[v3,11/54] btrfs: convert BUG_ON()'s in relocate_tree_block

Message ID	bba6b87c894fc35055d99f51b16b66e662f1b127.1606938211.git.josef@toxicpanda.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-btrfs-owner@kernel.org> From: Josef Bacik <josef@toxicpanda.com> To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Subject: [PATCH v3 11/54] btrfs: convert BUG_ON()'s in relocate_tree_block Date: Wed, 2 Dec 2020 14:50:29 -0500 Message-Id: <bba6b87c894fc35055d99f51b16b66e662f1b127.1606938211.git.josef@toxicpanda.com> In-Reply-To: <cover.1606938211.git.josef@toxicpanda.com> References: <cover.1606938211.git.josef@toxicpanda.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Cleanup error handling in relocation \| expand [v3,00/54] Cleanup error handling in relocation [v3,01/54] btrfs: fix error handling in commit_fs_roots [v3,02/54] btrfs: allow error injection for btrfs_search_slot and btrfs_cow_block [v3,03/54] btrfs: fix lockdep splat in btrfs_recover_relocation [v3,04/54] btrfs: keep track of the root owner for relocation reads [v3,05/54] btrfs: noinline btrfs_should_cancel_balance [v3,06/54] btrfs: do not cleanup upper nodes in btrfs_backref_cleanup_node [v3,07/54] btrfs: pass down the tree block level through ref-verify [v3,08/54] btrfs: make sure owner is set in ref-verify [v3,09/54] btrfs: don't clear ret in btrfs_start_dirty_block_groups [v3,10/54] btrfs: convert some BUG_ON()'s to ASSERT()'s in do_relocation [v3,11/54] btrfs: convert BUG_ON()'s in relocate_tree_block [v3,12/54] btrfs: return an error from btrfs_record_root_in_trans [v3,13/54] btrfs: handle errors from select_reloc_root() [v3,14/54] btrfs: convert BUG_ON()'s in select_reloc_root() to proper errors [v3,15/54] btrfs: check record_root_in_trans related failures in select_reloc_root [v3,16/54] btrfs: do proper error handling in record_reloc_root_in_trans [v3,17/54] btrfs: handle btrfs_record_root_in_trans failure in btrfs_rename_exchange [v3,18/54] btrfs: handle btrfs_record_root_in_trans failure in btrfs_rename [v3,19/54] btrfs: handle btrfs_record_root_in_trans failure in btrfs_delete_subvolume [v3,20/54] btrfs: handle btrfs_record_root_in_trans failure in btrfs_recover_log_trees [v3,21/54] btrfs: handle btrfs_record_root_in_trans failure in create_subvol [v3,22/54] btrfs: btrfs: handle btrfs_record_root_in_trans failure in relocate_tree_block [v3,23/54] btrfs: handle btrfs_record_root_in_trans failure in start_transaction [v3,24/54] btrfs: handle record_root_in_trans failure in qgroup_account_snapshot [v3,25/54] btrfs: handle record_root_in_trans failure in btrfs_record_root_in_trans [v3,26/54] btrfs: handle record_root_in_trans failure in create_pending_snapshot [v3,27/54] btrfs: do not panic in __add_reloc_root [v3,28/54] btrfs: have proper error handling in btrfs_init_reloc_root [v3,29/54] btrfs: do proper error handling in create_reloc_root [v3,30/54] btrfs: validate ->reloc_root after recording root in trans [v3,31/54] btrfs: handle btrfs_update_reloc_root failure in commit_fs_roots [v3,32/54] btrfs: change insert_dirty_subvol to return errors [v3,33/54] btrfs: handle btrfs_update_reloc_root failure in insert_dirty_subvol [v3,34/54] btrfs: handle btrfs_update_reloc_root failure in prepare_to_merge [v3,35/54] btrfs: do proper error handling in btrfs_update_reloc_root [v3,36/54] btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s [v3,37/54] btrfs: handle initial btrfs_cow_block error in replace_path [v3,38/54] btrfs: handle the loop btrfs_cow_block error in replace_path [v3,39/54] btrfs: handle btrfs_search_slot failure in replace_path [v3,40/54] btrfs: handle errors in reference count manipulation in replace_path [v3,41/54] btrfs: handle extent reference errors in do_relocation [v3,42/54] btrfs: check for BTRFS_BLOCK_FLAG_FULL_BACKREF being set improperly [v3,43/54] btrfs: remove the extent item sanity checks in relocate_block_group [v3,44/54] btrfs: do proper error handling in create_reloc_inode [v3,45/54] btrfs: handle __add_reloc_root failure in btrfs_recover_relocation [v3,46/54] btrfs: handle __add_reloc_root failure in btrfs_reloc_post_snapshot [v3,47/54] btrfs: cleanup error handling in prepare_to_merge [v3,48/54] btrfs: handle extent corruption with select_one_root properly [v3,49/54] btrfs: do proper error handling in merge_reloc_roots [v3,50/54] btrfs: check return value of btrfs_commit_transaction in relocation [v3,51/54] btrfs: do not WARN_ON() if we can't find the reloc root [v3,52/54] btrfs: print the actual offset in btrfs_root_name [v3,53/54] btrfs: fix reloc root leak with 0 ref reloc roots on recovery [v3,54/54] btrfs: splice remaining dirty_bg's onto the transaction dirty bg list

