On Fri, May 03, 2019 at 09:08:52AM +0800, Qu Wenruo wrote: > [BUG] > The following command can lead to unexpected data COW: > > #!/bin/bash > > dev=/dev/test/test > mnt=/mnt/btrfs > > mkfs.btrfs -f $dev -b 1G > /dev/null > mount $dev $mnt -o nospace_cache > > xfs_io -f -c "falloc 8k 24k" -c "pwrite 12k 8k" $mnt/file1 > xfs_io -c "reflink $mnt/file1 8k 0 4k" $mnt/file1 > umount $dev > > The result extent will be > > item 7 key (257 EXTENT_DATA 4096) itemoff 15760 itemsize 53 > generation 6 type 2 (prealloc) > prealloc data disk byte 13631488 nr 28672 > item 8 key (257 EXTENT_DATA 12288) itemoff 15707 itemsize 53 > generation 6 type 1 (regular) > extent data disk byte 13660160 nr 12288 <<< COW > item 9 key (257 EXTENT_DATA 24576) itemoff 15654 itemsize 53 > generation 6 type 2 (prealloc) > prealloc data disk byte 13631488 nr 28672 > > Currently we always reserve space even for NOCOW buffered write, thus > under most case it shouldn't cause anything wrong even we fall back to > COW. > > However when we're out of data space, we fall back to skip data space if > we can do NOCOW write. > > If such behavior happens under that case, we could hit the following > problems: > - data space bytes_may_use underflow > This will cause kernel warning. > This can be fixed, I laid out a few ways it could be fixed. > - ENOSPC at delalloc time > This will lead to transaction abort and fs forced to RO. > How? The metadata and data reservations are separate. If we can't make the metadata reservation we fail out, the only thing we allow is skipping the data reservation. So if we fall back to cow_file_range() at run_delalloc_nocow() time all we'll do is get an ENOSPC outside of a transaction, so we can just mark the inode as having failed its writeout with ENOSPC so fsync() returns the appropriate error and carry on. We shouldn't be aborting a transaction here at all. Thanks, Josef
