4 This file is part of DRBD by Philipp Reisner and Lars Ellenberg.
6 Copyright (C) 2001-2008, LINBIT Information Technologies GmbH.
7 Copyright (C) 1999-2008, Philipp Reisner <philipp.reisner@linbit.com>.
8 Copyright (C) 2002-2008, Lars Ellenberg <lars.ellenberg@linbit.com>.
10 Thanks to Carter Burden, Bart Grantham and Gennadiy Nerubayev
11 from Logicworks, Inc. for making SDP replication support possible.
13 drbd is free software; you can redistribute it and/or modify
14 it under the terms of the GNU General Public License as published by
15 the Free Software Foundation; either version 2, or (at your option)
18 drbd is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 GNU General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with drbd; see the file COPYING. If not, write to
25 the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
28 #include <linux/drbd_limits.h>
32 struct after_state_chg_work {
36 enum chg_state_flags flags;
37 struct completion *done;
41 extern void _tl_restart(struct drbd_conf *mdev, enum drbd_req_event what);
42 int drbd_send_state_req(struct drbd_conf *, union drbd_state, union drbd_state);
43 static int w_after_state_ch(struct drbd_work *w, int unused);
44 static void after_state_ch(struct drbd_conf *mdev, union drbd_state os,
45 union drbd_state ns, enum chg_state_flags flags);
46 static void after_conn_state_ch(struct drbd_tconn *tconn, union drbd_state os,
47 union drbd_state ns, enum chg_state_flags flags);
48 static enum drbd_state_rv is_valid_state(struct drbd_conf *, union drbd_state);
49 static enum drbd_state_rv is_valid_soft_transition(union drbd_state, union drbd_state);
50 static enum drbd_state_rv is_valid_transition(union drbd_state os, union drbd_state ns);
51 static union drbd_state sanitize_state(struct drbd_conf *mdev, union drbd_state os,
52 union drbd_state ns, const char **warn_sync_abort);
55 * cl_wide_st_chg() - true if the state change is a cluster wide one
57 * @os: old (current) state.
58 * @ns: new (wanted) state.
60 static int cl_wide_st_chg(struct drbd_conf *mdev,
61 union drbd_state os, union drbd_state ns)
63 return (os.conn >= C_CONNECTED && ns.conn >= C_CONNECTED &&
64 ((os.role != R_PRIMARY && ns.role == R_PRIMARY) ||
65 (os.conn != C_STARTING_SYNC_T && ns.conn == C_STARTING_SYNC_T) ||
66 (os.conn != C_STARTING_SYNC_S && ns.conn == C_STARTING_SYNC_S) ||
67 (os.disk != D_DISKLESS && ns.disk == D_DISKLESS))) ||
68 (os.conn >= C_CONNECTED && ns.conn == C_DISCONNECTING) ||
69 (os.conn == C_CONNECTED && ns.conn == C_VERIFY_S);
73 drbd_change_state(struct drbd_conf *mdev, enum chg_state_flags f,
74 union drbd_state mask, union drbd_state val)
77 union drbd_state os, ns;
78 enum drbd_state_rv rv;
80 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
82 ns.i = (os.i & ~mask.i) | val.i;
83 rv = _drbd_set_state(mdev, ns, f, NULL);
85 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
91 * drbd_force_state() - Impose a change which happens outside our control on our state
93 * @mask: mask of state bits to change.
94 * @val: value of new state bits.
96 void drbd_force_state(struct drbd_conf *mdev,
97 union drbd_state mask, union drbd_state val)
99 drbd_change_state(mdev, CS_HARD, mask, val);
102 static enum drbd_state_rv
103 _req_st_cond(struct drbd_conf *mdev, union drbd_state mask,
104 union drbd_state val)
106 union drbd_state os, ns;
108 enum drbd_state_rv rv;
110 if (test_and_clear_bit(CL_ST_CHG_SUCCESS, &mdev->flags))
111 return SS_CW_SUCCESS;
113 if (test_and_clear_bit(CL_ST_CHG_FAIL, &mdev->flags))
114 return SS_CW_FAILED_BY_PEER;
116 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
118 ns.i = (os.i & ~mask.i) | val.i;
119 ns = sanitize_state(mdev, os, ns, NULL);
120 rv = is_valid_transition(os, ns);
121 if (rv == SS_SUCCESS)
122 rv = SS_UNKNOWN_ERROR; /* cont waiting, otherwise fail. */
124 if (!cl_wide_st_chg(mdev, os, ns))
126 if (rv == SS_UNKNOWN_ERROR) {
127 rv = is_valid_state(mdev, ns);
128 if (rv == SS_SUCCESS) {
129 rv = is_valid_soft_transition(os, ns);
130 if (rv == SS_SUCCESS)
131 rv = SS_UNKNOWN_ERROR; /* cont waiting, otherwise fail. */
134 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
140 * drbd_req_state() - Perform an eventually cluster wide state change
141 * @mdev: DRBD device.
142 * @mask: mask of state bits to change.
143 * @val: value of new state bits.
146 * Should not be called directly, use drbd_request_state() or
147 * _drbd_request_state().
