* [PATCH] btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found
@ 2026-02-04 17:28 fdmanana
2026-02-09 9:40 ` Qu Wenruo
2026-02-09 12:36 ` Sun YangKai
0 siblings, 2 replies; 3+ messages in thread
From: fdmanana @ 2026-02-04 17:28 UTC (permalink / raw)
To: linux-btrfs
From: Filipe Manana <fdmanana@suse.com>
If btrfs_search_slot_for_read() returns 1, it means we did not find any
key greather than or equals to the key we asked for, meaning we have
reached the end of the tree and therefore the path is not valid. If
this happens we need to break out of the loop and stop, instead of
continuing and accessing an invalid path.
Fixes: 5223cc60b40a ("btrfs: drop the path before adding qgroup items when enabling qgroups")
Signed-off-by: Filipe Manana <fdmanana@suse.com>
---
fs/btrfs/qgroup.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c
index f53c313ab6e4..ea1806accdca 100644
--- a/fs/btrfs/qgroup.c
+++ b/fs/btrfs/qgroup.c
@@ -1169,11 +1169,14 @@ int btrfs_quota_enable(struct btrfs_fs_info *fs_info,
}
if (ret > 0) {
/*
- * Shouldn't happen, but in case it does we
- * don't need to do the btrfs_next_item, just
- * continue.
+ * Shouldn't happen because the keu should still
+ * be there (return 0), but in case it does it
+ * means we have reached the end of the tree -
+ * there are no more leaves with items that have
+ * a key greater than or equals to @found_key,
+ * so just stop the search loop.
*/
- continue;
+ break;
}
}
ret = btrfs_next_item(tree_root, path);
--
2.47.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found
2026-02-04 17:28 [PATCH] btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found fdmanana
@ 2026-02-09 9:40 ` Qu Wenruo
2026-02-09 12:36 ` Sun YangKai
1 sibling, 0 replies; 3+ messages in thread
From: Qu Wenruo @ 2026-02-09 9:40 UTC (permalink / raw)
To: fdmanana, linux-btrfs
在 2026/2/5 03:58, fdmanana@kernel.org 写道:
> From: Filipe Manana <fdmanana@suse.com>
>
> If btrfs_search_slot_for_read() returns 1, it means we did not find any
> key greather than or equals to the key we asked for, meaning we have
> reached the end of the tree and therefore the path is not valid. If
> this happens we need to break out of the loop and stop, instead of
> continuing and accessing an invalid path.
>
> Fixes: 5223cc60b40a ("btrfs: drop the path before adding qgroup items when enabling qgroups")
> Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: Qu Wenruo <wqu@suse.com>
Thanks,
Qu
> ---
> fs/btrfs/qgroup.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c
> index f53c313ab6e4..ea1806accdca 100644
> --- a/fs/btrfs/qgroup.c
> +++ b/fs/btrfs/qgroup.c
> @@ -1169,11 +1169,14 @@ int btrfs_quota_enable(struct btrfs_fs_info *fs_info,
> }
> if (ret > 0) {
> /*
> - * Shouldn't happen, but in case it does we
> - * don't need to do the btrfs_next_item, just
> - * continue.
> + * Shouldn't happen because the keu should still
> + * be there (return 0), but in case it does it
> + * means we have reached the end of the tree -
> + * there are no more leaves with items that have
> + * a key greater than or equals to @found_key,
> + * so just stop the search loop.
> */
> - continue;
> + break;
> }
> }
> ret = btrfs_next_item(tree_root, path);
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found
2026-02-04 17:28 [PATCH] btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found fdmanana
2026-02-09 9:40 ` Qu Wenruo
@ 2026-02-09 12:36 ` Sun YangKai
1 sibling, 0 replies; 3+ messages in thread
From: Sun YangKai @ 2026-02-09 12:36 UTC (permalink / raw)
To: fdmanana, linux-btrfs
On 2026/2/5 01:28, fdmanana@kernel.org wrote:
> From: Filipe Manana <fdmanana@suse.com>
>
> If btrfs_search_slot_for_read() returns 1, it means we did not find any
> key greather than or equals to the key we asked for, meaning we have
> reached the end of the tree and therefore the path is not valid. If
> this happens we need to break out of the loop and stop, instead of
> continuing and accessing an invalid path.
>
> Fixes: 5223cc60b40a ("btrfs: drop the path before adding qgroup items when enabling qgroups")
> Signed-off-by: Filipe Manana <fdmanana@suse.com>
> ---
> fs/btrfs/qgroup.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c
> index f53c313ab6e4..ea1806accdca 100644
> --- a/fs/btrfs/qgroup.c
> +++ b/fs/btrfs/qgroup.c
> @@ -1169,11 +1169,14 @@ int btrfs_quota_enable(struct btrfs_fs_info *fs_info,
> }
> if (ret > 0) {
> /*
> - * Shouldn't happen, but in case it does we
> - * don't need to do the btrfs_next_item, just
> - * continue.
> + * Shouldn't happen because the keu should still
keu -> key
Otherwise, looks good.
Reviewed-by: Sun YangKai <sunk67188@gmail.com>
Thanks,
Sun YangKai
> + * be there (return 0), but in case it does it
> + * means we have reached the end of the tree -
> + * there are no more leaves with items that have
> + * a key greater than or equals to @found_key,
> + * so just stop the search loop.
> */
> - continue;
> + break;
> }
> }
> ret = btrfs_next_item(tree_root, path);
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-02-09 12:36 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-04 17:28 [PATCH] btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found fdmanana
2026-02-09 9:40 ` Qu Wenruo
2026-02-09 12:36 ` Sun YangKai
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox