; 456 req->rq_state &= ~RQ_LOCAL_PENDING; 457 458 __drbd_chk_io_error(mdev, DRBD_IO_ERROR); 459 _req_may_be_done_not_susp(req, m); 460 break; 461 462 case read_ahead_completed_with_error: 463 /* it is legal to fail READA */ 464 req->rq_state |= RQ_LOCAL_COMPLETED; 465 req->rq_state &= ~RQ_LOCAL_PENDING; 466 _req_may_be_done_not_susp(req, m); 467 break; 468 469 case read_completed_with_error: 470 drbd_set_out_of_sync(mdev, req->sector, req->size); 471 472 req->rq_state |= RQ_LOCAL_COMPLETED; 473 req->rq_state &= ~RQ_LOCAL_PENDING; 474 475 if (req->rq_state & RQ_LOCAL_ABORTED) { 476 _req_may_be_done(req, m); 477 break; 478 } 479 480 __drbd_chk_io_error(mdev, DRBD_IO_ERROR); 481 482 goto_queue_for_net_read: 483 484 D_ASSERT(!(req->rq_state & RQ_NET_MASK)); 485 486 /* no point in retrying if there is no good remote data, 487 * or we have no connection. */ 488 if (mdev->state.pdsk != D_UP_TO_DATE) { 489 _req_may_be_done_not_susp(req, m); 490 break; 491 } 492 493 /* _req_mod(req,to_be_send); oops, recursion... */ 494 req->rq_state |= RQ_NET_PENDING; 495 inc_ap_pending(mdev); 496 /* fall through: _req_mod(req,queue_for_net_read); */ 497 498 case queue_for_net_read: 499 /* READ or READA, and 500 * no local disk, 501 * or target area marked as invalid, 502 * or just got an io-error. */ 503 /* from drbd_make_request_common 504 * or from bio_endio during read io-error recovery */ 505 506 /* so we can verify the handle in the answer packet 507 * corresponding hlist_del is in _req_may_be_done() */ 508 hlist_add_head(&req->collision, ar_hash_slot(mdev, req->sector)); 509 510 set_bit(UNPLUG_REMOTE, &mdev->flags); 511 512 D_ASSERT(req->rq_state & RQ_NET_PENDING); 513 req->rq_state |= RQ_NET_QUEUED; 514 req->w.cb = (req->rq_state & RQ_LOCAL_MASK) 515 ? w_read_retry_remote 516 : w_send_read_req; 517 drbd_queue_work(&mdev->data.work, &req->w); 518 break; 519 520 case queue_for_net_write: 521 /* assert something? */ 522 /* from drbd_make_request_common only */ 523 524 hlist_add_head(&req->collision, tl_hash_slot(mdev, req->sector)); 525 /* corresponding hlist_del is in _req_may_be_done() */ 526 527 /* NOTE 528 * In case the req ended up on the transfer log before being 529 * queued on the worker, it could lead to this request being 530 * missed during cleanup after connection loss. 531 * So we have to do both operations here, 532 * within the same lock that protects the transfer log. 533 * 534 * _req_add_to_epoch(req); this has to be after the 535 * _maybe_start_new_epoch(req); which happened in 536 * drbd_make_request_common, because we now may set the bit 537 * again ourselves to close the current epoch. 538 * 539 * Add req to the (now) current epoch (barrier). */ 540 541 /* otherwise we may lose an unplug, which may cause some remote 542 * io-scheduler timeout to expire, increasing maximum latency, 543 * hurting performance. */ 544 set_bit(UNPLUG_REMOTE, &mdev->flags); 545 546 /* see drbd_make_request_common, 547 * just after it grabs the req_lock */ 548 D_ASSERT(test_bit(CREATE_BARRIER, &mdev->flags) == 0); 549 550 req->epoch = mdev->newest_tle->br_number; 551 552 /* increment size of current epoch */ 553 mdev->newest_tle->n_writes++; 554 555 /* queue work item to send data */ 556 D_ASSERT(req->rq_state & RQ_NET_PENDING); 557 req->rq_state |= RQ_NET_QUEUED; 558 req->w.cb = w_send_dblock; 559 drbd_queue_work(&mdev->data.work, &req->w); 560 561 /* close the epoch, in case it outgrew the limit */ 562 if (mdev->newest_tle->n_writes >= mdev->net_conf->max_epoch_size) 563 queue_barrier(mdev); 564 565 break; 566 567 case queue_for_send_oos: 568 req->rq_state |= RQ_NET_QUEUED; 569 req->w.cb = w_send_oos; 570 