mbox series

[v4,00/10] btrfs: error handling fixes

Message ID cover.1736591758.git.wqu@suse.com (mailing list archive)
Headers show
Series btrfs: error handling fixes | expand

Message

Qu Wenruo Jan. 11, 2025, 10:43 a.m. UTC 
[CHANGELOG]
v4:
- Rebased to the latest for-next branch
  This involves several minor conflicts due to the recent cleanup.

- Minor comment/commit message update

- Use btrfs_root_id() for error messages

- Fix the double accounting error reintroduced in the last patch
  Where the run_delalloc_nocow() function has a very weird handling for
  COW fallback, where @cur_offset can either be @cow_start or @cow_end
  depending on the fallback_to_cow() entrance.

v3:
- Add a new patch to move the ordered extent cleanup into
  cow_file_range() and run_delalloc_nocow()

- Update the comment of writepage_dealloc()
  To give a more detailed view on what should be done for all the 3
  return value patterns

- Rename the variable @last_finished to @last_finished_delalloc_end
  And enhance the comment of it.

- Add a comment on why we want submit_one_bio() after
  submit_one_sector() failed

- Add a comment explaining what cleanup_dirty_folios() does

- Update the ASCII graph to use @cur_offset other than @cur_start

v2:
- Fix the btrfs_cleanup_ordered_extents() call inside
  btrfs_run_delalloc_range()

  Since we no longer call btrfs_mark_ordered_io_finished() if
  btrfs_run_delalloc_range() failed, the existing
  btrfs_cleanup_ordered_extents() call with @locked_folio will cause the
  subpage range not to be properly cleaned up.

  This can lead to hanging ordered extents for subpage cases.

- Update the commit message of the first patch
  With more detailed analyse on how the double accounting happens.
  It's pretty complex and very lengthy, but is easier to understand (as
  least I hope so).

  The root cause is the btrfs_cleanup_ordered_extents()'s range split
  behavior, which is not subpage compatible and is cursed in the first
  place.

  So the fix is still the same, by removing the split OE handling
  completely.

- A new patch to cleanup the @locked_folio parameter of
  btrfs_cleanup_ordered_extents()

I believe there is a regression in the last 2 or 3 releases where
metadata/data space reservation code is no longer working properly,
result us to hit -ENOSPC during btrfs_run_delalloc_range().

One of the most common situation to hit such problem is during
generic/750, along with other long running generic tests.

Although I should start bisecting the space reservation bug, but I can
not help but fixing the exposed bugs first.

This exposed quite some long existing bugs, all in the error handling
paths, that can lead to the following crashes

- Double ordered extent accounting
  Triggers WARN_ON_OCE() inside can_finish_ordered_extent() then crash.

  This bug is fixed by the first 3 patches.
  The first patch is the most important one, since it's pretty easy to
  trigger in the real world, and very long existing.

  The second patch is just a precautious fix, not easy to happen in the
  real world.

  The third one is also possible in the real world, but only possible
  with the recently enabled subpage compression write support.

- Subpage ASSERT() triggered, where subpage folio bitmap differs from
  folio status
  This happens most likey in submit_uncompressed_range(), where it
  unlock the folio without updating the subpage bitmaps.

  This bug is fixed by the 3rd patch.

- WARN_ON() if out-of-tree patch "btrfs: reject out-of-band dirty folios
  during writeback" applied
  This is a more complex case, where error handling leaves some folios
  dirty, but with EXTENT_DELALLOC flag cleared from extent io tree.

  Such dirty folios are still possible to be written back later, but
  since there is no EXTENT_DELALLOC flag, it will be treat as
  out-of-band dirty flags and trigger COW fixup.

  This bug is fixed by the 4th and 5th patch

With so many existing bugs exposed, there is more than enough motivation
to make btrfs_run_delalloc_range() (and its delalloc range functions)
output extra error messages so that at least we know something is wrong.

And those error messages have already helped a lot during my
development.

Patches 6~8 are here to enhance the error messages.

Patch 9 is to cleanup the unnecessary @locked_folio parameter
of btrfs_cleanup_ordered_extents().

The final one is to make ordered extent cleanup to be more sane,
following the common reclaim-asap principle, other than delay the
cleanup until btrfs_run_delalloc_range().

With all these patches applied, at least fstests can finish reliably,
otherwise it frequently crashes in generic tests that I was unable to
finish even one full run since the space reservation regression.

Qu Wenruo (10):
  btrfs: fix double accounting race when btrfs_run_delalloc_range()
    failed
  btrfs: fix double accounting race when extent_writepage_io() failed
  btrfs: fix the error handling of submit_uncompressed_range()
  btrfs: do proper folio cleanup when cow_file_range() failed
  btrfs: do proper folio cleanup when run_delalloc_nocow() failed
  btrfs: subpage: fix the bitmap dump for the locked flags
  btrfs: subpage: dump the involved bitmap when ASSERT() failed
  btrfs: add extra error messages for delalloc range related errors
  btrfs: remove the unused @locked_folio parameter from
    btrfs_cleanup_ordered_extents()
  btrfs: move ordered extent cleanup to where they are allocated

 fs/btrfs/extent_io.c | 104 ++++++++++++----
 fs/btrfs/inode.c     | 279 ++++++++++++++++++++++++++-----------------
 fs/btrfs/subpage.c   |  47 ++++++--
 fs/btrfs/subpage.h   |  13 ++
 4 files changed, 300 insertions(+), 143 deletions(-)