149 static enum drbd_state_rv
150 drbd_req_state(struct drbd_conf *mdev, union drbd_state mask,
151 union drbd_state val, enum chg_state_flags f)
153 struct completion done;
155 union drbd_state os, ns;
156 enum drbd_state_rv rv;
158 init_completion(&done);
160 if (f & CS_SERIALIZE)
161 mutex_lock(&mdev->state_mutex);
163 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
165 ns.i = (os.i & ~mask.i) | val.i;
166 ns = sanitize_state(mdev, os, ns, NULL);
167 rv = is_valid_transition(os, ns);
171 if (cl_wide_st_chg(mdev, os, ns)) {
172 rv = is_valid_state(mdev, ns);
173 if (rv == SS_SUCCESS)
174 rv = is_valid_soft_transition(os, ns);
175 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
177 if (rv < SS_SUCCESS) {
179 print_st_err(mdev, os, ns, rv);
183 drbd_state_lock(mdev);
184 if (!drbd_send_state_req(mdev, mask, val)) {
185 drbd_state_unlock(mdev);
186 rv = SS_CW_FAILED_BY_PEER;
188 print_st_err(mdev, os, ns, rv);
192 wait_event(mdev->state_wait,
193 (rv = _req_st_cond(mdev, mask, val)));
195 if (rv < SS_SUCCESS) {
196 drbd_state_unlock(mdev);
198 print_st_err(mdev, os, ns, rv);
201 spin_lock_irqsave(&mdev->tconn->req_lock, flags);
203 ns.i = (os.i & ~mask.i) | val.i;
204 rv = _drbd_set_state(mdev, ns, f, &done);
205 drbd_state_unlock(mdev);
207 rv = _drbd_set_state(mdev, ns, f, &done);
210 spin_unlock_irqrestore(&mdev->tconn->req_lock, flags);
212 if (f & CS_WAIT_COMPLETE && rv == SS_SUCCESS) {
213 D_ASSERT(current != mdev->tconn->worker.task);
214 wait_for_completion(&done);
218 if (f & CS_SERIALIZE)
219 mutex_unlock(&mdev->state_mutex);
225 * _drbd_request_state() - Request a state change (with flags)
226 * @mdev: DRBD device.
227 * @mask: mask of state bits to change.
228 * @val: value of new state bits.
231 * Cousin of drbd_request_state(), useful with the CS_WAIT_COMPLETE
232 * flag, or when logging of failed state change requests is not desired.
235 _drbd_request_state(struct drbd_conf *mdev, union drbd_state mask,
236 union drbd_state val, enum chg_state_flags f)
238 enum drbd_state_rv rv;
240 wait_event(mdev->state_wait,
241 (rv = drbd_req_state(mdev, mask, val, f)) != SS_IN_TRANSIENT_STATE);
246 static void print_st(struct drbd_conf *mdev, char *name, union drbd_state ns)
248 dev_err(DEV, " %s = { cs:%s ro:%s/%s ds:%s/%s %c%c%c%c%c%c }\n",
250 drbd_conn_str(ns.conn),
251 drbd_role_str(ns.role),
252 drbd_role_str(ns.peer),
253 drbd_disk_str(ns.disk),
254 drbd_disk_str(ns.pdsk),
255 is_susp(ns) ? 's' : 'r',
256 ns.aftr_isp ? 'a' : '-',
257 ns.peer_isp ? 'p' : '-',
258 ns.user_isp ? 'u' : '-',
259 ns.susp_fen ? 'F' : '-',
260 ns.susp_nod ? 'N' : '-'
264 void print_st_err(struct drbd_conf *mdev, union drbd_state os,
265 union drbd_state ns, enum drbd_state_rv err)
267 if (err == SS_IN_TRANSIENT_STATE)
269 dev_err(DEV, "State change failed: %s\n", drbd_set_st_err_str(err));
270 print_st(mdev, " state", os);
271 print_st(mdev, "wanted", ns);
276 * is_valid_state() - Returns an SS_ error code if ns is not valid
277 * @mdev: DRBD device.
278 * @ns: State to consider.
280 static enum drbd_state_rv
281 is_valid_state(struct drbd_conf *mdev, union drbd_state ns)
283 /* See drbd_state_sw_errors in drbd_strings.c */
285 enum drbd_fencing_p fp;
286 enum drbd_state_rv rv = SS_SUCCESS;
289 if (get_ldev(mdev)) {
290 fp = mdev->ldev->dc.fencing;
294 if (get_net_conf(mdev->tconn)) {
295 if (!mdev->tconn->net_conf->two_primaries &&
296 ns.role == R_PRIMARY && ns.peer == R_PRIMARY)
297 rv = SS_TWO_PRIMARIES;
298 put_net_conf(mdev->tconn);
302 /* already found a reason to abort */;
303 else if (ns.role == R_SECONDARY && mdev->open_cnt)
304 rv = SS_DEVICE_IN_USE;
306 else if (ns.role == R_PRIMARY && ns.conn < C_CONNECTED && ns.disk < D_UP_TO_DATE)
307 rv = SS_NO_UP_TO_DATE_DISK;
309 else if (fp >= FP_RESOURCE &&
310 ns.role == R_PRIMARY && ns.conn < C_CONNECTED && ns.pdsk >= D_UNKNOWN)
313 else if (ns.role == R_PRIMARY && ns.disk <= D_INCONSISTENT && ns.pdsk <= D_INCONSISTENT)
314 rv = SS_NO_UP_TO_DATE_DISK;
316 else if (ns.conn > C_CONNECTED && ns.disk < D_INCONSISTENT)
317 rv = SS_NO_LOCAL_DISK;
319 else if (ns.conn > C_CONNECTED && ns.pdsk < D_INCONSISTENT)
320 rv = SS_NO_REMOTE_DISK;
322 else if (ns.conn > C_CONNECTED && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE)
323 rv = SS_NO_UP_TO_DATE_DISK;
325 else if ((ns.conn == C_CONNECTED ||
326 ns.conn == C_WF_BITMAP_S ||
327 ns.conn == C_SYNC_SOURCE ||
328 ns.conn == C_PAUSED_SYNC_S) &&
329 ns.disk == D_OUTDATED)
330 rv = SS_CONNECTED_OUTDATES;
332 else if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) &&
333 (mdev->sync_conf.verify_alg[0] == 0))
334 rv = SS_NO_VERIFY_ALG;
336 else if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) &&
337 mdev->tconn->agreed_pro_version < 88)
338 rv = SS_NOT_SUPPORTED;
340 else if (ns.conn >= C_CONNECTED && ns.pdsk == D_UNKNOWN)
341 rv = SS_CONNECTED_OUTDATES;
347 * is_valid_soft_transition() - Returns an SS_ error code if the state transition is not possible
348 * This function limits state transitions that may be declined by DRBD. I.e.
349 * user requests (aka soft transitions).
350 * @mdev: DRBD device.