drbd_queue_work(&mdev->data.work, &req->w); 571 break; 572 573 case read_retry_remote_canceled: 574 case send_canceled: 575 case send_failed: 576 /* real cleanup will be done from tl_clear. just update flags 577 * so it is no longer marked as on the worker queue */ 578 req->rq_state &= ~RQ_NET_QUEUED; 579 /* if we did it right, tl_clear should be scheduled only after 580 * this, so this should not be necessary! */ 581 _req_may_be_done_not_susp(req, m); 582 break; 583 584 case handed_over_to_network: 585 /* assert something? */ 586 if (bio_data_dir(req->master_bio) == WRITE) 587 atomic_add(req->size>>9, &mdev->ap_in_flight); 588 589 if (bio_data_dir(req->master_bio) == WRITE && 590 mdev->net_conf->wire_protocol == DRBD_PROT_A) { 591 /* this is what is dangerous about protocol A: 592 * pretend it was successfully written on the peer. */ 593 if (req->rq_state & RQ_NET_PENDING) { 594 dec_ap_pending(mdev); 595 req->rq_state &= ~RQ_NET_PENDING; 596 req->rq_state |= RQ_NET_OK; 597 } /* else: neg-ack was faster... */ 598 /* it is still not yet RQ_NET_DONE until the 599 * corresponding epoch barrier got acked as well, 600 * so we know what to dirty on connection loss */ 601 } 602 req->rq_state &= ~RQ_NET_QUEUED; 603 req->rq_state |= RQ_NET_SENT; 604 _req_may_be_done_not_susp(req, m); 605 break; 606 607 case oos_handed_to_network: 608 /* Was not set PENDING, no longer QUEUED, so is now DONE 609 * as far as this connection is concerned. */ 610 req->rq_state &= ~RQ_NET_QUEUED; 611 req->rq_state |= RQ_NET_DONE; 612 _req_may_be_done_not_susp(req, m); 613 break; 614 615 case connection_lost_while_pending: 616 /* transfer log cleanup after connection loss */ 617 /* assert something? */ 618 if (req->rq_state & RQ_NET_PENDING) 619 dec_ap_pending(mdev); 620 req->rq_state &= ~(RQ_NET_OK|RQ_NET_PENDING); 621 req->rq_state |= RQ_NET_DONE; 622 if (req->rq_state & RQ_NET_SENT && req->rq_state & RQ_WRITE) 623 atomic_sub(req->size>>9, &mdev->ap_in_flight); 624 625 /* if it is still queued, we may not complete it here. 626 * it will be canceled soon. */ 627 if (!(req->rq_state & RQ_NET_QUEUED)) 628 _req_may_be_done(req, m); /* Allowed while state.susp */ 629 break; 630 631 case conflict_discarded_by_peer: 632 /* for discarded conflicting writes of multiple primaries, 633 * there is no need to keep anything in the tl, potential 634 * node crashes are covered by the activity log. */ 635 if (what == conflict_discarded_by_peer) 636 dev_alert(DEV, "Got DiscardAck packet %llus +%u!" 637 " DRBD is not a random data generator!\n", 638 (unsigned long long)req->sector, req->size); 639 req->rq_state |= RQ_NET_DONE; 640 /* fall through */ 641 case write_acked_by_peer_and_sis: 642 case write_acked_by_peer: 643 if (what == write_acked_by_peer_and_sis) 644 req->rq_state |= RQ_NET_SIS; 645 /* protocol C; successfully written on peer. 646 * Nothing more to do here. 647 * We want to keep the tl in place for all protocols, to cater 648 * for volatile write-back caches on lower level devices. */ 649 650 case recv_acked_by_peer: 651 /* protocol B; pretends to be successfully written on peer. 652 * see also notes above in handed_over_to_network about 653 * protocol != C */ 654 req->rq_state |= RQ_NET_OK; 655 D_ASSERT(req->rq_state & RQ_NET_PENDING); 656 dec_ap_pending(mdev); 657 atomic_sub(req->size>>9, &mdev->ap_in_flight); 658 req->rq_state &= ~RQ_NET_PENDING; 659 _req_may_be_done_not_susp(req, m); 660 break; 661 662 case neg_acked: 663 /* assert something? */ 664 if (req->rq_state & RQ_NET_PENDING) { 665 dec_ap_pending(mdev); 666 atomic_sub(req->size>>9, &mdev->ap_in_flight); 667 } 668 req->rq_state &= ~(RQ_NET_OK|RQ_NET_PENDING); 669 670 req->rq_state |= RQ_NET_DONE; 671 _req_may_be_done_not_susp(req, m); 672 /* else: done by handed_over_to_network */ 673 break; 674 675 case fail_frozen_disk_io: 676 if (!