Skip to content

Commit 69fc6cb

Browse files
adam900710kdave
adam900710
authored and
kdave
committed
btrfs: tree-checker: Fix false panic for sanity test
[BUG] If we run btrfs with CONFIG_BTRFS_FS_RUN_SANITY_TESTS=y, it will instantly cause kernel panic like: ------ ... assertion failed: 0, file: fs/btrfs/disk-io.c, line: 3853 ... Call Trace: btrfs_mark_buffer_dirty+0x187/0x1f0 [btrfs] setup_items_for_insert+0x385/0x650 [btrfs] __btrfs_drop_extents+0x129a/0x1870 [btrfs] ... ----- [Cause] Btrfs will call btrfs_check_leaf() in btrfs_mark_buffer_dirty() to check if the leaf is valid with CONFIG_BTRFS_FS_RUN_SANITY_TESTS=y. However quite some btrfs_mark_buffer_dirty() callers(*) don't really initialize its item data but only initialize its item pointers, leaving item data uninitialized. This makes tree-checker catch uninitialized data as error, causing such panic. *: These callers include but not limited to setup_items_for_insert() btrfs_split_item() btrfs_expand_item() [Fix] Add a new parameter @check_item_data to btrfs_check_leaf(). With @check_item_data set to false, item data check will be skipped and fallback to old btrfs_check_leaf() behavior. So we can still get early warning if we screw up item pointers, and avoid false panic. Cc: Filipe Manana <[email protected]> Reported-by: Lakshmipathi.G <[email protected]> Signed-off-by: Qu Wenruo <[email protected]> Reviewed-by: Liu Bo <[email protected]> Reviewed-by: David Sterba <[email protected]> Signed-off-by: David Sterba <[email protected]>
1 parent ebb7044 commit 69fc6cb

File tree

3 files changed

+43
-8
lines changed

3 files changed

+43
-8
lines changed

fs/btrfs/disk-io.c

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -610,7 +610,7 @@ static int btree_readpage_end_io_hook(struct btrfs_io_bio *io_bio,
610610
* that we don't try and read the other copies of this block, just
611611
* return -EIO.
612612
*/
613-
if (found_level == 0 && btrfs_check_leaf(root, eb)) {
613+
if (found_level == 0 && btrfs_check_leaf_full(root, eb)) {
614614
set_bit(EXTENT_BUFFER_CORRUPT, &eb->bflags);
615615
ret = -EIO;
616616
}
@@ -3848,7 +3848,13 @@ void btrfs_mark_buffer_dirty(struct extent_buffer *buf)
38483848
buf->len,
38493849
fs_info->dirty_metadata_batch);
38503850
#ifdef CONFIG_BTRFS_FS_CHECK_INTEGRITY
3851-
if (btrfs_header_level(buf) == 0 && btrfs_check_leaf(root, buf)) {
3851+
/*
3852+
* Since btrfs_mark_buffer_dirty() can be called with item pointer set
3853+
* but item data not updated.
3854+
* So here we should only check item pointers, not item data.
3855+
*/
3856+
if (btrfs_header_level(buf) == 0 &&
3857+
btrfs_check_leaf_relaxed(root, buf)) {
38523858
btrfs_print_leaf(buf);
38533859
ASSERT(0);
38543860
}

fs/btrfs/tree-checker.c

Lines changed: 22 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -242,7 +242,8 @@ static int check_leaf_item(struct btrfs_root *root,
242242
return ret;
243243
}
244244

245-
int btrfs_check_leaf(struct btrfs_root *root, struct extent_buffer *leaf)
245+
static int check_leaf(struct btrfs_root *root, struct extent_buffer *leaf,
246+
bool check_item_data)
246247
{
247248
struct btrfs_fs_info *fs_info = root->fs_info;
248249
/* No valid key type is 0, so all key should be larger than this key */
@@ -361,10 +362,15 @@ int btrfs_check_leaf(struct btrfs_root *root, struct extent_buffer *leaf)
361362
return -EUCLEAN;
362363
}
363364

364-
/* Check if the item size and content meet other criteria */
365-
ret = check_leaf_item(root, leaf, &key, slot);
366-
if (ret < 0)
367-
return ret;
365+
if (check_item_data) {
366+
/*
367+
* Check if the item size and content meet other
368+
* criteria
369+
*/
370+
ret = check_leaf_item(root, leaf, &key, slot);
371+
if (ret < 0)
372+
return ret;
373+
}
368374

369375
prev_key.objectid = key.objectid;
370376
prev_key.type = key.type;
@@ -374,6 +380,17 @@ int btrfs_check_leaf(struct btrfs_root *root, struct extent_buffer *leaf)
374380
return 0;
375381
}
376382

383+
int btrfs_check_leaf_full(struct btrfs_root *root, struct extent_buffer *leaf)
384+
{
385+
return check_leaf(root, leaf, true);
386+
}
387+
388+
int btrfs_check_leaf_relaxed(struct btrfs_root *root,
389+
struct extent_buffer *leaf)
390+
{
391+
return check_leaf(root, leaf, false);
392+
}
393+
377394
int btrfs_check_node(struct btrfs_root *root, struct extent_buffer *node)
378395
{
379396
unsigned long nr = btrfs_header_nritems(node);

fs/btrfs/tree-checker.h

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,19 @@
2020
#include "ctree.h"
2121
#include "extent_io.h"
2222

23-
int btrfs_check_leaf(struct btrfs_root *root, struct extent_buffer *leaf);
23+
/*
24+
* Comprehensive leaf checker.
25+
* Will check not only the item pointers, but also every possible member
26+
* in item data.
27+
*/
28+
int btrfs_check_leaf_full(struct btrfs_root *root, struct extent_buffer *leaf);
29+
30+
/*
31+
* Less strict leaf checker.
32+
* Will only check item pointers, not reading item data.
33+
*/
34+
int btrfs_check_leaf_relaxed(struct btrfs_root *root,
35+
struct extent_buffer *leaf);
2436
int btrfs_check_node(struct btrfs_root *root, struct extent_buffer *node);
2537

2638
#endif

0 commit comments

Comments
 (0)