btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans

int btrfs_alloc_reserved_file_extent(struct btrfs_trans_handle *trans,

int btrfs_alloc_reserved_file_extent(struct btrfs_trans_handle *trans,

				     struct btrfs_root *root,

				     struct btrfs_root *root,

				     u64 root_objectid, u64 owner,

				     u64 root_objectid, u64 owner,

				     u64 offset, struct btrfs_key *ins);

				     u64 offset, u64 ram_bytes,

				     struct btrfs_key *ins);

int btrfs_alloc_logged_file_extent(struct btrfs_trans_handle *trans,

int btrfs_alloc_logged_file_extent(struct btrfs_trans_handle *trans,

				   struct btrfs_root *root,

				   struct btrfs_root *root,

				   u64 root_objectid, u64 owner, u64 offset,

				   u64 root_objectid, u64 owner, u64 offset,

		     struct btrfs_trans_handle *trans,

		     struct btrfs_trans_handle *trans,

		     struct btrfs_delayed_ref_node *ref,

		     struct btrfs_delayed_ref_node *ref,

		     struct btrfs_qgroup_extent_record *qrecord,

		     struct btrfs_qgroup_extent_record *qrecord,

		     u64 bytenr, u64 num_bytes, int action, int is_data)

		     u64 bytenr, u64 num_bytes, u64 ref_root, u64 reserved,

		     int action, int is_data)

{

{

	struct btrfs_delayed_ref_head *existing;

	struct btrfs_delayed_ref_head *existing;

	struct btrfs_delayed_ref_head *head_ref = NULL;

	struct btrfs_delayed_ref_head *head_ref = NULL;

	int count_mod = 1;

	int count_mod = 1;

	int must_insert_reserved = 0;

	int must_insert_reserved = 0;

	/* If reserved is provided, it must be a data extent. */

	BUG_ON(!is_data && reserved);

	/*

	/*

	 * the head node stores the sum of all the mods, so dropping a ref

	 * the head node stores the sum of all the mods, so dropping a ref

	 * should drop the sum in the head node by one.

	 * should drop the sum in the head node by one.

	/* Record qgroup extent info if provided */

	/* Record qgroup extent info if provided */

	if (qrecord) {

	if (qrecord) {

		if (ref_root && reserved) {

			head_ref->qgroup_ref_root = ref_root;

			head_ref->qgroup_reserved = reserved;

		}

		qrecord->bytenr = bytenr;

		qrecord->bytenr = bytenr;

		qrecord->num_bytes = num_bytes;

		qrecord->num_bytes = num_bytes;

		qrecord->old_roots = NULL;

		qrecord->old_roots = NULL;

	existing = htree_insert(&delayed_refs->href_root,

	existing = htree_insert(&delayed_refs->href_root,

				&head_ref->href_node);

				&head_ref->href_node);

	if (existing) {

	if (existing) {

		WARN_ON(ref_root && reserved && existing->qgroup_ref_root

			&& existing->qgroup_reserved);

		update_existing_head_ref(delayed_refs, &existing->node, ref);

		update_existing_head_ref(delayed_refs, &existing->node, ref);

		/*

		/*

		 * we've updated the existing ref, free the newly

		 * we've updated the existing ref, free the newly

	 * the spin lock

	 * the spin lock

	 */

	 */

	head_ref = add_delayed_ref_head(fs_info, trans, &head_ref->node, record,

	head_ref = add_delayed_ref_head(fs_info, trans, &head_ref->node, record,

					bytenr, num_bytes, action, 0);

					bytenr, num_bytes, 0, 0, action, 0);

	add_delayed_tree_ref(fs_info, trans, head_ref, &ref->node, bytenr,

	add_delayed_tree_ref(fs_info, trans, head_ref, &ref->node, bytenr,

			     num_bytes, parent, ref_root, level, action);

			     num_bytes, parent, ref_root, level, action);

			       struct btrfs_trans_handle *trans,

			       struct btrfs_trans_handle *trans,

			       u64 bytenr, u64 num_bytes,

			       u64 bytenr, u64 num_bytes,

			       u64 parent, u64 ref_root,

			       u64 parent, u64 ref_root,

			       u64 owner, u64 offset, int action,

			       u64 owner, u64 offset, u64 reserved, int action,

			       struct btrfs_delayed_extent_op *extent_op)

			       struct btrfs_delayed_extent_op *extent_op)

{

{

	struct btrfs_delayed_data_ref *ref;

	struct btrfs_delayed_data_ref *ref;