(req->rq_state & RQ_LOCAL_COMPLETED)) 677 break; 678 679 _req_may_be_done(req, m); /* Allowed while state.susp */ 680 break; 681 682 case restart_frozen_disk_io: 683 if (!(req->rq_state & RQ_LOCAL_COMPLETED)) 684 break; 685 686 req->rq_state &= ~RQ_LOCAL_COMPLETED; 687 688 rv = MR_READ; 689 if (bio_data_dir(req->master_bio) == WRITE) 690 rv = MR_WRITE; 691 692 get_ldev(mdev); 693 req->w.cb = w_restart_disk_io; 694 drbd_queue_work(&mdev->data.work, &req->w); 695 break; 696 697 case resend: 698 /* Simply complete (local only) READs. */ 699 if (!(req->rq_state & RQ_WRITE) && !req->w.cb) { 700 _req_may_be_done(req, m); 701 break; 702 } 703 704 /* If RQ_NET_OK is already set, we got a P_WRITE_ACK or P_RECV_ACK 705 before the connection loss (B&C only); only P_BARRIER_ACK was missing. 706 Trowing them out of the TL here by pretending we got a BARRIER_ACK 707 We ensure that the peer was not rebooted */ 708 if (!(req->rq_state & RQ_NET_OK)) { 709 if (req->w.cb) { 710 drbd_queue_work(&mdev->data.work, &req->w); 711 rv = req->rq_state & RQ_WRITE ? MR_WRITE : MR_READ; 712 } 713 break; 714 } 715 /* else, fall through to barrier_acked */ 716 717 case barrier_acked: 718 if (!(req->rq_state & RQ_WRITE)) 719 break; 720 721 if (req->rq_state & RQ_NET_PENDING) { 722 /* barrier came in before all requests have been acked. 723 * this is bad, because if the connection is lost now, 724 * we won't be able to clean them up... */ 725 dev_err(DEV, "FIXME (barrier_acked but pending)\n"); 726 list_move(&req->tl_requests, &mdev->out_of_sequence_requests); 727 } 728 if ((req->rq_state & RQ_NET_MASK) != 0) { 729 req->rq_state |= RQ_NET_DONE; 730 if (mdev->net_conf->wire_protocol == DRBD_PROT_A) 731 atomic_sub(req->size>>9, &mdev->ap_in_flight); 732 } 733 _req_may_be_done(req, m); /* Allowed while state.susp */ 734 break; 735 736 case data_received: 737 D_ASSERT(req->rq_state & RQ_NET_PENDING); 738 dec_ap_pending(mdev); 739 req->rq_state &= ~RQ_NET_PENDING; 740 req->rq_state |= (RQ_NET_OK|RQ_NET_DONE); 741 _req_may_be_done_not_susp(req, m); 742 break; 743 }; 744 745 return rv; 746 } 747 748 /* we may do a local read if: 749 * - we are consistent (of course), 750 * - or we are generally inconsistent, 751 * BUT we are still/already IN SYNC for this area. 752 * since size may be bigger than BM_BLOCK_SIZE, 753 * we may need to check several bits. 754 */ 755 static int drbd_may_do_local_read(struct drbd_conf *mdev, sector_t sector, int size) 756 { 757 unsigned long sbnr, ebnr; 758 sector_t esector, nr_sectors; 759 760 if (mdev->state.disk == D_UP_TO_DATE) 761 return 1; 762 if (mdev->state.disk >= D_OUTDATED) 763 return 0; 764 if (mdev->state.disk < D_INCONSISTENT) 765 return 0; 766 /* state.disk == D_INCONSISTENT We will have a look at the BitMap */ 767 nr_sectors = drbd_get_capacity(mdev->this_bdev); 768 esector = sector + (size >> 9) - 1; 769 770 D_ASSERT(sector < nr_sectors); 771 D_ASSERT(esector < nr_sectors); 772 773 sbnr = BM_SECT_TO_BIT(sector); 774 ebnr = BM_SECT_TO_BIT(esector); 775 776 return 0 == drbd_bm_count_bits(mdev, sbnr, ebnr); 777 } 778 779 static void maybe_pull_ahead(struct drbd_conf *mdev) 780 { 781 int congested = 0; 782 783 /* If I don't even have good local storage, we can not reasonably try 784 * to pull ahead of the peer. We also need the local reference to make 785 * sure mdev->act_log is there. 786 * Note: caller has to make sure that net_conf is there. 