xfs: convert a few more directory asserts to corruption

Yet another round of playing whack-a-mole with directory code that
asserts on corrupt on-disk metadata when it really should be returning
-EFSCORRUPTED instead of ASSERTing.  Found by a xfs/391 crash while
lastbit fuzzing of ltail.bestcount.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>

diff --git a/fs/xfs/libxfs/xfs_dir2_leaf.c b/fs/xfs/libxfs/xfs_dir2_leaf.c
index d7e630f..d61d52d 100644 (file)
--- a/fs/xfs/libxfs/xfs_dir2_leaf.c
+++ b/fs/xfs/libxfs/xfs_dir2_leaf.c
@@ -1415,7 +1415,8 @@ xfs_dir2_leaf_removename(
        oldbest = be16_to_cpu(bf[0].length);
        ltp = xfs_dir2_leaf_tail_p(args->geo, leaf);
        bestsp = xfs_dir2_leaf_bests_p(ltp);
-       ASSERT(be16_to_cpu(bestsp[db]) == oldbest);
+       if (be16_to_cpu(bestsp[db]) != oldbest)
+               return -EFSCORRUPTED;
        /*
         * Mark the former data entry unused.
         */

diff --git a/fs/xfs/libxfs/xfs_dir2_node.c b/fs/xfs/libxfs/xfs_dir2_node.c
index 239d97a..0839ffe 100644 (file)
--- a/fs/xfs/libxfs/xfs_dir2_node.c
+++ b/fs/xfs/libxfs/xfs_dir2_node.c
@@ -387,8 +387,9 @@ xfs_dir2_leaf_to_node(
        dp->d_ops->free_hdr_from_disk(&freehdr, free);
        leaf = lbp->b_addr;
        ltp = xfs_dir2_leaf_tail_p(args->geo, leaf);
-       ASSERT(be32_to_cpu(ltp->bestcount) <=
-                               (uint)dp->i_d.di_size / args->geo->blksize);
+       if (be32_to_cpu(ltp->bestcount) >
+                               (uint)dp->i_d.di_size / args->geo->blksize)
+               return -EFSCORRUPTED;
 
        /*
         * Copy freespace entries from the leaf block to the new block.