354 static enum drbd_state_rv
355 is_valid_soft_transition(union drbd_state os, union drbd_state ns)
357 enum drbd_state_rv rv = SS_SUCCESS;
359 if ((ns.conn == C_STARTING_SYNC_T || ns.conn == C_STARTING_SYNC_S) &&
360 os.conn > C_CONNECTED)
361 rv = SS_RESYNC_RUNNING;
363 if (ns.conn == C_DISCONNECTING && os.conn == C_STANDALONE)
364 rv = SS_ALREADY_STANDALONE;
366 if (ns.disk > D_ATTACHING && os.disk == D_DISKLESS)
369 if (ns.conn == C_WF_CONNECTION && os.conn < C_UNCONNECTED)
370 rv = SS_NO_NET_CONFIG;
372 if (ns.disk == D_OUTDATED && os.disk < D_OUTDATED && os.disk != D_ATTACHING)
373 rv = SS_LOWER_THAN_OUTDATED;
375 if (ns.conn == C_DISCONNECTING && os.conn == C_UNCONNECTED)
376 rv = SS_IN_TRANSIENT_STATE;
378 if (ns.conn == os.conn && ns.conn == C_WF_REPORT_PARAMS)
379 rv = SS_IN_TRANSIENT_STATE;
381 if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) && os.conn < C_CONNECTED)
382 rv = SS_NEED_CONNECTION;
384 if ((ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T) &&
385 ns.conn != os.conn && os.conn > C_CONNECTED)
386 rv = SS_RESYNC_RUNNING;
388 if ((ns.conn == C_STARTING_SYNC_S || ns.conn == C_STARTING_SYNC_T) &&
389 os.conn < C_CONNECTED)
390 rv = SS_NEED_CONNECTION;
392 if ((ns.conn == C_SYNC_TARGET || ns.conn == C_SYNC_SOURCE)
393 && os.conn < C_WF_REPORT_PARAMS)
394 rv = SS_NEED_CONNECTION; /* No NetworkFailure -> SyncTarget etc... */
400 * is_valid_transition() - Returns an SS_ error code if the state transition is not possible
401 * This limits hard state transitions. Hard state transitions are facts there are
402 * imposed on DRBD by the environment. E.g. disk broke or network broke down.
403 * But those hard state transitions are still not allowed to do everything.
407 static enum drbd_state_rv
408 is_valid_transition(union drbd_state os, union drbd_state ns)
410 enum drbd_state_rv rv = SS_SUCCESS;
412 /* Disallow Network errors to configure a device's network part */
413 if ((ns.conn >= C_TIMEOUT && ns.conn <= C_TEAR_DOWN) &&
414 os.conn <= C_DISCONNECTING)
415 rv = SS_NEED_CONNECTION;
417 /* After a network error only C_UNCONNECTED or C_DISCONNECTING may follow. */
418 if (os.conn >= C_TIMEOUT && os.conn <= C_TEAR_DOWN &&
419 ns.conn != C_UNCONNECTED && ns.conn != C_DISCONNECTING)
420 rv = SS_IN_TRANSIENT_STATE;
422 /* After C_DISCONNECTING only C_STANDALONE may follow */
423 if (os.conn == C_DISCONNECTING && ns.conn != C_STANDALONE)
424 rv = SS_IN_TRANSIENT_STATE;
426 /* we cannot fail (again) if we already detached */
427 if (ns.disk == D_FAILED && os.disk == D_DISKLESS)
434 * sanitize_state() - Resolves implicitly necessary additional changes to a state transition
435 * @mdev: DRBD device.
440 * When we loose connection, we have to set the state of the peers disk (pdsk)
441 * to D_UNKNOWN. This rule and many more along those lines are in this function.
443 static union drbd_state sanitize_state(struct drbd_conf *mdev, union drbd_state os,
444 union drbd_state ns, const char **warn_sync_abort)
446 enum drbd_fencing_p fp;
447 enum drbd_disk_state disk_min, disk_max, pdsk_min, pdsk_max;
450 if (get_ldev(mdev)) {
451 fp = mdev->ldev->dc.fencing;
455 /* if we are only D_ATTACHING yet,
456 * we can (and should) go directly to D_DISKLESS. */
457 if (ns.disk == D_FAILED && os.disk == D_ATTACHING)
458 ns.disk = D_DISKLESS;
460 /* Implications from connection to peer and peer_isp */
461 if (ns.conn < C_CONNECTED) {
464 if (ns.pdsk > D_UNKNOWN || ns.pdsk < D_INCONSISTENT)
468 /* Clear the aftr_isp when becoming unconfigured */
469 if (ns.conn == C_STANDALONE && ns.disk == D_DISKLESS && ns.role == R_SECONDARY)
472 /* Abort resync if a disk fails/detaches */
473 if (os.conn > C_CONNECTED && ns.conn > C_CONNECTED &&
474 (ns.disk <= D_FAILED || ns.pdsk <= D_FAILED)) {
477 os.conn == C_VERIFY_S || os.conn == C_VERIFY_T ?