787 */ 788 if (!get_ldev_if_state(mdev, D_UP_TO_DATE)) 789 return; 790 791 if (mdev->net_conf->cong_fill && 792 atomic_read(&mdev->ap_in_flight) >= mdev->net_conf->cong_fill) { 793 dev_info(DEV, "Congestion-fill threshold reached\n"); 794 congested = 1; 795 } 796 797 if (mdev->act_log->used >= mdev->net_conf->cong_extents) { 798 dev_info(DEV, "Congestion-extents threshold reached\n"); 799 congested = 1; 800 } 801 802 if (congested) { 803 queue_barrier(mdev); /* last barrier, after mirrored writes */ 804 805 if (mdev->net_conf->on_congestion == OC_PULL_AHEAD) 806 _drbd_set_state(_NS(mdev, conn, C_AHEAD), 0, NULL); 807 else /*mdev->net_conf->on_congestion == OC_DISCONNECT */ 808 _drbd_set_state(_NS(mdev, conn, C_DISCONNECTING), 0, NULL); 809 } 810 put_ldev(mdev); 811 } 812 813 static int drbd_make_request_common(struct drbd_conf *mdev, struct bio *bio, unsigned long start_time) 814 { 815 const int rw = bio_rw(bio); 816 const int size = bio->bi_size; 817 const sector_t sector = bio->bi_sector; 818 struct drbd_tl_epoch *b = NULL; 819 struct drbd_request *req; 820 int local, remote, send_oos = 0; 821 int err = -EIO; 822 int ret = 0; 823 union drbd_state s; 824 825 /* allocate outside of all locks; */ 826 req = drbd_req_new(mdev, bio); 827 if (!req) { 828 dec_ap_bio(mdev); 829 /* only pass the error to the upper layers. 830 * if user cannot handle io errors, that's not our business. */ 831 dev_err(DEV, "could not kmalloc() req\n"); 832 bio_endio(bio, -ENOMEM); 833 return 0; 834 } 835 req->start_time = start_time; 836 837 local = get_ldev(mdev); 838 if (!local) { 839 bio_put(req->private_bio); /* or we get a bio leak */ 840 req->private_bio = NULL; 841 } 842 if (rw == WRITE) { 843 /* Need to replicate writes. Unless it is an empty flush, 844 * which is better mapped to a DRBD P_BARRIER packet, 845 * also for drbd wire protocol compatibility reasons. */ 846 if (unlikely(size == 0)) { 847 /* The only size==0 bios we expect are empty flushes. */ 848 D_ASSERT(bio->bi_rw & REQ_FLUSH); 849 remote = 0; 850 } else 851 remote = 1; 852 } else { 853 /* READ || READA */ 854 if (local) { 855 if (!drbd_may_do_local_read(mdev, sector, size)) { 856 /* we could kick the syncer to 857 * sync this extent asap, wait for 858 * it, then continue locally. 859 * Or just issue the request remotely. 860 */ 861 local = 0; 862 bio_put(req->private_bio); 863 req->private_bio = NULL; 864 put_ldev(mdev); 865 } 866 } 867 remote = !local && mdev->state.pdsk >= D_UP_TO_DATE; 868 } 869 870 /* If we have a disk, but a READA request is mapped to remote, 871 * we are R_PRIMARY, D_INCONSISTENT, SyncTarget. 872 * Just fail that READA request right here. 873 * 874 * THINK: maybe fail all READA when not local? 875 * or make this configurable... 876 * if network is slow, READA won't do any good. 877 */ 878 if (rw == READA && mdev->state.disk >= D_INCONSISTENT && !local) { 879 err = -EWOULDBLOCK; 880 goto fail_and_free_req; 881 } 882 883 /* For WRITES going to the local disk, grab a reference on the target 884 * extent. This waits for any resync activity in the corresponding 885 * resync extent to finish, and, if necessary, pulls in the target 886 * extent into the activity log, which involves further disk io because 887 * of transactional on-disk meta data updates. 888 * Empty flushes don't need to go into the activity log, they can only 889 * flush data for pending writes which are already in there. */ 890 if (rw == WRITE && local && size 891 && !test_bit(AL_SUSPENDED, &mdev->flags)) { 892 req->rq_state |= RQ_IN_ACT_LOG; 893 drbd_al_begin_io(mdev, sector); 894 } 895 896 s = mdev->state; 897 remote = remote && drbd_should_do_remote(s); 898 send_oos = rw == WRITE && drbd_should_send_oos(s); 899 D_ASSERT(!