Casey Bodley [Thu, 20 Nov 2025 16:57:35 +0000 (11:57 -0500)]
qa/rgw/upgrade: exclude ceph-osd-classic/crimson on squid and tentacle
split packages for ceph-osd-classic and ceph-osd-crimson were added on
main, but don't exist on squid and tentacle. exclude these packages from
their install tasks
Elliot Courant [Mon, 24 Nov 2025 17:50:56 +0000 (11:50 -0600)]
deb/cephadm: Don't assume a home directory is configured
cephadm.postinst can fail if cephadm was originally installed using a
version that didn't configure a home directory for the user at all.
Newer versions do configure a home directory (as either `/home/cephadm`
or `/var/lib/cephadm`) so if that is configured then nothing needs to be
done. But if the user was created with no home directory then one needs
to be added for the configure step to succeed.
Fixes: https://tracker.ceph.com/issues/72083
commit 90bc0369243077c2aaf67f0de2bab5810b217f4e added home directories
for new cephadm users created, but didn't add home directories to
cephadm users that already existed.
Ilya Dryomov [Tue, 9 Dec 2025 14:22:02 +0000 (15:22 +0100)]
librbd: fix ExclusiveLock::accept_request() when !is_state_locked()
To accept an async request, two conditions must be met: a) exclusive
lock must be a firm STATE_LOCKED state and b) async requests shouldn't
be blocked or if they are blocked there should be an exception in place
for a given request_type. If a) is met but b) isn't, ret_val is set
to m_request_blocked_ret_val, as expected -- the reason for denying
the request is that async requests are blocked. However, if a) isn't
met, ret_val also gets set to m_request_blocked_ret_val. This is wrong
because the reason for denying the request in this case isn't that
async requests are blocked (they may or may not be) but a much heavier
circumstance of exclusive lock being in a transient state or not held
at all.
In such scenarios, whether async requests are blocked or not isn't
relevant and ExclusiveLock::accept_request() behaving otherwise can
lead to bogus "duplicate lock owners detected" errors getting raised
during an attempt to handle any maintenance operation notification in
ImageWatcher::handle_operation_request(). This error isn't considered
retryable so the entire operation that needed the exclusive lock would
be spuriously failed with EINVAL.
See comment:
```
//TODO: should be changed to return future<> once all calls
// to refresh are through co_await. We return LBAMapping
// for now to avoid mandating the callers to make sure
// the life of the lba mapping survives the refresh.
```
For now introduce co_refresh and mark the existing refresh as
deprecated. Following work will audit all the existing users of
refresh and move them to the new method. This change is not trivial
so I prefer to follow up on this as a separate PR.
This should help avoiding UAR in suspension points:
```
==103588==ERROR: AddressSanitizer: stack-use-after-return on address 0xffff80197e90 at pc 0xaaaacb941b24 bp 0xffff7e48dd80 sp 0xffff7e48dd78
READ of size 8 at 0xffff80197e90 thread T1
#0 0xaaaacb941b20 in boost::intrusive_ptr<crimson::os::seastore::LBACursor>::swap(boost::intrusive_ptr<crimson::os::seastore::LBACursor>&) /opt/ceph/include/boost/smart_ptr/intrusive_ptr.hpp:172:18
#1 0xaaaacb941998 in boost::intrusive_ptr<crimson::os::seastore::LBACursor>::operator=(boost::intrusive_ptr<crimson::os::seastore::LBACursor>&&) /opt/ceph/include/boost/smart_ptr/intrusive_ptr.hpp:93:61
#2 0xaaaacb933758 in crimson::os::seastore::LBAMapping::operator=(crimson::os::seastore::LBAMapping&&) /ceph/src/crimson/os/seastore/lba_mapping.h:46:48
#3 0xaaaacde2fa54 in ... crimson::os::seastore::LBAMapping&&, std::array<crimson::os::seastore::LBAManager::remap_entry_t, 1ul>) (.resume) /ceph/src/crimson/os/seastore/transaction_manager.h:1282:11
```
Deprecate is commented out since otherwise make check would fail.
Matan Breizman [Sun, 7 Dec 2025 10:36:28 +0000 (10:36 +0000)]
crimson/os/seastore/cache: Verify crc prior to complete_io
Calling check_full_extent_integrity in pin_to_extent is wrong.
