fstests: btrfs: test reading data with a corrupted checksum tree leaf
[BUG]
There is a bug report that, KASAN get triggered when:
- A read bio needs to be split
This can happen for profiles with stripes, including
RAID0/RAID10/RAID5/RAID6.
- An error happens before submitting the new split bio
This includes:
* chunk map lookup failure
* data csum lookup failure
Then during the error path of btrfs_submit_chunk(), the original bio is
fully freed before submitted range has a chance to call its endio
function, resulting a use-after-free bug.
[NEW TEST CASE]
Introduce a new test case to verify the specific behavior by:
- Create a btrfs with enough csum leaves with data RAID0 profile
To bump the csum tree level, use the minimal nodesize possible (4K).
Writing 32M data which needs at least 8 leaves for data checksum
RAID0 profile ensures the data read bios will get split.
- Find the last csum tree leave and corrupt it
- Read the data many times until we trigger the bug or exit gracefully
With an x86_64 VM with KASAN enabled, it can trigger the KASAN report in
just 4 iterations (the default iteration number is 32).
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Anand Jain <anand.jain@oracle.com>
Reviewed-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: Zorro Lang <zlang@kernel.org>
2 files changed