(remote && send_oos)); 900 901 if (!(local || remote) && !is_susp(mdev->state)) { 902 if (__ratelimit(&drbd_ratelimit_state)) 903 dev_err(DEV, "IO ERROR: neither local nor remote disk\n"); 904 goto fail_free_complete; 905 } 906 907 /* For WRITE request, we have to make sure that we have an 908 * unused_spare_tle, in case we need to start a new epoch. 909 * I try to be smart and avoid to pre-allocate always "just in case", 910 * but there is a race between testing the bit and pointer outside the 911 * spinlock, and grabbing the spinlock. 912 * if we lost that race, we retry. */ 913 if (rw == WRITE && (remote || send_oos) && 914 mdev->unused_spare_tle == NULL && 915 test_bit(CREATE_BARRIER, &mdev->flags)) { 916 allocate_barrier: 917 b = kmalloc(sizeof(struct drbd_tl_epoch), GFP_NOIO); 918 if (!b) { 919 dev_err(DEV, "Failed to alloc barrier.\n"); 920 err = -ENOMEM; 921 goto fail_free_complete; 922 } 923 } 924 925 /* GOOD, everything prepared, grab the spin_lock */ 926 spin_lock_irq(&mdev->req_lock); 927 928 if (is_susp(mdev->state)) { 929 /* If we got suspended, use the retry mechanism of 930 drbd_make_request() to restart processing of this 931 bio. In the next call to drbd_make_request 932 we sleep in inc_ap_bio() */ 933 ret = 1; 934 spin_unlock_irq(&mdev->req_lock); 935 goto fail_free_complete; 936 } 937 938 if (remote || send_oos) { 939 remote = drbd_should_do_remote(mdev->state); 940 send_oos = rw == WRITE && drbd_should_send_oos(mdev->state); 941 D_ASSERT(!(remote && send_oos)); 942 943 if (!(remote || send_oos)) 944 dev_warn(DEV, "lost connection while grabbing the req_lock!\n"); 945 if (!(local || remote)) { 946 dev_err(DEV, "IO ERROR: neither local nor remote disk\n"); 947 spin_unlock_irq(&mdev->req_lock); 948 goto fail_free_complete; 949 } 950 } 951 952 if (b && mdev->unused_spare_tle == NULL) { 953 mdev->unused_spare_tle = b; 954 b = NULL; 955 } 956 if (rw == WRITE && (remote || send_oos) && 957 mdev->unused_spare_tle == NULL && 958 test_bit(CREATE_BARRIER, &mdev->flags)) { 959 /* someone closed the current epoch 960 * while we were grabbing the spinlock */ 961 spin_unlock_irq(&mdev->req_lock); 962 goto allocate_barrier; 963 } 964 965 966 /* Update disk stats */ 967 _drbd_start_io_acct(mdev, req, bio); 968 969 /* _maybe_start_new_epoch(mdev); 970 * If we need to generate a write barrier packet, we have to add the 971 * new epoch (barrier) object, and queue the barrier packet for sending, 972 * and queue the req's data after it _within the same lock_, otherwise 973 * we have race conditions were the reorder domains could be mixed up. 974 * 975 * Even read requests may start a new epoch and queue the corresponding 976 * barrier packet. To get the write ordering right, we only have to 977 * make sure that, if this is a write request and it triggered a 978 * barrier packet, this request is queued within the same spinlock. */ 979 if ((remote || send_oos) && mdev->unused_spare_tle && 980 test_and_clear_bit(CREATE_BARRIER, &mdev->flags)) { 981 _tl_add_barrier(mdev, mdev->unused_spare_tle); 982 mdev->unused_spare_tle = NULL; 983 } else { 984 D_ASSERT(!(remote && rw == WRITE && 985 test_bit(CREATE_BARRIER, &mdev->flags))); 986 } 987 988 /* NOTE 989 * Actually, 'local' may be wrong here already, since we may have failed 990 * to write to the meta data, and may become wrong anytime because of 991 * local io-error for some other request, which would lead to us 992 * "detaching" the local disk. 993 * 994 * 'remote' may become wrong any time because the network could fail. 995 * 996 * This is a harmless race condition, though, since it is handled 997 * correctly at the appropriate places; so it just defers the failure 998 * of the respective operation. 