6.1-stable patches

added patches:
	btrfs-do-not-bug_on-on-failure-to-get-dir-index-for-new-snapshot.patch

diff --git a/queue-6.1/btrfs-do-not-bug_on-on-failure-to-get-dir-index-for-new-snapshot.patch b/queue-6.1/btrfs-do-not-bug_on-on-failure-to-get-dir-index-for-new-snapshot.patch
new file mode 100644 (file)
index 0000000..76a33a1
--- /dev/null
+++ b/queue-6.1/btrfs-do-not-bug_on-on-failure-to-get-dir-index-for-new-snapshot.patch
@@ -0,0 +1,57 @@
+From df9f278239046719c91aeb59ec0afb1a99ee8b2b Mon Sep 17 00:00:00 2001
+From: Filipe Manana <fdmanana@suse.com>
+Date: Tue, 13 Jun 2023 16:42:16 +0100
+Subject: btrfs: do not BUG_ON on failure to get dir index for new snapshot
+
+From: Filipe Manana <fdmanana@suse.com>
+
+commit df9f278239046719c91aeb59ec0afb1a99ee8b2b upstream.
+
+During the transaction commit path, at create_pending_snapshot(), there
+is no need to BUG_ON() in case we fail to get a dir index for the snapshot
+in the parent directory. This should fail very rarely because the parent
+inode should be loaded in memory already, with the respective delayed
+inode created and the parent inode's index_cnt field already initialized.
+
+However if it fails, it may be -ENOMEM like the comment at
+create_pending_snapshot() says or any error returned by
+btrfs_search_slot() through btrfs_set_inode_index_count(), which can be
+pretty much anything such as -EIO or -EUCLEAN for example. So the comment
+is not correct when it says it can only be -ENOMEM.
+
+However doing a BUG_ON() here is overkill, since we can instead abort
+the transaction and return the error. Note that any error returned by
+create_pending_snapshot() will eventually result in a transaction
+abort at cleanup_transaction(), called from btrfs_commit_transaction(),
+but we can explicitly abort the transaction at this point instead so that
+we get a stack trace to tell us that the call to btrfs_set_inode_index()
+failed.
+
+So just abort the transaction and return in case btrfs_set_inode_index()
+returned an error at create_pending_snapshot().
+
+Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
+Signed-off-by: Filipe Manana <fdmanana@suse.com>
+Reviewed-by: David Sterba <dsterba@suse.com>
+Signed-off-by: David Sterba <dsterba@suse.com>
+Signed-off-by: Sergio González Collado <sergio.collado@gmail.com>
+Reported-by: syzbot+c56033c8c15c08286062@syzkaller.appspotmail.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/btrfs/transaction.c |    5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/fs/btrfs/transaction.c
++++ b/fs/btrfs/transaction.c
+@@ -1701,7 +1701,10 @@ static noinline int create_pending_snaps
+        * insert the directory item
+        */
+       ret = btrfs_set_inode_index(BTRFS_I(parent_inode), &index);
+-      BUG_ON(ret); /* -ENOMEM */
++      if (ret) {
++              btrfs_abort_transaction(trans, ret);
++              goto fail;
++      }
+ 
+       /* check if there is a file/dir which has the same name. */
+       dir_item = btrfs_lookup_dir_item(NULL, parent_root, path,

diff --git a/queue-6.1/series b/queue-6.1/series
index 1820432d8d31f0a38df911444648f5dfba03b7aa..f271d19a49269a66aa972af78db57a6a553fd928 100644 (file)
--- a/queue-6.1/series
+++ b/queue-6.1/series
@@ -10,3 +10,4 @@ arm64-dts-qcom-ipq6018-disable-ss-instance-in-parkmode-for-usb.patch
 arm64-dts-qcom-sdm630-disable-ss-instance-in-parkmode-for-usb.patch
 alsa-pcm_dmaengine-don-t-synchronize-dma-channel-when-dma-is-paused.patch
 filelock-fix-fcntl-close-race-recovery-compat-path.patch
+btrfs-do-not-bug_on-on-failure-to-get-dir-index-for-new-snapshot.patch