btrfs: handle invalid extent item reference found in check_committed_ref()

The check_committed_ref() helper looks up an extent item by a key,
allowing to do an inexact search when key->offset is -1.  It's never
expected to find such item, as it would break the allowed range of a
extent item offset.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Reviewed-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 49437ad7248de3b99d02435fdf99ec34681c9329..bd1645089d4996ad3f444ec6033506f08e9ace86 100644 (file)
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -2396,7 +2396,14 @@ static noinline int check_committed_ref(struct btrfs_root *root,
        ret = btrfs_search_slot(NULL, extent_root, &key, path, 0, 0);
        if (ret < 0)
                goto out;
-       BUG_ON(ret == 0); /* Corruption */
+       if (ret == 0) {
+               /*
+                * Key with offset -1 found, there would have to exist an extent
+                * item with such offset, but this is out of the valid range.
+                */
+               ret = -EUCLEAN;
+               goto out;
+       }
 
        ret = -ENOENT;
        if (path->slots[0] == 0)