999 */ 1000 1001 /* mark them early for readability. 1002 * this just sets some state flags. */ 1003 if (remote) 1004 _req_mod(req, to_be_send); 1005 if (local) 1006 _req_mod(req, to_be_submitted); 1007 1008 /* check this request on the collision detection hash tables. 1009 * if we have a conflict, just complete it here. 1010 * THINK do we want to check reads, too? (I don't think so...) */ 1011 if (rw == WRITE && _req_conflicts(req)) 1012 goto fail_conflicting; 1013 1014 /* no point in adding empty flushes to the transfer log, 1015 * they are mapped to drbd barriers already. */ 1016 if (likely(size!=0)) 1017 list_add_tail(&req->tl_requests, &mdev->newest_tle->requests); 1018 1019 /* NOTE remote first: to get the concurrent write detection right, 1020 * we must register the request before start of local IO. */ 1021 if (remote) { 1022 /* either WRITE and C_CONNECTED, 1023 * or READ, and no local disk, 1024 * or READ, but not in sync. 1025 */ 1026 _req_mod(req, (rw == WRITE) 1027 ? queue_for_net_write 1028 : queue_for_net_read); 1029 } 1030 if (send_oos && drbd_set_out_of_sync(mdev, sector, size)) 1031 _req_mod(req, queue_for_send_oos); 1032 1033 if (remote && 1034 mdev->net_conf->on_congestion != OC_BLOCK && mdev->agreed_pro_version >= 96) 1035 maybe_pull_ahead(mdev); 1036 1037 /* If this was a flush, queue a drbd barrier/start a new epoch. 1038 * Unless the current epoch was empty anyways, or we are not currently 1039 * replicating, in which case there is no point. */ 1040 if (unlikely(bio->bi_rw & REQ_FLUSH) 1041 && mdev->newest_tle->n_writes 1042 && drbd_should_do_remote(mdev->state)) 1043 queue_barrier(mdev); 1044 1045 spin_unlock_irq(&mdev->req_lock); 1046 kfree(b); /* if someone else has beaten us to it... */ 1047 1048 if (local) { 1049 req->private_bio->bi_bdev = mdev->ldev->backing_bdev; 1050 1051 /* State may have changed since we grabbed our reference on the 1052 * mdev->ldev member. Double check, and short-circuit to endio. 1053 * In case the last activity log transaction failed to get on 1054 * stable storage, and this is a WRITE, we may not even submit 1055 * this bio. */ 1056 if (get_ldev(mdev)) { 1057 if (drbd_insert_fault(mdev, rw == WRITE ? DRBD_FAULT_DT_WR 1058 : rw == READ ? DRBD_FAULT_DT_RD 1059 : DRBD_FAULT_DT_RA)) 1060 bio_endio(req->private_bio, -EIO); 1061 else 1062 generic_make_request(req->private_bio); 1063 put_ldev(mdev); 1064 } else 1065 bio_endio(req->private_bio, -EIO); 1066 } 1067 1068 return 0; 1069 1070 fail_conflicting: 1071 /* this is a conflicting request. 1072 * even though it may have been only _partially_ 1073 * overlapping with one of the currently pending requests, 1074 * without even submitting or sending it, we will 1075 * pretend that it was successfully served right now. 1076 */ 1077 _drbd_end_io_acct(mdev, req); 1078 spin_unlock_irq(&mdev->req_lock); 1079 if (remote) 1080 dec_ap_pending(mdev); 1081 /* THINK: do we want to fail it (-EIO), or pretend success? 1082 * this pretends success. */ 1083 err = 0; 1084 1085 fail_free_complete: 1086 if (req->rq_state & RQ_IN_ACT_LOG) 1087 drbd_al_complete_io(mdev, sector); 1088 fail_and_free_req: 1089 if (local) { 1090 bio_put(req->private_bio); 1091 req->private_bio = NULL; 1092 put_ldev(mdev); 1093 } 1094 if (!ret) 1095 bio_endio(bio, err); 1096 1097 drbd_req_free(req); 1098 dec_ap_bio(mdev); 1099 kfree(b); 1100 1101 return ret; 1102 } 1103 1104 /* helper function for drbd_make_request 1105 * if we can determine just by the mdev (state) that this request will fail, 1106 * return 1 1107 * otherwise return 0 1108 */ 1109 static int