478 "Online-verify" : "Resync";
479 ns.conn = C_CONNECTED;
482 /* Connection breaks down before we finished "Negotiating" */
483 if (ns.conn < C_CONNECTED && ns.disk == D_NEGOTIATING &&
484 get_ldev_if_state(mdev, D_NEGOTIATING)) {
485 if (mdev->ed_uuid == mdev->ldev->md.uuid[UI_CURRENT]) {
486 ns.disk = mdev->new_state_tmp.disk;
487 ns.pdsk = mdev->new_state_tmp.pdsk;
489 dev_alert(DEV, "Connection lost while negotiating, no data!\n");
490 ns.disk = D_DISKLESS;
496 /* D_CONSISTENT and D_OUTDATED vanish when we get connected */
497 if (ns.conn >= C_CONNECTED && ns.conn < C_AHEAD) {
498 if (ns.disk == D_CONSISTENT || ns.disk == D_OUTDATED)
499 ns.disk = D_UP_TO_DATE;
500 if (ns.pdsk == D_CONSISTENT || ns.pdsk == D_OUTDATED)
501 ns.pdsk = D_UP_TO_DATE;
504 /* Implications of the connection stat on the disk states */
505 disk_min = D_DISKLESS;
506 disk_max = D_UP_TO_DATE;
507 pdsk_min = D_INCONSISTENT;
508 pdsk_max = D_UNKNOWN;
509 switch ((enum drbd_conns)ns.conn) {
511 case C_PAUSED_SYNC_T:
512 case C_STARTING_SYNC_T:
515 disk_min = D_INCONSISTENT;
516 disk_max = D_OUTDATED;
517 pdsk_min = D_UP_TO_DATE;
518 pdsk_max = D_UP_TO_DATE;
522 disk_min = D_UP_TO_DATE;
523 disk_max = D_UP_TO_DATE;
524 pdsk_min = D_UP_TO_DATE;
525 pdsk_max = D_UP_TO_DATE;
528 disk_min = D_DISKLESS;
529 disk_max = D_UP_TO_DATE;
530 pdsk_min = D_DISKLESS;
531 pdsk_max = D_UP_TO_DATE;
534 case C_PAUSED_SYNC_S:
535 case C_STARTING_SYNC_S:
537 disk_min = D_UP_TO_DATE;
538 disk_max = D_UP_TO_DATE;
539 pdsk_min = D_INCONSISTENT;
540 pdsk_max = D_CONSISTENT; /* D_OUTDATED would be nice. But explicit outdate necessary*/
543 disk_min = D_INCONSISTENT;
544 disk_max = D_INCONSISTENT;
545 pdsk_min = D_UP_TO_DATE;
546 pdsk_max = D_UP_TO_DATE;
549 disk_min = D_UP_TO_DATE;
550 disk_max = D_UP_TO_DATE;
551 pdsk_min = D_INCONSISTENT;
552 pdsk_max = D_INCONSISTENT;
555 case C_DISCONNECTING:
559 case C_NETWORK_FAILURE:
560 case C_PROTOCOL_ERROR:
562 case C_WF_CONNECTION:
563 case C_WF_REPORT_PARAMS:
567 if (ns.disk > disk_max)
570 if (ns.disk < disk_min) {
571 dev_warn(DEV, "Implicitly set disk from %s to %s\n",
572 drbd_disk_str(ns.disk), drbd_disk_str(disk_min));
575 if (ns.pdsk > pdsk_max)
578 if (ns.pdsk < pdsk_min) {
579 dev_warn(DEV, "Implicitly set pdsk from %s to %s\n",
580 drbd_disk_str(ns.pdsk), drbd_disk_str(pdsk_min));
584 if (fp == FP_STONITH &&
585 (ns.role == R_PRIMARY && ns.conn < C_CONNECTED && ns.pdsk > D_OUTDATED) &&
586 !(os.role == R_PRIMARY && os.conn < C_CONNECTED && os.pdsk > D_OUTDATED))
587 ns.susp_fen = 1; /* Suspend IO while fence-peer handler runs (peer lost) */
589 if (mdev->sync_conf.on_no_data == OND_SUSPEND_IO &&
590 (ns.role == R_PRIMARY && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE) &&
591 !(os.role == R_PRIMARY && os.disk < D_UP_TO_DATE && os.pdsk < D_UP_TO_DATE))
592 ns.susp_nod = 1; /* Suspend IO while no data available (no accessible data available) */
594 if (ns.aftr_isp || ns.peer_isp || ns.user_isp) {
595 if (ns.conn == C_SYNC_SOURCE)
596 ns.conn = C_PAUSED_SYNC_S;
597 if (ns.conn == C_SYNC_TARGET)
598 ns.conn = C_PAUSED_SYNC_T;
600 if (ns.conn == C_PAUSED_SYNC_S)
601 ns.conn = C_SYNC_SOURCE;
602 if (ns.conn == C_PAUSED_SYNC_T)
603 ns.conn = C_SYNC_TARGET;
609 void drbd_resume_al(struct drbd_conf *mdev)
611 if (test_and_clear_bit(AL_SUSPENDED, &mdev->flags))
612 dev_info(DEV, "Resumed AL updates\n");
615 /* helper for __drbd_set_state */
616 static void set_ov_position(struct drbd_conf *mdev, enum drbd_conns cs)
618 if (mdev->tconn->agreed_pro_version < 90)
619 mdev->ov_start_sector = 0;
620 mdev->rs_total = drbd_bm_bits(mdev);
621 mdev->ov_position = 0;
622 if (cs == C_VERIFY_T) {
623 /* starting online verify from an arbitrary position
624 * does not fit well into the existing protocol.
625 * on C_VERIFY_T, we initialize ov_left and friends
626 * implicitly in receive_DataRequest once the
627 * first P_OV_REQUEST is received */
628 mdev->ov_start_sector = ~(sector_t)0;
630 unsigned long bit = BM_SECT_TO_BIT(mdev->ov_start_sector);
631 if (bit >= mdev->rs_total) {
632 mdev->ov_start_sector =
633 BM_BIT_TO_SECT(mdev->rs_total - 1);
636 mdev->rs_total -= bit;
637 mdev->ov_position = mdev->ov_start_sector;
639 mdev->ov_left = mdev->rs_total;
643 * __drbd_set_state() - Set a new DRBD state
644 * @mdev: DRBD device.
647 * @done: Optional completion, that will get completed after the after_state_ch() finished
649 * Caller needs to hold req_lock, and global_state_lock. Do not call directly.