	 * the spin lock

	 * the spin lock

	 */

	 */

	head_ref = add_delayed_ref_head(fs_info, trans, &head_ref->node, record,

	head_ref = add_delayed_ref_head(fs_info, trans, &head_ref->node, record,

					bytenr, num_bytes, action, 1);

					bytenr, num_bytes, ref_root, reserved,

					action, 1);

	add_delayed_data_ref(fs_info, trans, head_ref, &ref->node, bytenr,

	add_delayed_data_ref(fs_info, trans, head_ref, &ref->node, bytenr,

				   num_bytes, parent, ref_root, owner, offset,

				   num_bytes, parent, ref_root, owner, offset,

	spin_lock(&delayed_refs->lock);

	spin_lock(&delayed_refs->lock);

	add_delayed_ref_head(fs_info, trans, &head_ref->node, NULL, bytenr,

	add_delayed_ref_head(fs_info, trans, &head_ref->node, NULL, bytenr,

			     num_bytes, BTRFS_UPDATE_DELAYED_HEAD,

			     num_bytes, 0, 0, BTRFS_UPDATE_DELAYED_HEAD,

			     extent_op->is_data);

			     extent_op->is_data);

	spin_unlock(&delayed_refs->lock);

	spin_unlock(&delayed_refs->lock);

			       struct btrfs_trans_handle *trans,

			       struct btrfs_trans_handle *trans,

			       u64 bytenr, u64 num_bytes,

			       u64 bytenr, u64 num_bytes,

			       u64 parent, u64 ref_root,

			       u64 parent, u64 ref_root,

			       u64 owner, u64 offset, int action,

			       u64 owner, u64 offset, u64 reserved, int action,

			       struct btrfs_delayed_extent_op *extent_op);

			       struct btrfs_delayed_extent_op *extent_op);

int btrfs_add_delayed_qgroup_reserve(struct btrfs_fs_info *fs_info,

int btrfs_add_delayed_qgroup_reserve(struct btrfs_fs_info *fs_info,

				     struct btrfs_trans_handle *trans,

				     struct btrfs_trans_handle *trans,

					BTRFS_ADD_DELAYED_REF, NULL);

					BTRFS_ADD_DELAYED_REF, NULL);

	} else {

	} else {

		ret = btrfs_add_delayed_data_ref(fs_info, trans, bytenr,

		ret = btrfs_add_delayed_data_ref(fs_info, trans, bytenr,

					num_bytes,

					num_bytes, parent, root_objectid,

					parent, root_objectid, owner, offset,

					owner, offset, 0,

					BTRFS_ADD_DELAYED_REF, NULL);

					BTRFS_ADD_DELAYED_REF, NULL);

	}

	}

	return ret;

	return ret;

		ret = btrfs_add_delayed_data_ref(fs_info, trans, bytenr,

		ret = btrfs_add_delayed_data_ref(fs_info, trans, bytenr,

						num_bytes,

						num_bytes,

						parent, root_objectid, owner,

						parent, root_objectid, owner,

						offset, BTRFS_DROP_DELAYED_REF,

						offset, 0,

						NULL);

						BTRFS_DROP_DELAYED_REF, NULL);

	}

	}

	return ret;

	return ret;

}

}

int btrfs_alloc_reserved_file_extent(struct btrfs_trans_handle *trans,

int btrfs_alloc_reserved_file_extent(struct btrfs_trans_handle *trans,

				     struct btrfs_root *root,

				     struct btrfs_root *root,

				     u64 root_objectid, u64 owner,

				     u64 root_objectid, u64 owner,

				     u64 offset, struct btrfs_key *ins)

				     u64 offset, u64 ram_bytes,

				     struct btrfs_key *ins)

{

{

	int ret;

	int ret;

	ret = btrfs_add_delayed_data_ref(root->fs_info, trans, ins->objectid,

	ret = btrfs_add_delayed_data_ref(root->fs_info, trans, ins->objectid,

					 ins->offset, 0,

					 ins->offset, 0,

					 root_objectid, owner, offset,

					 root_objectid, owner, offset,

					 BTRFS_ADD_DELAYED_EXTENT, NULL);

					 ram_bytes, BTRFS_ADD_DELAYED_EXTENT,

					 NULL);

	return ret;

	return ret;

}

}

	ins.type = BTRFS_EXTENT_ITEM_KEY;

	ins.type = BTRFS_EXTENT_ITEM_KEY;

	ret = btrfs_alloc_reserved_file_extent(trans, root,

	ret = btrfs_alloc_reserved_file_extent(trans, root,

					root->root_key.objectid,

					root->root_key.objectid,

					btrfs_ino(inode), file_pos, &ins);

					btrfs_ino(inode), file_pos,

	if (ret < 0)

					ram_bytes, &ins);

		goto out;

	/*

	/*

	 * Release the reserved range from inode dirty range map, and

	 * Release the reserved range from inode dirty range map, as it is

	 * move it to delayed ref codes, as now accounting only happens at

	 * already moved into delayed_ref_head

	 * commit_transaction() time.

	 */

	 */

	btrfs_qgroup_release_data(inode, file_pos, ram_bytes);

	btrfs_qgroup_release_data(inode, file_pos, ram_bytes);

	ret = btrfs_add_delayed_qgroup_reserve(root->fs_info, trans,

			root->objectid, disk_bytenr, ram_bytes);

out:

out:

	btrfs_free_path(path);

	btrfs_free_path(path);