drbd_fail_request_early(struct drbd_conf *mdev, int is_write) 1110 { 1111 if (mdev->state.role != R_PRIMARY && 1112 (!allow_oos || is_write)) { 1113 if (__ratelimit(&drbd_ratelimit_state)) { 1114 dev_err(DEV, "Process %s[%u] tried to %s; " 1115 "since we are not in Primary state, " 1116 "we cannot allow this\n", 1117 current->comm, current->pid, 1118 is_write ? "WRITE" : "READ"); 1119 } 1120 return 1; 1121 } 1122 1123 return 0; 1124 } 1125 1126 void drbd_make_request(struct request_queue *q, struct bio *bio) 1127 { 1128 unsigned int s_enr, e_enr; 1129 struct drbd_conf *mdev = (struct drbd_conf *) q->queuedata; 1130 unsigned long start_time; 1131 1132 if (drbd_fail_request_early(mdev, bio_data_dir(bio) & WRITE)) { 1133 bio_endio(bio, -EPERM); 1134 return; 1135 } 1136 1137 start_time = jiffies; 1138 1139 /* 1140 * what we "blindly" assume: 1141 */ 1142 D_ASSERT((bio->bi_size & 0x1ff) == 0); 1143 1144 /* to make some things easier, force alignment of requests within the 1145 * granularity of our hash tables */ 1146 s_enr = bio->bi_sector >> HT_SHIFT; 1147 e_enr = bio->bi_size ? (bio->bi_sector+(bio->bi_size>>9)-1) >> HT_SHIFT : s_enr; 1148 1149 if (likely(s_enr == e_enr)) { 1150 do { 1151 inc_ap_bio(mdev, 1); 1152 } while (drbd_make_request_common(mdev, bio, start_time)); 1153 return; 1154 } 1155 1156 /* can this bio be split generically? 1157 * Maybe add our own split-arbitrary-bios function. */ 1158 if (bio->bi_vcnt != 1 || bio->bi_idx != 0 || bio->bi_size > DRBD_MAX_BIO_SIZE) { 1159 /* rather error out here than BUG in bio_split */ 1160 dev_err(DEV, "bio would need to, but cannot, be split: " 1161 "(vcnt=%u,idx=%u,size=%u,sector=%llu)\n", 1162 bio->bi_vcnt, bio->bi_idx, bio->bi_size, 1163 (unsigned long long)bio->bi_sector); 1164 bio_endio(bio, -EINVAL); 1165 } else { 1166 /* This bio crosses some boundary, so we have to split it. */ 1167 struct bio_pair *bp; 1168 /* works for the "do not cross hash slot boundaries" case 1169 * e.g. sector 262269, size 4096 1170 * s_enr = 262269 >> 6 = 4097 1171 * e_enr = (262269+8-1) >> 6 = 4098 1172 * HT_SHIFT = 6 1173 * sps = 64, mask = 63 1174 * first_sectors = 64 - (262269 & 63) = 3 1175 */ 1176 const sector_t sect = bio->bi_sector; 1177 const int sps = 1 << HT_SHIFT; /* sectors per slot */ 1178 const int mask = sps - 1; 1179 const sector_t first_sectors = sps - (sect & mask); 1180 bp = bio_split(bio, first_sectors); 1181 1182 /* we need to get a "reference count" (ap_bio_cnt) 1183 * to avoid races with the disconnect/reconnect/suspend code. 1184 * In case we need to split the bio here, we need to get three references 1185 * atomically, otherwise we might deadlock when trying to submit the 1186 * second one! */ 1187 inc_ap_bio(mdev, 3); 1188 1189 D_ASSERT(e_enr == s_enr + 1); 1190 1191 while (drbd_make_request_common(mdev, &bp->bio1, start_time)) 1192 inc_ap_bio(mdev, 1); 1193 1194 while (drbd_make_request_common(mdev, &bp->bio2, start_time)) 1195 inc_ap_bio(mdev, 1); 1196 1197 dec_ap_bio(mdev); 1198 1199 bio_pair_release(bp); 1200 } 1201 } 1202 1203 /* This is called by bio_add_page(). With this function we reduce 1204 * the number of BIOs that span over multiple DRBD_MAX_BIO_SIZEs 1205 * units (was AL_EXTENTs). 1206 * 1207 * we do the calculation within the lower 32bit of the byte offsets, 1208 * since we don't care for actual offset, but only check whether it 1209 * would cross "activity log extent" boundaries. 1210 * 1211 * As long as the BIO is empty we have to allow at least one bvec, 1212 * regardless of size and offset. so the resulting bio may still 1213 * cross extent boundaries. those are dealt with (bio_split) in 1214 * drbd_make_request. 