forked from Mirrors/btrfs-progs
b02b426a78
An infinite loop can be triggered during fuzz/003: ====== RUN MAYFAIL btrfs check --repair tests/fuzz-tests/images/bko-199833-reloc-recovery-crash.raw.restored [1/7] checking root items Fixed 0 roots. [2/7] checking extents ctree.c:1650: leaf_space_used: Warning: assertion `data_len < 0` failed, value 1 bad key ordering 18 19 ctree.c:1650: leaf_space_used: Warning: assertion `data_len < 0` failed, value 1 bad key ordering 18 19 ctree.c:1650: leaf_space_used: Warning: assertion `data_len < 0` failed, value 1 bad key ordering 18 19 [CAUSE] In try_to_fix_bad_block() it's possible that btrfs_find_all_roots() finds no root referring to that tree block, thus we can't do any repair. However in that case, we still return 0 since the last caller assigning @ret is btrfs_find_all_roots(), and the ulist while loop doesn't get run at all. And since try_to_fix_bad_block() returns 0, check_block() in check/main.c will return -EAGAIN to re-check the tree block. This leads to the infinite loop. [FIX] Change the default return value from 0 to -EIO in try_to_fix_bad_block(), so if there is no tree referring to the bad tree block, it won't cause infinite loop anymore. Signed-off-by: Qu Wenruo <wqu@suse.com> Signed-off-by: David Sterba <dsterba@suse.com> |
||
|---|---|---|
| .. | ||
| main.c | ||
| mode-common.c | ||
| mode-common.h | ||
| mode-lowmem.c | ||
| mode-lowmem.h | ||
| mode-original.h | ||