[dm-devel] fstrim discarding too many or wrong blocks on Linux 5.1, leading to data loss
Michael Laß
bevan at bi-co.net
Mon May 20 11:38:53 UTC 2019
> Am 19.05.2019 um 21:55 schrieb Michael Laß <bevan at bi-co.net>:
>
> CC'ing dm-devel, as this seems to be a dm-related issue. Short summary for new readers:
>
> On Linux 5.1 (tested up to 5.1.3), fstrim may discard too many blocks, leading to data loss. I have the following storage stack:
>
> btrfs
> dm-crypt (LUKS)
> LVM logical volume
> LVM single physical volume
> MBR partition
> Samsung 830 SSD
>
> The mapping between logical volumes and physical segments is a bit mixed up. See below for the output for “pvdisplay -m”. When I issue fstrim on the mounted btrfs volume, I get the following kernel messages:
>
> attempt to access beyond end of device
> sda1: rw=16387, want=252755893, limit=250067632
> BTRFS warning (device dm-5): failed to trim 1 device(s), last error -5
>
> At the same time, other logical volumes on the same physical volume are destroyed. Also the btrfs volume itself may be damaged (this seems to depend on the actual usage).
>
> I can easily reproduce this issue locally and I’m currently bisecting. So far I could narrow down the range of commits to:
> Good: 92fff53b7191cae566be9ca6752069426c7f8241
> Bad: 225557446856448039a9e495da37b72c20071ef2
I finished bisecting. Here’s the responsible commit:
commit 61697a6abd24acba941359c6268a94f4afe4a53d
Author: Mike Snitzer <snitzer at redhat.com>
Date: Fri Jan 18 14:19:26 2019 -0500
dm: eliminate 'split_discard_bios' flag from DM target interface
There is no need to have DM core split discards on behalf of a DM target
now that blk_queue_split() handles splitting discards based on the
queue_limits. A DM target just needs to set max_discard_sectors,
discard_granularity, etc, in queue_limits.
Signed-off-by: Mike Snitzer <snitzer at redhat.com>
Maybe the assumptions taken here ("A DM target just needs to set max_discard_sectors, discard_granularity, etc, in queue_limits.”) isn’t valid in my case? Does anyone have an idea?
>
> In this range of commits, there are only dm-related changes.
>
> So far, I have not reproduced the issue with other file systems or a simplified stack. I first want to continue bisecting but this may take another day.
>
>
>> Am 18.05.2019 um 12:26 schrieb Qu Wenruo <quwenruo.btrfs at gmx.com>:
>> On 2019/5/18 下午5:18, Michael Laß wrote:
>>>
>>>> Am 18.05.2019 um 06:09 schrieb Chris Murphy <lists at colorremedies.com>:
>>>>
>>>> On Fri, May 17, 2019 at 11:37 AM Michael Laß <bevan at bi-co.net> wrote:
>>>>>
>>>>>
>>>>> I tried to reproduce this issue: I recreated the btrfs file system, set up a minimal system and issued fstrim again. It printed the following error message:
>>>>>
>>>>> fstrim: /: FITRIM ioctl failed: Input/output error
>>>>
>>>> Huh. Any kernel message at the same time? I would expect any fstrim
>>>> user space error message to also have a kernel message. Any i/o error
>>>> suggests some kind of storage stack failure - which could be hardware
>>>> or software, you can't know without seeing the kernel messages.
>>>
>>> I missed that. The kernel messages are:
>>>
>>> attempt to access beyond end of device
>>> sda1: rw=16387, want=252755893, limit=250067632
>>> BTRFS warning (device dm-5): failed to trim 1 device(s), last error -5
>>>
>>> Here are some more information on the partitions and LVM physical segments:
>>>
>>> fdisk -l /dev/sda:
>>>
>>> Device Boot Start End Sectors Size Id Type
>>> /dev/sda1 * 2048 250069679 250067632 119.2G 8e Linux LVM
>>>
>>> pvdisplay -m:
>>>
>>> --- Physical volume ---
>>> PV Name /dev/sda1
>>> VG Name vg_system
>>> PV Size 119.24 GiB / not usable <22.34 MiB
>>> Allocatable yes (but full)
>>> PE Size 32.00 MiB
>>> Total PE 3815
>>> Free PE 0
>>> Allocated PE 3815
>>> PV UUID mqCLFy-iDnt-NfdC-lfSv-Maor-V1Ih-RlG8lP
>>>
>>> --- Physical Segments ---
>>> Physical extent 0 to 1248:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 2231 to 3479
>>> Physical extent 1249 to 1728:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 640 to 1119
>>> Physical extent 1729 to 1760:
>>> Logical volume /dev/vg_system/grml-images
>>> Logical extents 0 to 31
>>> Physical extent 1761 to 2016:
>>> Logical volume /dev/vg_system/swap
>>> Logical extents 0 to 255
>>> Physical extent 2017 to 2047:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 3480 to 3510
>>> Physical extent 2048 to 2687:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 0 to 639
>>> Physical extent 2688 to 3007:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 1911 to 2230
>>> Physical extent 3008 to 3320:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 1120 to 1432
>>> Physical extent 3321 to 3336:
>>> Logical volume /dev/vg_system/boot
>>> Logical extents 0 to 15
>>> Physical extent 3337 to 3814:
>>> Logical volume /dev/vg_system/btrfs
>>> Logical extents 1433 to 1910
>>>
>>>
>>> Would btrfs even be able to accidentally trim parts of other LVs or does this clearly hint towards a LVM/dm issue?
>>
>> I can't speak sure, but (at least for latest kernel) btrfs has a lot of
>> extra mount time self check, including chunk stripe check against
>> underlying device, thus the possibility shouldn't be that high for btrfs.
>
> Indeed, bisecting the issue led me to a range of commits that only contains dm-related and no btrfs-related changes. So I assume this is a bug in dm.
>
>>> Is there an easy way to somehow trace the trim through the different layers so one can see where it goes wrong?
>>
>> Sure, you could use dm-log-writes.
>> It will record all read/write (including trim) for later replay.
>>
>> So in your case, you can build the storage stack like:
>>
>> Btrfs
>> <dm-log-writes>
>> LUKS/dmcrypt
>> LVM
>> MBR partition
>> Samsung SSD
>>
>> Then replay the log (using src/log-write/replay-log in fstests) with
>> verbose output, you can verify every trim operation against the dmcrypt
>> device size.
>>
>> If all trim are fine, then move the dm-log-writes a layer lower, until
>> you find which layer is causing the problem.
>
> That sounds like a plan! However, I first want to continue bisecting as I am afraid to lose my reproducer by changing parts of my storage stack.
>
> Cheers,
> Michael
>
>>
>> Thanks,
>> Qu
>>>
>>> Cheers,
>>> Michael
>>>
>>> PS: Current state of bisection: It looks like the error was introduced somewhere between b5dd0c658c31b469ccff1b637e5124851e7a4a1c and v5.1.
>
>
> --
> dm-devel mailing list
> dm-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/dm-devel
More information about the dm-devel
mailing list