Hi Chao, I checked the repro again based on your comment and added some debug logs around the related paths.
What I saw was roughly as follows. There was already an abnormal inline state in the read path: inline flag: set data_exist: clear blocks: present This case was not rejected by sanity_check_inode(). From what I saw, the inline sanity check does an early return when inode_has_blocks() is true, so I think this case was skipped there. I think this may also explain why there was no sanity warning in the log. After that, in the eviction path, i_size was already reduced to 0, but f2fs_truncate() still entered the inline conversion path, and f2fs_convert_inline_inode() created folio 0 in the page cache first. Then f2fs_convert_inline_folio() handled the empty inline case as success because of !f2fs_exist_data(inode), and the created folio 0 remained in the page cache. Because of this, nrpages stayed 1 right before clear_inode(). >From this, I think there may be two possible directions for fixing this: 1. prevent folio 0 from being created at all in the empty inline case, or delay folio creation until it is actually needed 2. detect or guard this abnormal inline state earlier, in sanity check or before that stage At this point, both directions seem possible to me. I wanted to ask which direction you think would be more appropriate. If there is anything else I should check, please let me know. Thanks. _______________________________________________ Linux-f2fs-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