652 __drbd_set_state(struct drbd_conf *mdev, union drbd_state ns,
653 enum chg_state_flags flags, struct completion *done)
656 enum drbd_state_rv rv = SS_SUCCESS;
657 const char *warn_sync_abort = NULL;
658 struct after_state_chg_work *ascw;
662 ns = sanitize_state(mdev, os, ns, &warn_sync_abort);
665 return SS_NOTHING_TO_DO;
667 rv = is_valid_transition(os, ns);
671 if (!(flags & CS_HARD)) {
672 /* pre-state-change checks ; only look at ns */
673 /* See drbd_state_sw_errors in drbd_strings.c */
675 rv = is_valid_state(mdev, ns);
676 if (rv < SS_SUCCESS) {
677 /* If the old state was illegal as well, then let
680 if (is_valid_state(mdev, os) == rv)
681 rv = is_valid_soft_transition(os, ns);
683 rv = is_valid_soft_transition(os, ns);
686 if (rv < SS_SUCCESS) {
687 if (flags & CS_VERBOSE)
688 print_st_err(mdev, os, ns, rv);
693 dev_warn(DEV, "%s aborted.\n", warn_sync_abort);
699 if (ns.role != os.role)
700 pbp += sprintf(pbp, "role( %s -> %s ) ",
701 drbd_role_str(os.role),
702 drbd_role_str(ns.role));
703 if (ns.peer != os.peer)
704 pbp += sprintf(pbp, "peer( %s -> %s ) ",
705 drbd_role_str(os.peer),
706 drbd_role_str(ns.peer));
707 if (ns.conn != os.conn)
708 pbp += sprintf(pbp, "conn( %s -> %s ) ",
709 drbd_conn_str(os.conn),
710 drbd_conn_str(ns.conn));
711 if (ns.disk != os.disk)
712 pbp += sprintf(pbp, "disk( %s -> %s ) ",
713 drbd_disk_str(os.disk),
714 drbd_disk_str(ns.disk));
715 if (ns.pdsk != os.pdsk)
716 pbp += sprintf(pbp, "pdsk( %s -> %s ) ",
717 drbd_disk_str(os.pdsk),
718 drbd_disk_str(ns.pdsk));
719 if (is_susp(ns) != is_susp(os))
720 pbp += sprintf(pbp, "susp( %d -> %d ) ",
723 if (ns.aftr_isp != os.aftr_isp)
724 pbp += sprintf(pbp, "aftr_isp( %d -> %d ) ",
727 if (ns.peer_isp != os.peer_isp)
728 pbp += sprintf(pbp, "peer_isp( %d -> %d ) ",
731 if (ns.user_isp != os.user_isp)
732 pbp += sprintf(pbp, "user_isp( %d -> %d ) ",
735 dev_info(DEV, "%s\n", pb);
738 /* solve the race between becoming unconfigured,
739 * worker doing the cleanup, and
740 * admin reconfiguring us:
741 * on (re)configure, first set CONFIG_PENDING,
742 * then wait for a potentially exiting worker,
743 * start the worker, and schedule one no_op.
744 * then proceed with configuration.
746 if (ns.disk == D_DISKLESS &&
747 ns.conn == C_STANDALONE &&
748 ns.role == R_SECONDARY &&
749 !test_and_set_bit(CONFIG_PENDING, &mdev->flags))
750 set_bit(DEVICE_DYING, &mdev->flags);
752 /* if we are going -> D_FAILED or D_DISKLESS, grab one extra reference
753 * on the ldev here, to be sure the transition -> D_DISKLESS resp.
754 * drbd_ldev_destroy() won't happen before our corresponding
755 * after_state_ch works run, where we put_ldev again. */
756 if ((os.disk != D_FAILED && ns.disk == D_FAILED) ||
757 (os.disk != D_DISKLESS && ns.disk == D_DISKLESS))
758 atomic_inc(&mdev->local_cnt);
762 if (os.disk == D_ATTACHING && ns.disk >= D_NEGOTIATING)
763 drbd_print_uuids(mdev, "attached to UUIDs");
765 wake_up(&mdev->misc_wait);
766 wake_up(&mdev->state_wait);
767 wake_up(&mdev->tconn->ping_wait);
769 /* aborted verify run. log the last position */
770 if ((os.conn == C_VERIFY_S || os.conn == C_VERIFY_T) &&
771 ns.conn < C_CONNECTED) {
772 mdev->ov_start_sector =
773 BM_BIT_TO_SECT(drbd_bm_bits(mdev) - mdev->ov_left);
774 dev_info(DEV, "Online Verify reached sector %llu\n",
775 (unsigned long long)mdev->ov_start_sector);
778 if ((os.conn == C_PAUSED_SYNC_T || os.conn == C_PAUSED_SYNC_S) &&
779 (ns.conn == C_SYNC_TARGET || ns.conn == C_SYNC_SOURCE)) {
780 dev_info(DEV, "Syncer continues.\n");
781 mdev->rs_paused += (long)jiffies
782 -(long)mdev->rs_mark_time[mdev->rs_last_mark];
783 if (ns.conn == C_SYNC_TARGET)
784 mod_timer(&mdev->resync_timer, jiffies);
787 if ((os.conn == C_SYNC_TARGET || os.conn == C_SYNC_SOURCE) &&
788 (ns.conn == C_PAUSED_SYNC_T || ns.conn == C_PAUSED_SYNC_S)) {
789 dev_info(DEV, "Resync suspended\n");
790 mdev->rs_mark_time[mdev->rs_last_mark] = jiffies;
