Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp543125pxb; Wed, 3 Mar 2021 09:12:27 -0800 (PST) X-Google-Smtp-Source: ABdhPJxGVcrQalanRbT+sywFs/PdF589QHXeWk1i/9f00QGzShZNrUMUm4DH18kdUn/8vZtQnVwG X-Received: by 2002:a05:6402:1754:: with SMTP id v20mr251564edx.191.1614791547506; Wed, 03 Mar 2021 09:12:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614791547; cv=none; d=google.com; s=arc-20160816; b=Q/SILsj/810GwtZtbeLTG8eE4SaQx3IO8OuFF+s/Iw19BLR7rkDD3Cp8X7rVxRXslH rXEJls5k6A8xMvINcJ8NCOigShRWXQ5QqN32TJaQgHras2nopZKKrUE4QMy7GnSD0P47 REfaSXUVyM51NNF80I4dKNmmYZXsWVCiki5xHweQRrYWztk/Jxx8C4u9R0h5H19J8d3b qsVAKn+7liyltybiLtWpnAJjhj9zmmHUa7QXQCo1IC3h3BYUat+44AKg1MmnTCTVBl+y UM/866JLbfco8eHZIYmhB8fChcF2GxtYrwGliPpEbCPxNR9mtXJj15AJ9h8SJx9x1NQ5 +ZOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=mw8IKwXc9TOXlegR96lFjsi5boDSCoo2axpHcWHZyys=; b=NhZ+hZEZAYklOhoPZ2no/25h8oG4IUeVEkSGBZLDX7u3+kg/nowzo5XCj7lCyc1YYO tSz9vQTTYjohLiF5nLxkBx2zBEVOh6yFEIKB39J6jrK3wSCQ22XPArMnQCy4qT9chiAA Tzju1ljE7dsarK0gDBCqPvWA0xG0XVh0OsbWyiZjJFaanubQPwnmR+tnM/YWqL56+EEf kanuCV8FGJKOgpGwXo8chfPOyVjAsveJcqa9J+s3gl9W5uzkFPjV3tMNzzbTZtQmyX7P le3fDI6IWFgsHgdB7Ypy9sk24AW7XxibzX1xiso1l+RMO7JCq8lHlC80Bs5Q1utetCSR L4WA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="fIjNiG/i"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bc12si9982508edb.241.2021.03.03.09.10.58; Wed, 03 Mar 2021 09:12:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="fIjNiG/i"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377083AbhCBApg (ORCPT + 99 others); Mon, 1 Mar 2021 19:45:36 -0500 Received: from mail.kernel.org ([198.145.29.99]:49688 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240357AbhCASit (ORCPT ); Mon, 1 Mar 2021 13:38:49 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 0739B601FC; Mon, 1 Mar 2021 17:01:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614618067; bh=Phe9UR/o3JHEdoRKbfGvne5JEz+VNXdYtwGkypIEilg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fIjNiG/iLkXMzngOAAvjezfye0m+vYvekaea+nw0dQvJ9k82T5IdqgAkQiu3nlikc fVbk8ovGpl2E2w3/1Ac4kQ5zgPIM18YDdrOiedigaW7sLQ4WvjnuiH0TjA1fwFDqo2 nVfOJKpskwiopSAa1LmvMWidcvuk+PGZ2DjMQ+jw= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Josef Bacik , David Sterba Subject: [PATCH 5.4 265/340] btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root Date: Mon, 1 Mar 2021 17:13:29 +0100 Message-Id: <20210301161101.328426542@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210301161048.294656001@linuxfoundation.org> References: <20210301161048.294656001@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Josef Bacik commit 867ed321f90d06aaba84e2c91de51cd3038825ef upstream. While testing my error handling patches, I added a error injection site at btrfs_inc_extent_ref, to validate the error handling I added was doing the correct thing. However I hit a pretty ugly corruption while doing this check, with the following error injection stack trace: btrfs_inc_extent_ref btrfs_copy_root create_reloc_root btrfs_init_reloc_root btrfs_record_root_in_trans btrfs_start_transaction btrfs_update_inode btrfs_update_time touch_atime file_accessed btrfs_file_mmap This is because we do not catch the error from btrfs_inc_extent_ref, which in practice would be ENOMEM, which means we lose the extent references for a root that has already been allocated and inserted, which is the problem. Fix this by aborting the transaction if we fail to do the reference modification. CC: stable@vger.kernel.org # 4.4+ Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba Signed-off-by: Greg Kroah-Hartman --- fs/btrfs/ctree.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -260,9 +260,10 @@ int btrfs_copy_root(struct btrfs_trans_h ret = btrfs_inc_ref(trans, root, cow, 1); else ret = btrfs_inc_ref(trans, root, cow, 0); - - if (ret) + if (ret) { + btrfs_abort_transaction(trans, ret); return ret; + } btrfs_mark_buffer_dirty(cow); *cow_ret = cow;