btrfs: Exit gracefully when chunk map cannot be inserted to the tree
authorQu Wenruo <wqu@suse.com>
Wed, 1 Aug 2018 02:37:20 +0000 (10:37 +0800)
committerDavid Sterba <dsterba@suse.com>
Mon, 6 Aug 2018 11:13:03 +0000 (13:13 +0200)
It's entirely possible that a crafted btrfs image contains overlapping
chunks.

Although we can't detect such problem by tree-checker, it's not a
catastrophic problem, current extent map can already detect such problem
and return -EEXIST.

We just only need to exit gracefully and fail the mount.

Reported-by: Xu Wen <wen.xu@gatech.edu>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=200409
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
fs/btrfs/volumes.c

index 96be1e50b027f19c56891792dbdde94778a09b70..7218a79a0e57941209f2f62ccef913c549bd91b3 100644 (file)
@@ -6489,10 +6489,14 @@ static int read_one_chunk(struct btrfs_fs_info *fs_info, struct btrfs_key *key,
        write_lock(&map_tree->map_tree.lock);
        ret = add_extent_mapping(&map_tree->map_tree, em, 0);
        write_unlock(&map_tree->map_tree.lock);
        write_lock(&map_tree->map_tree.lock);
        ret = add_extent_mapping(&map_tree->map_tree, em, 0);
        write_unlock(&map_tree->map_tree.lock);
-       BUG_ON(ret); /* Tree corruption */
+       if (ret < 0) {
+               btrfs_err(fs_info,
+                         "failed to add chunk map, start=%llu len=%llu: %d",
+                         em->start, em->len, ret);
+       }
        free_extent_map(em);
 
        free_extent_map(em);
 
-       return 0;
+       return ret;
 }
 
 static void fill_device_from_item(struct extent_buffer *leaf,
 }
 
 static void fill_device_from_item(struct extent_buffer *leaf,