793 if (os.conn == C_CONNECTED &&
794 (ns.conn == C_VERIFY_S || ns.conn == C_VERIFY_T)) {
795 unsigned long now = jiffies;
798 set_ov_position(mdev, ns.conn);
799 mdev->rs_start = now;
800 mdev->rs_last_events = 0;
801 mdev->rs_last_sect_ev = 0;
802 mdev->ov_last_oos_size = 0;
803 mdev->ov_last_oos_start = 0;
805 for (i = 0; i < DRBD_SYNC_MARKS; i++) {
806 mdev->rs_mark_left[i] = mdev->ov_left;
807 mdev->rs_mark_time[i] = now;
810 drbd_rs_controller_reset(mdev);
812 if (ns.conn == C_VERIFY_S) {
813 dev_info(DEV, "Starting Online Verify from sector %llu\n",
814 (unsigned long long)mdev->ov_position);
815 mod_timer(&mdev->resync_timer, jiffies);
819 if (get_ldev(mdev)) {
820 u32 mdf = mdev->ldev->md.flags & ~(MDF_CONSISTENT|MDF_PRIMARY_IND|
821 MDF_CONNECTED_IND|MDF_WAS_UP_TO_DATE|
822 MDF_PEER_OUT_DATED|MDF_CRASHED_PRIMARY);
824 if (test_bit(CRASHED_PRIMARY, &mdev->flags))
825 mdf |= MDF_CRASHED_PRIMARY;
826 if (mdev->state.role == R_PRIMARY ||
827 (mdev->state.pdsk < D_INCONSISTENT && mdev->state.peer == R_PRIMARY))
828 mdf |= MDF_PRIMARY_IND;
829 if (mdev->state.conn > C_WF_REPORT_PARAMS)
830 mdf |= MDF_CONNECTED_IND;
831 if (mdev->state.disk > D_INCONSISTENT)
832 mdf |= MDF_CONSISTENT;
833 if (mdev->state.disk > D_OUTDATED)
834 mdf |= MDF_WAS_UP_TO_DATE;
835 if (mdev->state.pdsk <= D_OUTDATED && mdev->state.pdsk >= D_INCONSISTENT)
836 mdf |= MDF_PEER_OUT_DATED;
837 if (mdf != mdev->ldev->md.flags) {
838 mdev->ldev->md.flags = mdf;
839 drbd_md_mark_dirty(mdev);
841 if (os.disk < D_CONSISTENT && ns.disk >= D_CONSISTENT)
842 drbd_set_ed_uuid(mdev, mdev->ldev->md.uuid[UI_CURRENT]);
846 /* Peer was forced D_UP_TO_DATE & R_PRIMARY, consider to resync */
847 if (os.disk == D_INCONSISTENT && os.pdsk == D_INCONSISTENT &&
848 os.peer == R_SECONDARY && ns.peer == R_PRIMARY)
849 set_bit(CONSIDER_RESYNC, &mdev->flags);
851 /* Receiver should clean up itself */
852 if (os.conn != C_DISCONNECTING && ns.conn == C_DISCONNECTING)
853 drbd_thread_stop_nowait(&mdev->tconn->receiver);
855 /* Now the receiver finished cleaning up itself, it should die */
856 if (os.conn != C_STANDALONE && ns.conn == C_STANDALONE)
857 drbd_thread_stop_nowait(&mdev->tconn->receiver);
859 /* Upon network failure, we need to restart the receiver. */
860 if (os.conn > C_TEAR_DOWN &&
861 ns.conn <= C_TEAR_DOWN && ns.conn >= C_TIMEOUT)
862 drbd_thread_restart_nowait(&mdev->tconn->receiver);
864 /* Resume AL writing if we get a connection */
865 if (os.conn < C_CONNECTED && ns.conn >= C_CONNECTED)
866 drbd_resume_al(mdev);
868 ascw = kmalloc(sizeof(*ascw), GFP_ATOMIC);
873 ascw->w.cb = w_after_state_ch;
876 drbd_queue_work(&mdev->tconn->data.work, &ascw->w);
878 dev_warn(DEV, "Could not kmalloc an ascw\n");
884 static int w_after_state_ch(struct drbd_work *w, int unused)
886 struct after_state_chg_work *ascw =
887 container_of(w, struct after_state_chg_work, w);
888 struct drbd_conf *mdev = w->mdev;
890 after_state_ch(mdev, ascw->os, ascw->ns, ascw->flags);
891 if (ascw->flags & CS_WAIT_COMPLETE) {
892 D_ASSERT(ascw->done != NULL);
893 complete(ascw->done);
900 static void abw_start_sync(struct drbd_conf *mdev, int rv)
903 dev_err(DEV, "Writing the bitmap failed not starting resync.\n");
904 _drbd_request_state(mdev, NS(conn, C_CONNECTED), CS_VERBOSE);
908 switch (mdev->state.conn) {
909 case C_STARTING_SYNC_T:
910 _drbd_request_state(mdev, NS(conn, C_WF_SYNC_UUID), CS_VERBOSE);
912 case C_STARTING_SYNC_S:
913 drbd_start_resync(mdev, C_SYNC_SOURCE);
918 int drbd_bitmap_io_from_worker(struct drbd_conf *mdev,
919 int (*io_fn)(struct drbd_conf *),
920 char *why, enum bm_flag flags)
924 D_ASSERT(current == mdev->tconn->worker.task);
926 /* open coded non-blocking drbd_suspend_io(mdev); */
927 set_bit(SUSPEND_IO, &mdev->flags);
929 drbd_bm_lock(mdev, why, flags);
931 drbd_bm_unlock(mdev);
933 drbd_resume_io(mdev);
939 * after_state_ch() - Perform after state change actions that may sleep
940 * @mdev: DRBD device.