By the time we partially read the extent, another transaction
might fully load the entire extent. Either by a full_extent read
or by filling the missing unloaded extent gap.
This would result in veryfing the extent crc since it's fully
loaded. However, since the extent was only partially read our
data (and crc) might be outdated.
Instead move the crc checks to read_extent prior to complete_io.
That way we would only check the crc when the extent was intended to
be fully loaded. Other users of read_extent which do not use pin_crc
(CRC_NULL), would skip this check.
Matan Breizman [Sun, 7 Dec 2025 10:31:41 +0000 (10:31 +0000)]
crimson/os/seastore/cache: get_absent_extent to accept pin_crc
Allow pin_to_extent_by_type and pin_to_extent to pass the pin CRC.
As get_absent_extent and read_extent has other users which are not
pin_to_extent - use CRC_NULL as the default value.
This change would allow us to move the integrity checks to _read_extent.
See next commit.
Kefu Chai [Mon, 8 Dec 2025 08:29:00 +0000 (16:29 +0800)]
include/cpp-btree: fix array bounds warning in child() accessors
Replace array indexing with pointer arithmetic in child() and
mutable_child() methods to avoid compiler warning when accessing
child nodes beyond the static array bounds.
The original code was functionally correct but triggered
-Warray-bounds when accessing mutable_child(32) during btree
operations. Using pointer arithmetic achieves the same result
without the bounds check warning.
This is a follow-up to commit 8458a19ab which fixed similar
warnings in other btree_node methods.
check_full_extent_integrity would allow for CRC_NULL (0) checksums
when `full_extent_integrity_check` was false. Instead, move this
check as an assertiion into TransactionManager::read_pin.
This would allow us to reuse CRC_NULL concept for more purposes e.g
skipping integrity checks when no CRC is passed (next commits).
Note: With this change check_full_extent_integrity could be called
only on non CRC_NULL, the check would be moved in next commits.
Kefu Chai [Tue, 25 Nov 2025 11:02:32 +0000 (19:02 +0800)]
script: sanitize git branch names for OCI tag compliance
Git branch names commonly use forward slashes for hierarchy
(e.g., feature/my-branch), but OCI container image tags cannot
contain slashes. This causes build-with-container.py to fail when
building images from branches with slashes in their names.
Add _sanitize_for_oci_tag() function to convert branch names into
OCI-compliant tags by:
- Replacing '/' with '-'
- Replacing other invalid characters with '_'
- Stripping leading invalid characters
- Truncating to 128 characters (OCI tag max length)
Apply sanitization consistently to both auto-detected branches
and manually specified --current-branch arguments.
Fixes branch name handling for pull request branches and other
hierarchical naming schemes.
References:
- OCI Image Spec: tags must match [a-zA-Z0-9_][a-zA-Z0-9._-]{0,127}
https://github.com/opencontainers/image-spec/blob/main/descriptor.md
- Git allows '/' in branch names for hierarchical organization
https://git-scm.com/docs/git-check-ref-format
https://docs.github.com/en/get-started/using-git/dealing-with-special-characters-in-branch-and-tag-names
Ville Ojamo [Wed, 22 Oct 2025 07:19:31 +0000 (14:19 +0700)]
doc: Use validated links with ref instead of external links
Use :ref: for intra-docs links that are validated, instead of external
links.
Only use already existing labels.
Fixes a few anchors that pointed to now-renamed section titles.
Use automatically generated link text where appropriate.
Delete unused link definitions.
Mostly in doc/rados/ but also a few in doc/rbd/.
Try to fix all links in each of the changed documents.
Signed-off-by: Ville Ojamo <14869000+bluikko@users.noreply.github.com>
cmake: convert erasure_code and json_spirit to OBJECT libraries
This resolves a circular dependency issue where ceph-common was linked
against erasure_code and json_spirit static libraries, while these
libraries themselves referenced symbols from ceph-common, creating an
unresolvable circular dependency. The static libraries were incorrectly
marked PUBLIC, causing executables linking against ceph-common to also
link against them directly.
The circular dependency manifested as linker errors in tests like
ceph_test_ino_release_cb, where libjson_spirit.a and liberasure_code.a
contained undefined references to ceph-common symbols (e.g.,
ceph::__ceph_assert_fail and get_str_list) that couldn't be resolved
due to the linking order.
