diff options
author | Filipe Manana <fdmanana@suse.com> | 2021-12-02 11:30:39 +0100 |
---|---|---|
committer | David Sterba <dsterba@suse.com> | 2022-01-07 14:18:23 +0100 |
commit | bb8e9a608055e016aace6db269432ba52a57dcc1 (patch) | |
tree | fecc13f69261312c91b0098a357e36392d5fd14a /fs/btrfs/ctree.c | |
parent | btrfs: move leaf search logic out of btrfs_search_slot() (diff) | |
download | linux-bb8e9a608055e016aace6db269432ba52a57dcc1.tar.xz linux-bb8e9a608055e016aace6db269432ba52a57dcc1.zip |
btrfs: remove BUG_ON() after splitting leaf
After calling split_leaf() we BUG_ON() if the returned value is greater
than zero. However split_leaf() only returns 0, in case of success, or a
negative value in case of an error.
The reason for the BUG_ON() is that if we ever get a positive return
value from split_leaf(), we can not simply propagate it to the callers
of btrfs_search_slot(), as that would be interpreted as "key not found"
and not as an error. That means it could result in callers ending up
causing some potential silent corruption.
So change the BUG_ON() to an ASSERT(), and in case assertions are
disabled, produce a warning and set the return value to an error, to make
it not possible to get into a silent corruption and having the error not
noticed.
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Diffstat (limited to 'fs/btrfs/ctree.c')
-rw-r--r-- | fs/btrfs/ctree.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index ae83f491a9e7..36fc76678e30 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1818,7 +1818,9 @@ static int search_leaf(struct btrfs_trans_handle *trans, err = split_leaf(trans, root, key, path, ins_len, (ret == 0)); - BUG_ON(err > 0); + ASSERT(err <= 0); + if (WARN_ON(err > 0)) + err = -EUCLEAN; if (err) ret = err; } |