945 static void after_state_ch(struct drbd_conf *mdev, union drbd_state os,
946 union drbd_state ns, enum chg_state_flags flags)
948 enum drbd_fencing_p fp;
949 enum drbd_req_event what = NOTHING;
950 union drbd_state nsm = (union drbd_state){ .i = -1 };
952 if (os.conn != C_CONNECTED && ns.conn == C_CONNECTED) {
953 clear_bit(CRASHED_PRIMARY, &mdev->flags);
955 mdev->p_uuid[UI_FLAGS] &= ~((u64)2);
959 if (get_ldev(mdev)) {
960 fp = mdev->ldev->dc.fencing;
964 /* Inform userspace about the change... */
965 drbd_bcast_state(mdev, ns);
967 if (!(os.role == R_PRIMARY && os.disk < D_UP_TO_DATE && os.pdsk < D_UP_TO_DATE) &&
968 (ns.role == R_PRIMARY && ns.disk < D_UP_TO_DATE && ns.pdsk < D_UP_TO_DATE))
969 drbd_khelper(mdev, "pri-on-incon-degr");
971 /* Here we have the actions that are performed after a
972 state change. This function might sleep */
976 if (os.conn < C_CONNECTED && ns.conn >= C_CONNECTED)
979 if (os.disk == D_ATTACHING && ns.disk > D_ATTACHING)
980 what = RESTART_FROZEN_DISK_IO;
987 /* case1: The outdate peer handler is successful: */
988 if (os.pdsk > D_OUTDATED && ns.pdsk <= D_OUTDATED) {
990 if (test_bit(NEW_CUR_UUID, &mdev->flags)) {
991 drbd_uuid_new_current(mdev);
992 clear_bit(NEW_CUR_UUID, &mdev->flags);
994 spin_lock_irq(&mdev->tconn->req_lock);
995 _drbd_set_state(_NS(mdev, susp_fen, 0), CS_VERBOSE, NULL);
996 spin_unlock_irq(&mdev->tconn->req_lock);
998 /* case2: The connection was established again: */
999 if (os.conn < C_CONNECTED && ns.conn >= C_CONNECTED) {
1000 clear_bit(NEW_CUR_UUID, &mdev->flags);
1006 if (what != NOTHING) {
1007 spin_lock_irq(&mdev->tconn->req_lock);
1008 _tl_restart(mdev, what);
1009 nsm.i &= mdev->state.i;
1010 _drbd_set_state(mdev, nsm, CS_VERBOSE, NULL);
1011 spin_unlock_irq(&mdev->tconn->req_lock);
1014 /* Became sync source. With protocol >= 96, we still need to send out
1015 * the sync uuid now. Need to do that before any drbd_send_state, or
1016 * the other side may go "paused sync" before receiving the sync uuids,
1017 * which is unexpected. */
1018 if ((os.conn != C_SYNC_SOURCE && os.conn != C_PAUSED_SYNC_S) &&
1019 (ns.conn == C_SYNC_SOURCE || ns.conn == C_PAUSED_SYNC_S) &&
1020 mdev->tconn->agreed_pro_version >= 96 && get_ldev(mdev)) {
1021 drbd_gen_and_send_sync_uuid(mdev);
1025 /* Do not change the order of the if above and the two below... */
1026 if (os.pdsk == D_DISKLESS && ns.pdsk > D_DISKLESS) { /* attach on the peer */
1027 drbd_send_uuids(mdev);
1028 drbd_send_state(mdev);
1030 /* No point in queuing send_bitmap if we don't have a connection
1031 * anymore, so check also the _current_ state, not only the new state
1032 * at the time this work was queued. */
1033 if (os.conn != C_WF_BITMAP_S && ns.conn == C_WF_BITMAP_S &&
1034 mdev->state.conn == C_WF_BITMAP_S)
1035 drbd_queue_bitmap_io(mdev, &drbd_send_bitmap, NULL,
1036 "send_bitmap (WFBitMapS)",
1037 BM_LOCKED_TEST_ALLOWED);
1039 /* Lost contact to peer's copy of the data */
1040 if ((os.pdsk >= D_INCONSISTENT &&
1041 os.pdsk != D_UNKNOWN &&
1042 os.pdsk != D_OUTDATED)
1043 && (ns.pdsk < D_INCONSISTENT ||
1044 ns.pdsk == D_UNKNOWN ||
1045 ns.pdsk == D_OUTDATED)) {
1046 if (get_ldev(mdev)) {
1047 if ((ns.role == R_PRIMARY || ns.peer == R_PRIMARY) &&
1048 mdev->ldev->md.uuid[UI_BITMAP] == 0 && ns.disk >= D_UP_TO_DATE) {
1049 if (is_susp(mdev->state)) {
1050 set_bit(NEW_CUR_UUID, &mdev->flags);
1052 drbd_uuid_new_current(mdev);
1053 drbd_send_uuids(mdev);
1060 if (ns.pdsk < D_INCONSISTENT && get_ldev(mdev)) {
1061 if (ns.peer == R_PRIMARY && mdev->ldev->md.uuid[UI_BITMAP] == 0) {
1062 drbd_uuid_new_current(mdev);
1063 drbd_send_uuids(mdev);
1066 /* D_DISKLESS Peer becomes secondary */
1067 if (os.peer == R_PRIMARY && ns.peer == R_SECONDARY)
1068 /* We may still be Primary ourselves.
1069 * No harm done if the bitmap still changes,
1070 * redirtied pages will follow later. */
1071 drbd_bitmap_io_from_worker(mdev, &drbd_bm_write,
1072 "demote diskless peer", BM_LOCKED_SET_ALLOWED);
1076 /* Write out all changed bits on demote.
1077 * Though, no need to da that just yet
1078 * if there is a resync going on still */
1079 if (os.role == R_PRIMARY && ns.role == R_SECONDARY &&
1080 mdev->state.conn <= C_CONNECTED && get_ldev(mdev)) {
1081 /* No changes to the bitmap expected this time, so assert that,
1082 * even though no harm was done if it did change. */
1083 drbd_bitmap_io_from_worker(mdev, &drbd_bm_write,
1084 "demote", BM_LOCKED_TEST_ALLOWED);
1088 /* Last part of the attaching process ... */
1089 if (ns.conn >= C_CONNECTED &&
1090 os.disk == D_ATTACHING && ns.disk == D_NEGOTIATING) {
1091 drbd_send_sizes(mdev, 0, 0); /* to start sync... */
1092 drbd_send_uuids(mdev);
1093 drbd_send_state(mdev);
1096 /* We want to pause/continue resync, tell peer. */
1097 if (ns.conn >= C_CONNECTED &&
1098 ((os.aftr_isp != ns.aftr_isp) ||
1099 (os.user_isp != ns.user_isp)))
1100 drbd_send_state(mdev);
1102 /* In case one of the isp bits got set, suspend other devices. */
1103 if ((!os.aftr_isp && !os.peer_isp && !os.user_isp) &&
1104 (ns.aftr_isp || ns.peer_isp || ns.user_isp))
1105 suspend_other_sg(mdev);
1107 /* Make sure the peer gets informed about eventual state