For instance, ceph_test_ino_release_cb failed to link:
```
/usr/bin/ld: ../../../lib/libcephfs.so.2.0.0: undefined reference to symbol '_ZN4ceph18__ceph_assert_failERKNS_11assert_dataE'
/usr/bin/ld: ../../../lib/libceph-common.so.2: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
```
Changes:
- Convert erasure_code and json_spirit from STATIC to OBJECT libraries
- Embed their object files directly into ceph-common during linking,
breaking the circular dependency and preventing public propagation
of these dependencies to downstream targets
- Remove direct linkage from targets that already get these symbols
through ceph-common dependencies:
* Erasure code unit tests (unittest_erasure_code_isa,
unittest_erasure_code_plugin_isa, unittest_erasure_code_example)
* Test libraries (radostest)
* Plugins (denc-mod-osd, cls_refcount, cls_rgw, cls_lua, ec_lrc)
This also prevents ODR violations that would occur if targets linked
against these libraries directly while also getting them from
ceph-common. Such violations cause undefined behavior including
segmentation faults, as static variables and vtables would exist in
duplicate, leading to crashes during destruction or when accessing
shared state.
For example, before removing direct linkage from plugins, ceph-dencoder
would segfault on certain object types:
/ceph/src/test/encoding/readable.sh: line 111: Segmentation fault
$CEPH_DENCODER type ScrubMap import ... decode encode decode dump_json
Thomas Lamprecht [Wed, 31 Jul 2024 07:48:08 +0000 (09:48 +0200)]
debian/control: record python3-packaging dependency for ceph-volume
Commit 0985e201 added `from packaging import version` to
ceph_volume/util/encryption.py. On Debian and its derivatives, the
packaging module is provided by the python3-packaging package.
Add python3-packaging to ceph-volume's runtime dependencies to ensure
this import is satisfied.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Signed-off-by: Max R. Carrara <m.carrara@proxmox.com>
crimson/mclock_scheduler: Support mclock for crimson
The patch is trying to sync mclock source of crimson similar to
classic osds. Currently the feature is use by crimson only for
background recovery operations but later we will use it for other
OSD operations also.To use the same user need to configure
crimson_osd_scheduler_concurrency parameter for osd.
Replace item_t with WorkItem variant to maintain similarity
with classic OSD.
crimson/background_recovery: switch to unified SchedulerClass and introduce get_average_object_size for pg
1) Replace usage of crimson::osd::scheduler::scheduler_class_t
with unified SchedulerClass
2) Add priority to scheduler params structure
3) Introduce get_average_object_size for pg
crimson/osd,osd_operation: initialize mClock scheduler, detect rotational devices, and run OperationThrottler background task
Initialize the mClock scheduler on all shards when the device class
is non-rotational. If the device is rotational throw an exception
to prevent unsupported configurations.
In addition, introduce a background task in OperationThrottler that
continuously dequeues and schedules client requests from the mClock
scheduler based on available credits and throttling limits.
errors in do_transaction_no_callbacks fail with vague abort message
showing only the transaction dump.
Instead, add meaningful abort message with the actual error and method.
This could be replaced by assert_all_func, though we would likely
rewrite this method soon.
Imran Imtiaz [Mon, 1 Dec 2025 14:25:07 +0000 (14:25 +0000)]
mgr/dashboard: add API endpoint to delete images from consistency groups
Signed-off-by: Imran Imtiaz <imran.imtiaz@uk.ibm.com> Fixes: https://tracker.ceph.com/issues/74033
Create a consistency group dashboard API endpoint that enables removal
of RBD images from the group.
Alex Ainscow [Fri, 28 Nov 2025 14:33:13 +0000 (14:33 +0000)]
osd: Perform shard look up correctly in partial EC writes
Plugins are permitted to provide a mapping to change the order in which OSDs
are used. In practice only LRC does this and it is not currently enabled
with optimisations, so this is a theoretical bug.
The bug here was that the "first" shard was assumed to be shard_id_t(0). However,
this is not true for LRC.
