On Mon, Apr 10, 2023 at 10:22:57AM +0800, Qu Wenruo wrote:
This is for pre-6.4 kernels, as scrub code goes through a huge rework.
[BUG] Even before the scrub rework, if we have some corrupted metadata failed to be repaired during replace, we still continue replace and let it finish just as there is nothing wrong:
BTRFS info (device dm-4): dev_replace from /dev/mapper/test-scratch1 (devid 1) to /dev/mapper/test-scratch2 started BTRFS warning (device dm-4): tree block 5578752 mirror 1 has bad csum, has 0x00000000 want 0xade80ca1 BTRFS warning (device dm-4): tree block 5578752 mirror 0 has bad csum, has 0x00000000 want 0xade80ca1 BTRFS warning (device dm-4): checksum error at logical 5578752 on dev /dev/mapper/test-scratch1, physical 5578752: metadata leaf (level 0) in tree 5 BTRFS warning (device dm-4): checksum error at logical 5578752 on dev /dev/mapper/test-scratch1, physical 5578752: metadata leaf (level 0) in tree 5 BTRFS error (device dm-4): bdev /dev/mapper/test-scratch1 errs: wr 0, rd 0, flush 0, corrupt 1, gen 0 BTRFS warning (device dm-4): tree block 5578752 mirror 1 has bad bytenr, has 0 want 5578752 BTRFS error (device dm-4): unable to fixup (regular) error at logical 5578752 on dev /dev/mapper/test-scratch1 BTRFS info (device dm-4): dev_replace from /dev/mapper/test-scratch1 (devid 1) to /dev/mapper/test-scratch2 finished
This can lead to unexpected problems for the result fs.
[CAUSE] Btrfs reuses scrub code path for dev-replace to iterate all dev extents.
But unlike scrub, dev-replace doesn't really bother to check the scrub progress, which records all the errors found during replace.
And even if we checks the progress, we can not really determine which errors are minor, which are critical just by the plain numbers. (remember we don't treat metadata/data checksum error differently).
This behavior is there from the very beginning.
[FIX] Instead of continue the replace, just error out if we hit an unrepaired metadata sector.
Now the dev-replace would be rejected with -EIO, to inform the user. Although it also means, the fs has some metadata error which can not be repaired, the user would be super upset anyway.
The new dmesg would look like this:
BTRFS info (device dm-4): dev_replace from /dev/mapper/test-scratch1 (devid 1) to /dev/mapper/test-scratch2 started BTRFS warning (device dm-4): tree block 5578752 mirror 1 has bad csum, has 0x00000000 want 0xade80ca1 BTRFS warning (device dm-4): tree block 5578752 mirror 1 has bad csum, has 0x00000000 want 0xade80ca1 BTRFS error (device dm-4): unable to fixup (regular) error at logical 5570560 on dev /dev/mapper/test-scratch1 physical 5570560 BTRFS warning (device dm-4): header error at logical 5570560 on dev /dev/mapper/test-scratch1, physical 5570560: metadata leaf (level 0) in tree 5 BTRFS warning (device dm-4): header error at logical 5570560 on dev /dev/mapper/test-scratch1, physical 5570560: metadata leaf (level 0) in tree 5 BTRFS error (device dm-4): stripe 5570560 has unrepaired metadata sector at 5578752 BTRFS error (device dm-4): btrfs_scrub_dev(/dev/mapper/test-scratch1, 1, /dev/mapper/test-scratch2) failed -5
CC: stable@vger.kernel.org Signed-off-by: Qu Wenruo wqu@suse.com
I'm not sure how should we merge this patch.
The misc-next is already merging the new scrub code, but the problem is there for all old kernels thus we need such fixes.
Maybe we can merge this fix before the scrub rework, then the rework, and finally the better fix using reworked interface?
Rebasing the whole 6.4 queue with the scrub rewrite would be too much and there's no time left for that before merge window. We'd also need to retest it after such change.
If we have the fix in master we can do a backport to older stable tree, in this case it would not be close implementation-wise but the effects should be the same. Doing two separate fixes will also avoid merge conflicts.