1108 changes (ISP bits) while we were in WFReportParams. */
1109 if (os.conn == C_WF_REPORT_PARAMS && ns.conn >= C_CONNECTED)
1110 drbd_send_state(mdev);
1112 if (os.conn != C_AHEAD && ns.conn == C_AHEAD)
1113 drbd_send_state(mdev);
1115 /* We are in the progress to start a full sync... */
1116 if ((os.conn != C_STARTING_SYNC_T && ns.conn == C_STARTING_SYNC_T) ||
1117 (os.conn != C_STARTING_SYNC_S && ns.conn == C_STARTING_SYNC_S))
1118 /* no other bitmap changes expected during this phase */
1119 drbd_queue_bitmap_io(mdev,
1120 &drbd_bmio_set_n_write, &abw_start_sync,
1121 "set_n_write from StartingSync", BM_LOCKED_TEST_ALLOWED);
1123 /* We are invalidating our self... */
1124 if (os.conn < C_CONNECTED && ns.conn < C_CONNECTED &&
1125 os.disk > D_INCONSISTENT && ns.disk == D_INCONSISTENT)
1126 /* other bitmap operation expected during this phase */
1127 drbd_queue_bitmap_io(mdev, &drbd_bmio_set_n_write, NULL,
1128 "set_n_write from invalidate", BM_LOCKED_MASK);
1130 /* first half of local IO error, failure to attach,
1131 * or administrative detach */
1132 if (os.disk != D_FAILED && ns.disk == D_FAILED) {
1133 enum drbd_io_error_p eh;
1135 /* corresponding get_ldev was in __drbd_set_state, to serialize
1136 * our cleanup here with the transition to D_DISKLESS,
1137 * so it is safe to dreference ldev here. */
1138 eh = mdev->ldev->dc.on_io_error;
1139 was_io_error = test_and_clear_bit(WAS_IO_ERROR, &mdev->flags);
1141 /* current state still has to be D_FAILED,
1142 * there is only one way out: to D_DISKLESS,
1143 * and that may only happen after our put_ldev below. */
1144 if (mdev->state.disk != D_FAILED)
1146 "ASSERT FAILED: disk is %s during detach\n",
1147 drbd_disk_str(mdev->state.disk));
1149 if (drbd_send_state(mdev))
1150 dev_warn(DEV, "Notified peer that I am detaching my disk\n");
1152 dev_err(DEV, "Sending state for detaching disk failed\n");
1154 drbd_rs_cancel_all(mdev);
1156 /* In case we want to get something to stable storage still,
1157 * this may be the last chance.
1158 * Following put_ldev may transition to D_DISKLESS. */
1162 if (was_io_error && eh == EP_CALL_HELPER)
1163 drbd_khelper(mdev, "local-io-error");
1166 /* second half of local IO error, failure to attach,
1167 * or administrative detach,
1168 * after local_cnt references have reached zero again */
1169 if (os.disk != D_DISKLESS && ns.disk == D_DISKLESS) {
1170 /* We must still be diskless,
1171 * re-attach has to be serialized with this! */
1172 if (mdev->state.disk != D_DISKLESS)
1174 "ASSERT FAILED: disk is %s while going diskless\n",
1175 drbd_disk_str(mdev->state.disk));
1178 mdev->rs_failed = 0;
1179 atomic_set(&mdev->rs_pending_cnt, 0);
1181 if (drbd_send_state(mdev))
1182 dev_warn(DEV, "Notified peer that I'm now diskless.\n");
1183 /* corresponding get_ldev in __drbd_set_state
1184 * this may finally trigger drbd_ldev_destroy. */
1188 /* Notify peer that I had a local IO error, and did not detached.. */
1189 if (os.disk == D_UP_TO_DATE && ns.disk == D_INCONSISTENT)
1190 drbd_send_state(mdev);
1192 /* Disks got bigger while they were detached */
1193 if (ns.disk > D_NEGOTIATING && ns.pdsk > D_NEGOTIATING &&
1194 test_and_clear_bit(RESYNC_AFTER_NEG, &mdev->flags)) {
1195 if (ns.conn == C_CONNECTED)
1196 resync_after_online_grow(mdev);
1199 /* A resync finished or aborted, wake paused devices... */
1200 if ((os.conn > C_CONNECTED && ns.conn <= C_CONNECTED) ||
1201 (os.peer_isp && !ns.peer_isp) ||
1202 (os.user_isp && !ns.user_isp))
1203 resume_next_sg(mdev);
1205 /* sync target done with resync. Explicitly notify peer, even though
1206 * it should (at least for non-empty resyncs) already know itself. */
1207 if (os.disk < D_UP_TO_DATE && os.conn >= C_SYNC_SOURCE && ns.conn == C_CONNECTED)
1208 drbd_send_state(mdev);
1210 /* This triggers bitmap writeout of potentially still unwritten pages
1211 * if the resync finished cleanly, or aborted because of peer disk
1212 * failure, or because of connection loss.
1213 * For resync aborted because of local disk failure, we cannot do
1214 * any bitmap writeout anymore.
1215 * No harm done if some bits change during this phase.
1217 if (os.conn > C_CONNECTED && ns.conn <= C_CONNECTED && get_ldev(mdev)) {
1218 drbd_queue_bitmap_io(mdev, &drbd_bm_write, NULL,
1219 "write from resync_finished", BM_LOCKED_SET_ALLOWED);
1223 if (ns.disk == D_DISKLESS &&
1224 ns.conn == C_STANDALONE &&
1225 ns.role == R_SECONDARY) {
1226 if (os.aftr_isp != ns.aftr_isp)
1227 resume_next_sg(mdev);
1230 after_conn_state_ch(mdev->tconn, os, ns, flags);
1234 static void after_conn_state_ch(struct drbd_tconn *tconn, union drbd_state os,
1235 union drbd_state ns, enum chg_state_flags flags)
1237 /* Upon network configuration, we need to start the receiver */
1238 if (os.conn == C_STANDALONE && ns.conn == C_UNCONNECTED)
1239 drbd_thread_start(&tconn->receiver);
1241 if (ns.disk == D_DISKLESS &&
1242 ns.conn == C_STANDALONE &&
1243 ns.role == R_SECONDARY) {
1244 /* if (test_bit(DEVICE_DYING, &mdev->flags)) TODO: DEVICE_DYING functionality */
1245 drbd_thread_stop_nowait(&tconn->worker);
projects / firefly-linux-kernel-4.4.55.git / blob