Commit a6724290 authored Jan 23, 2024 by David Sterba

btrfs: handle invalid root reference found in btrfs_init_root_free_objectid()



The btrfs_init_root_free_objectid() looks up a root by a key, allowing
to do an inexact search when key->offset is -1.  It's never expected to
find such item, as it would break the allowed range of a root id.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Reviewed-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>

parent 9dcb6ed9

fs/btrfs/disk-io.c

+8 −1

Original line number	Diff line number	Diff line
		@@ -4927,7 +4927,14 @@ int btrfs_init_root_free_objectid(struct btrfs_root *root)
		ret = btrfs_search_slot(NULL, root, &search_key, path, 0, 0);
		if (ret < 0)
		goto error;
		BUG_ON(ret == 0); /* Corruption */
		if (ret == 0) {
		/*
		* Key with offset -1 found, there would have to exist a root
		* with such id, but this is out of valid range.
		*/
		ret = -EUCLEAN;
		goto error;
		}
		if (path->slots[0] > 0) {
		slot = path->slots[0] - 1;
		l = path->nodes[0];