tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Btrfs: fix btrfs_remove_from_free_space corner case

Yan Zheng hit a problem where we tried to remove some free space but failed
because we couldn't find the free space entry. This is because the free space
was held within a bitmap that had a starting offset well before the actual
offset of the free space, and there were free space extents that were in the
same range as that offset, so tree_search_offset returned with NULL because we
couldn't find a free space extent that had that offset. This is fixed by
making sure that if we fail to find the entry, we re-search again with
bitmap_only set to 1 and do an offset_to_bitmap so we can get the appropriate
bitmap. A similar problem happens in btrfs_alloc_from_bitmap for the
clustering code, but that is not as bad since we will just go and redo our
cluster allocation.

Also this adds some debugging checks to make sure that the free space we are
trying to remove from the bitmap is in fact there. This can probably go away
after a while, but since this code is only used by the tree-logging stuff it
would be nice to run with it for a while to make sure there are no problems.

Signed-off-by: Josef Bacik <jbacik@redhat.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>

authored by Josef Bacik and committed by Chris Mason 6606bb97 f36f3042

+64 -9
unified split
+64 -9
fs/btrfs/free-space-cache.c
··· 414 u64 *offset, u64 *bytes) 415 { 416 u64 end; 417 418 again: 419 end = bitmap_info->offset + 420 (u64)(BITS_PER_BITMAP * block_group->sectorsize) - 1; 421 422 if (*offset > bitmap_info->offset && *offset + *bytes > end) { 423 bitmap_clear_bits(block_group, bitmap_info, *offset, ··· 448 } 449 450 if (*bytes) { 451 if (!bitmap_info->bytes) { 452 unlink_free_space(block_group, bitmap_info); 453 kfree(bitmap_info->bitmap); ··· 457 recalculate_thresholds(block_group); 458 } 459 460 - bitmap_info = tree_search_offset(block_group, 461 - offset_to_bitmap(block_group, 462 - *offset), 463 - 1, 0); 464 - if (!bitmap_info) 465 return -EINVAL; 466 467 if (!bitmap_info->bitmap) 468 return -EAGAIN; 469 470 goto again; ··· 683 again: 684 info = tree_search_offset(block_group, offset, 0, 0); 685 if (!info) { 686 - WARN_ON(1); 687 - goto out_lock; 688 } 689 690 if (info->bytes < bytes && rb_next(&info->offset_index)) { ··· 1005 if (cluster->block_group != block_group) 1006 goto out; 1007 1008 - entry = tree_search_offset(block_group, search_start, 0, 0); 1009 - 1010 if (!entry || !entry->bitmap) 1011 goto out; 1012
··· 414 u64 *offset, u64 *bytes) 415 { 416 u64 end; 417 + u64 search_start, search_bytes; 418 + int ret; 419 420 again: 421 end = bitmap_info->offset + 422 (u64)(BITS_PER_BITMAP * block_group->sectorsize) - 1; 423 + 424 + /* 425 + * XXX - this can go away after a few releases. 426 + * 427 + * since the only user of btrfs_remove_free_space is the tree logging 428 + * stuff, and the only way to test that is under crash conditions, we 429 + * want to have this debug stuff here just in case somethings not 430 + * working. Search the bitmap for the space we are trying to use to 431 + * make sure its actually there. If its not there then we need to stop 432 + * because something has gone wrong. 433 + */ 434 + search_start = *offset; 435 + search_bytes = *bytes; 436 + ret = search_bitmap(block_group, bitmap_info, &search_start, 437 + &search_bytes); 438 + BUG_ON(ret < 0 || search_start != *offset); 439 440 if (*offset > bitmap_info->offset && *offset + *bytes > end) { 441 bitmap_clear_bits(block_group, bitmap_info, *offset, ··· 430 } 431 432 if (*bytes) { 433 + struct rb_node *next = rb_next(&bitmap_info->offset_index); 434 if (!bitmap_info->bytes) { 435 unlink_free_space(block_group, bitmap_info); 436 kfree(bitmap_info->bitmap); ··· 438 recalculate_thresholds(block_group); 439 } 440 441 + /* 442 + * no entry after this bitmap, but we still have bytes to 443 + * remove, so something has gone wrong. 444 + */ 445 + if (!next) 446 return -EINVAL; 447 448 + bitmap_info = rb_entry(next, struct btrfs_free_space, 449 + offset_index); 450 + 451 + /* 452 + * if the next entry isn't a bitmap we need to return to let the 453 + * extent stuff do its work. 454 + */ 455 if (!bitmap_info->bitmap) 456 + return -EAGAIN; 457 + 458 + /* 459 + * Ok the next item is a bitmap, but it may not actually hold 460 + * the information for the rest of this free space stuff, so 461 + * look for it, and if we don't find it return so we can try 462 + * everything over again. 463 + */ 464 + search_start = *offset; 465 + search_bytes = *bytes; 466 + ret = search_bitmap(block_group, bitmap_info, &search_start, 467 + &search_bytes); 468 + if (ret < 0 || search_start != *offset) 469 return -EAGAIN; 470 471 goto again; ··· 644 again: 645 info = tree_search_offset(block_group, offset, 0, 0); 646 if (!info) { 647 + /* 648 + * oops didn't find an extent that matched the space we wanted 649 + * to remove, look for a bitmap instead 650 + */ 651 + info = tree_search_offset(block_group, 652 + offset_to_bitmap(block_group, offset), 653 + 1, 0); 654 + if (!info) { 655 + WARN_ON(1); 656 + goto out_lock; 657 + } 658 } 659 660 if (info->bytes < bytes && rb_next(&info->offset_index)) { ··· 957 if (cluster->block_group != block_group) 958 goto out; 959 960 + /* 961 + * search_start is the beginning of the bitmap, but at some point it may 962 + * be a good idea to point to the actual start of the free area in the 963 + * bitmap, so do the offset_to_bitmap trick anyway, and set bitmap_only 964 + * to 1 to make sure we get the bitmap entry 965 + */ 966 + entry = tree_search_offset(block_group, 967 + offset_to_bitmap(block_group, search_start), 968 + 1, 0); 969 if (!entry || !entry->bitmap) 970 goto out; 971