diff mbox series

[v3,5/5] btrfs: rst: don't print tree dump in case lookup fails

Message ID 20240701-b4-rst-updates-v3-5-e0437e1e04a6@kernel.org (mailing list archive)
State New, archived
Headers show
Series btrfs: rst: updates for RAID stripe tree | expand

Commit Message

Johannes Thumshirn July 1, 2024, 10:25 a.m. UTC
From: Johannes Thumshirn <johannes.thumshirn@wdc.com>

Don't print tree dump in case a raid-stripe-tree lookup fails.

Dumping the stripe tree in case of a lookup failure was originally
intended to be a debug feature, but it turned out to be a problem, in case
of i.e. readahead.

Signed-off-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
---
 fs/btrfs/raid-stripe-tree.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

Comments

Josef Bacik July 1, 2024, 2:12 p.m. UTC | #1
On Mon, Jul 01, 2024 at 12:25:19PM +0200, Johannes Thumshirn wrote:
> From: Johannes Thumshirn <johannes.thumshirn@wdc.com>
> 
> Don't print tree dump in case a raid-stripe-tree lookup fails.
> 
> Dumping the stripe tree in case of a lookup failure was originally
> intended to be a debug feature, but it turned out to be a problem, in case
> of i.e. readahead.
> 

I have no objection to the change but I'm curious how readahead triggered this?
Is there a problem here, or is it just when there is a problem readahead makes
it particularly noisy?  Thanks,

Josef
Johannes Thumshirn July 1, 2024, 3:03 p.m. UTC | #2
On 01.07.24 16:13, Josef Bacik wrote:
> On Mon, Jul 01, 2024 at 12:25:19PM +0200, Johannes Thumshirn wrote:
>> From: Johannes Thumshirn <johannes.thumshirn@wdc.com>
>>
>> Don't print tree dump in case a raid-stripe-tree lookup fails.
>>
>> Dumping the stripe tree in case of a lookup failure was originally
>> intended to be a debug feature, but it turned out to be a problem, in case
>> of i.e. readahead.
>>
> 
> I have no objection to the change but I'm curious how readahead triggered this?
> Is there a problem here, or is it just when there is a problem readahead makes
> it particularly noisy?  Thanks,

There still is a bug in conjunction with RST and relocation's readahead.
But as I've stated in the cover letter, it is know, trivial to trigger, 
but I haven't fully root caused it yet.

All I can say is, that we're doing a use-after-free triggered by:

relocate_data_extent()
`-> relocate_file_extent_cluster()
  `-> relocate_one_folio()
   `-> page_cache_sync_readahead()
    `-> read_pages()

This most likely comes due to readahead requesting a l2p mapping that 
RST is unaware of, then splits the read bio (that I can see in my 
debugging) and the endio handler frees the original bio because of an 
error while the lower layer block driver still uses it.
diff mbox series

Patch

diff --git a/fs/btrfs/raid-stripe-tree.c b/fs/btrfs/raid-stripe-tree.c
index c5c2f19387ff..20be7d0c52e6 100644
--- a/fs/btrfs/raid-stripe-tree.c
+++ b/fs/btrfs/raid-stripe-tree.c
@@ -332,10 +332,8 @@  int btrfs_get_raid_extent_offset(struct btrfs_fs_info *fs_info,
 out:
 	if (ret > 0)
 		ret = -ENOENT;
-	if (ret && ret != -EIO && !stripe->is_scrub) {
-		if (IS_ENABLED(CONFIG_BTRFS_DEBUG))
-			btrfs_print_tree(leaf, 1);
-		btrfs_err(fs_info,
+	if (ret && ret != -EIO) {
+		btrfs_debug(fs_info,
 		"cannot find raid-stripe for logical [%llu, %llu] devid %llu, profile %s",
 			  logical, logical + *length, stripe->dev->devid,
 			  btrfs_bg_type_to_raid_name(map_type));