Message ID

bba6b87c894fc35055d99f51b16b66e662f1b127.1606938211.git.josef@toxicpanda.com (mailing list archive)

State

New, archived

Headers

From: Josef Bacik <josef@toxicpanda.com>
To: linux-btrfs@vger.kernel.org, kernel-team@fb.com
Subject: [PATCH v3 11/54] btrfs: convert BUG_ON()'s in relocate_tree_block
Date: Wed,  2 Dec 2020 14:50:29 -0500
Message-Id: 
 <bba6b87c894fc35055d99f51b16b66e662f1b127.1606938211.git.josef@toxicpanda.com>
In-Reply-To: <cover.1606938211.git.josef@toxicpanda.com>
References: <cover.1606938211.git.josef@toxicpanda.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Cleanup error handling in relocation | expand

Commit Message

Josef Bacik Dec. 2, 2020, 7:50 p.m. UTC

We have a couple of BUG_ON()'s in relocate_tree_block() that can be
tripped if we have file system corruption.  Convert these to ASSERT()'s
so developers still get yelled at when they break the backref code, but
error out nicely for users so the whole box doesn't go down.

Signed-off-by: Josef Bacik <josef@toxicpanda.com>
---
 fs/btrfs/relocation.c | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

Comments

Qu Wenruo Dec. 3, 2020, 2:15 a.m. UTC | #1

On 2020/12/3 上午3:50, Josef Bacik wrote:
> We have a couple of BUG_ON()'s in relocate_tree_block() that can be
> tripped if we have file system corruption.  Convert these to ASSERT()'s
> so developers still get yelled at when they break the backref code, but
> error out nicely for users so the whole box doesn't go down.
> 
> Signed-off-by: Josef Bacik <josef@toxicpanda.com>

Reviewed-by: Qu Wenruo <wqu@suse.com>

Thanks,
Qu
> ---
>  fs/btrfs/relocation.c | 24 ++++++++++++++++++++++--
>  1 file changed, 22 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c
> index d0ce771a2a8d..4333ee329290 100644
> --- a/fs/btrfs/relocation.c
> +++ b/fs/btrfs/relocation.c
> @@ -2456,8 +2456,28 @@ static int relocate_tree_block(struct btrfs_trans_handle *trans,
>  
>  	if (root) {
>  		if (test_bit(BTRFS_ROOT_SHAREABLE, &root->state)) {
> -			BUG_ON(node->new_bytenr);
> -			BUG_ON(!list_empty(&node->list));
> +			/*
> +			 * This block was the root block of a root, and this is
> +			 * the first time we're processing the block and thus it
> +			 * should not have had the ->new_bytenr modified and
> +			 * should have not been included on the changed list.
> +			 *
> +			 * However in the case of corruption we could have
> +			 * multiple refs pointing to the same block improperly,
> +			 * and thus we would trip over these checks.  ASSERT()
> +			 * for the developer case, because it could indicate a
> +			 * bug in the backref code, however error out for a
> +			 * normal user in the case of corruption.
> +			 */
> +			ASSERT(node->new_bytenr == 0);
> +			ASSERT(list_empty(&node->list));
> +			if (node->new_bytenr || !list_empty(&node->list)) {
> +				btrfs_err(root->fs_info,
> +				  "bytenr %llu has improper references to it",
> +					  node->bytenr);
> +				ret = -EUCLEAN;
> +				goto out;
> +			}
>  			btrfs_record_root_in_trans(trans, root);
>  			root = root->reloc_root;
>  			node->new_bytenr = root->node->start;
>

diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c
index d0ce771a2a8d..4333ee329290 100644
--- a/fs/btrfs/relocation.c
+++ b/fs/btrfs/relocation.c
@@ -2456,8 +2456,28 @@  static int relocate_tree_block(struct btrfs_trans_handle *trans,
 
 	if (root) {
 		if (test_bit(BTRFS_ROOT_SHAREABLE, &root->state)) {
-			BUG_ON(node->new_bytenr);
-			BUG_ON(!list_empty(&node->list));
+			/*
+			 * This block was the root block of a root, and this is
+			 * the first time we're processing the block and thus it
+			 * should not have had the ->new_bytenr modified and
+			 * should have not been included on the changed list.
+			 *
+			 * However in the case of corruption we could have
+			 * multiple refs pointing to the same block improperly,
+			 * and thus we would trip over these checks.  ASSERT()
+			 * for the developer case, because it could indicate a
+			 * bug in the backref code, however error out for a
+			 * normal user in the case of corruption.
+			 */
+			ASSERT(node->new_bytenr == 0);
+			ASSERT(list_empty(&node->list));
+			if (node->new_bytenr || !list_empty(&node->list)) {
+				btrfs_err(root->fs_info,
+				  "bytenr %llu has improper references to it",
+					  node->bytenr);
+				ret = -EUCLEAN;
+				goto out;
+			}
 			btrfs_record_root_in_trans(trans, root);
 			root = root->reloc_root;
 			node->new_bytenr = root->node->start;

[v3,11/54] btrfs: convert BUG_ON()'s in relocate_tree_block

Commit Message

Comments

Patch