• Josef Bacik's avatar
    btrfs: wait on ordered extents on abort cleanup · f97fd292
    Josef Bacik authored
    commit 74d5d229 upstream.
    
    If we flip read-only before we initiate writeback on all dirty pages for
    ordered extents we've created then we'll have ordered extents left over
    on umount, which results in all sorts of bad things happening.  Fix this
    by making sure we wait on ordered extents if we have to do the aborted
    transaction cleanup stuff.
    
    generic/475 can produce this warning:
    
     [ 8531.177332] WARNING: CPU: 2 PID: 11997 at fs/btrfs/disk-io.c:3856 btrfs_free_fs_root+0x95/0xa0 [btrfs]
     [ 8531.183282] CPU: 2 PID: 11997 Comm: umount Tainted: G        W 5.0.0-rc1-default+ #394
     [ 8531.185164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),BIOS rel-1.11.2-0-gf9626cc-prebuilt.qemu-project.org 04/01/2014
     [ 8531.187851] RIP: 0010:btrfs_free_fs_root+0x95/0xa0 [btrfs]
     [ 8531.193082] RSP: 0018:ffffb1ab86163d98 EFLAGS: 00010286
     [ 8531.194198] RAX: ffff9f3449494d18 RBX: ffff9f34a2695000 RCX:0000000000000000
     [ 8531.195629] RDX: 0000000000000002 RSI: 0000000000000001 RDI:0000000000000000
     [ 8531.197315] RBP: ffff9f344e930000 R08: 0000000000000001 R09:0000000000000000
     [ 8531.199095] R10: 0000000000000000 R11: ffff9f34494d4ff8 R12:ffffb1ab86163dc0
     [ 8531.200870] R13: ffff9f344e9300b0 R14: ffffb1ab86163db8 R15:0000000000000000
     [ 8531.202707] FS:  00007fc68e949fc0(0000) GS:ffff9f34bd800000(0000)knlGS:0000000000000000
     [ 8531.204851] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
     [ 8531.205942] CR2: 00007ffde8114dd8 CR3: 000000002dfbd000 CR4:00000000000006e0
     [ 8531.207516] Call Trace:
     [ 8531.208175]  btrfs_free_fs_roots+0xdb/0x170 [btrfs]
     [ 8531.210209]  ? wait_for_completion+0x5b/0x190
     [ 8531.211303]  close_ctree+0x157/0x350 [btrfs]
     [ 8531.212412]  generic_shutdown_super+0x64/0x100
     [ 8531.213485]  kill_anon_super+0x14/0x30
     [ 8531.214430]  btrfs_kill_super+0x12/0xa0 [btrfs]
     [ 8531.215539]  deactivate_locked_super+0x29/0x60
     [ 8531.216633]  cleanup_mnt+0x3b/0x70
     [ 8531.217497]  task_work_run+0x98/0xc0
     [ 8531.218397]  exit_to_usermode_loop+0x83/0x90
     [ 8531.219324]  do_syscall_64+0x15b/0x180
     [ 8531.220192]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
     [ 8531.221286] RIP: 0033:0x7fc68e5e4d07
     [ 8531.225621] RSP: 002b:00007ffde8116608 EFLAGS: 00000246 ORIG_RAX:00000000000000a6
     [ 8531.227512] RAX: 0000000000000000 RBX: 00005580c2175970 RCX:00007fc68e5e4d07
     [ 8531.229098] RDX: 0000000000000001 RSI: 0000000000000000 RDI:00005580c2175b80
     [ 8531.230730] RBP: 0000000000000000 R08: 00005580c2175ba0 R09:00007ffde8114e80
     [ 8531.232269] R10: 0000000000000000 R11: 0000000000000246 R12:00005580c2175b80
     [ 8531.233839] R13: 00007fc68eac61c4 R14: 00005580c2175a68 R15:0000000000000000
    
    Leaving a tree in the rb-tree:
    
    3853 void btrfs_free_fs_root(struct btrfs_root *root)
    3854 {
    3855         iput(root->ino_cache_inode);
    3856         WARN_ON(!RB_EMPTY_ROOT(&root->inode_tree));
    
    CC: stable@vger.kernel.org
    Reviewed-by: default avatarNikolay Borisov <nborisov@suse.com>
    Signed-off-by: default avatarJosef Bacik <josef@toxicpanda.com>
    [ add stacktrace ]
    Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    f97fd292
disk-io.c 122 KB