1215 */ 1216 int drbd_merge_bvec(struct request_queue *q, struct bvec_merge_data *bvm, struct bio_vec *bvec) 1217 { 1218 struct drbd_conf *mdev = (struct drbd_conf *) q->queuedata; 1219 unsigned int bio_offset = 1220 (unsigned int)bvm->bi_sector << 9; /* 32 bit */ 1221 unsigned int bio_size = bvm->bi_size; 1222 int limit, backing_limit; 1223 1224 limit = DRBD_MAX_BIO_SIZE 1225 - ((bio_offset & (DRBD_MAX_BIO_SIZE-1)) + bio_size); 1226 if (limit < 0) 1227 limit = 0; 1228 if (bio_size == 0) { 1229 if (limit <= bvec->bv_len) 1230 limit = bvec->bv_len; 1231 } else if (limit && get_ldev(mdev)) { 1232 struct request_queue * const b = 1233 mdev->ldev->backing_bdev->bd_disk->queue; 1234 if (b->merge_bvec_fn) { 1235 backing_limit = b->merge_bvec_fn(b, bvm, bvec); 1236 limit = min(limit, backing_limit); 1237 } 1238 put_ldev(mdev); 1239 } 1240 return limit; 1241 } 1242 1243 void request_timer_fn(unsigned long data) 1244 { 1245 struct drbd_conf *mdev = (struct drbd_conf *) data; 1246 struct drbd_request *req; /* oldest request */ 1247 struct list_head *le; 1248 unsigned long ent = 0, dt = 0, et, nt; /* effective timeout = ko_count * timeout */ 1249 unsigned long now; 1250 1251 if (get_net_conf(mdev)) { 1252 if (mdev->state.conn >= C_WF_REPORT_PARAMS) 1253 ent = mdev->net_conf->timeout*HZ/10 1254 * mdev->net_conf->ko_count; 1255 put_net_conf(mdev); 1256 } 1257 if (get_ldev(mdev)) { /* implicit state.disk >= D_INCONSISTENT */ 1258 dt = mdev->ldev->dc.disk_timeout * HZ / 10; 1259 put_ldev(mdev); 1260 } 1261 et = min_not_zero(dt, ent); 1262 1263 if (!et) 1264 return; /* Recurring timer stopped */ 1265 1266 now = jiffies; 1267 1268 spin_lock_irq(&mdev->req_lock); 1269 le = &mdev->oldest_tle->requests; 1270 if (list_empty(le)) { 1271 spin_unlock_irq(&mdev->req_lock); 1272 mod_timer(&mdev->request_timer, now + et); 1273 return; 1274 } 1275 1276 le = le->prev; 1277 req = list_entry(le, struct drbd_request, tl_requests); 1278 1279 /* The request is considered timed out, if 1280 * - we have some effective timeout from the configuration, 1281 * with above state restrictions applied, 1282 * - the oldest request is waiting for a response from the network 1283 * resp. the local disk, 1284 * - the oldest request is in fact older than the effective timeout, 1285 * - the connection was established (resp. disk was attached) 1286 * for longer than the timeout already. 1287 * Note that for 32bit jiffies and very stable connections/disks, 1288 * we may have a wrap around, which is catched by 1289 * !time_in_range(now, last_..._jif, last_..._jif + timeout). 1290 * 1291 * Side effect: once per 32bit wrap-around interval, which means every 1292 * ~198 days with 250 HZ, we have a window where the timeout would need 1293 * to expire twice (worst case) to become effective. Good enough. 1294 */ 1295 if (ent && req->rq_state & RQ_NET_PENDING && 1296 time_after(now, req->start_time + ent) && 1297 !time_in_range(now, mdev->last_reconnect_jif, mdev->last_reconnect_jif + ent)) { 1298 dev_warn(DEV, "Remote failed to finish a request within ko-count * timeout\n"); 1299 _drbd_set_state(_NS(mdev, conn, C_TIMEOUT), CS_VERBOSE | CS_HARD, NULL); 1300 } 1301 if (dt && req->rq_state & RQ_LOCAL_PENDING && 1302 time_after(now, req->start_time + dt) && 1303 !time_in_range(now, mdev->last_reattach_jif, mdev->last_reattach_jif + dt)) { 1304 dev_warn(DEV, "Local backing device failed to meet the disk-timeout\n"); 1305 __drbd_chk_io_error(mdev, DRBD_FORCE_DETACH); 1306 } 1307 nt = (time_after(now, req->start_time + et) ? now : req->start_time) + et; 1308 spin_unlock_irq(&mdev->req_lock); 1309 mod_timer(&mdev->request_timer, nt); 1310 } 1311