Fixes: https://tracker.ceph.com/issues/74016 Signed-off-by: Alex Ainscow <aainscow@uk.ibm.com>
Bill Scales [Fri, 21 Nov 2025 10:06:22 +0000 (10:06 +0000)]
qa: Reduce number of osd threads when using compression
Smithi nodes used by teuthology tests have 8 CPU cores and typically run
4 OSD processes. When bluestore software compression is enabled the size
of the OSD thread pool needs to be reduced to 2 threads per OSD because
these threads can easily use 100% of a core. This avoids excessive
amounts of context switches, which leads to OSD threads timing out,
which causes the OSD to drop heartbeat pings and for the monitor to
temporarily mark it down. In extreme cases this can lead to PGs getting
stuck in repeated loops of peering until the teuthology test times out.
Context switches happen oppurtunistically at the end of system calls
so functions with lots of logging are some of the worst affected.
Fixes: https://tracker.ceph.com/issues/72879 Signed-off-by: Bill Scales <bill_scales@uk.ibm.com>
Bill Scales [Fri, 21 Nov 2025 10:38:44 +0000 (10:38 +0000)]
osd: Restrict logging in MissingLoc::add_source_info
add_source_info can generate an excessive amount of logging
if a PG has thousands of missing objects. When a system is
under load and threads are repeatedly context switching this
can lead to timeouts (tests showed this function taking up
to 10 seconds to execute with 99% of that time being in
logging calls where the thread was being pre-empted).
Stopping logging after the function has been running for
more than 0.5 seconds strikes a balance between providing
sufficient informtion to debug problems while providing
more stability when a system is heavily loaded.
Signed-off-by: Bill Scales <bill_scales@uk.ibm.com>
Bill Scales [Fri, 21 Nov 2025 10:25:48 +0000 (10:25 +0000)]
osd: Increase log level for listing missing list
Logging the entire contents of a missing list can generate a
1M character log line when there are 8000 missing objects in a
PG. Other places in the code logging the missing list use debug
level 25 which is not enabled by default in teuthology tests.
Signed-off-by: Bill Scales <bill_scales@uk.ibm.com>
Bill Scales [Mon, 24 Nov 2025 09:18:21 +0000 (09:18 +0000)]
osd: reset_tp_timeout should reset timeout for all shards
ShardedThreadPools are only used by the classic OSD process
which can have more than one thread for the same shard. Each
thread has a heartbeat timeout used to detect stalled threads.
Some code that is known to take a long time makes calls to
reset_tp_timeout to reset this timeout. However for sharded
pools this can be ineffective because it is common for threads
for the same shard to use the same locks (e.g. PG Lock) and
therefore if thread A is taking a long time and resetting
its timeout while holding a lock, thread B for the same shard
is liable to be waiting for the same lock, will not be
resetting its timeout and can be timed out.
Debug for issue 72879 showed heartbeat timeouts occurring at
the same time for both shards, an attempt to fix the problem
by calling reset_tp_timeout for the slow thread still showed
the other threads for the shard timing out waiting for the PG
lock that was held bythe slow thread. Looking at the OSD code
most places where reset_tp_timeout is called the thread is
holding the PG lock.
This commit moves the concept of shard_index from OSD into
ShardedThreadPool and modifies reset_tp_timeout so that it resets
the timeout for all threads for the same shard.
Some code calls reset_tp_timeout from inside loops that can take
a long time without consideration for how long the thread has
actually been running for. There is a risk that this type of
call could repeatedly reset the timeout for another shard which
is genuinely stuck and hence defeat the heartbeat checks. To
prevent this reset_tp_timeout is modified to be a NOP unless
the thread has been processing the current workitem for more
than 0.5 seconds. Therefore threads have to be slow but making
forward progress to be abe to reset the timeout.
Fixes: https://tracker.ceph.com/issues/72879 Signed-off-by: Bill Scales <bill_scales@uk.ibm.com>
Alex Ainscow [Tue, 14 Oct 2025 08:24:56 +0000 (09:24 +0100)]
osdc: Add SplitOp capability to Objecter
This will provide the ability for Objecter to split up
certain ops and distribute them to the OSDs directly if
that provides a preformance advantage.
This is experimental code and is switched off unless the
magic pool flags are enabled. These magic pool flags were
pushed in an earlier commit in the same PR.
projects / ceph.git / log