In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not BUGON in linktofixupdir
While doing error injection testing I got the following panic
kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014 RIP: 0010:linktofixupdir+0xd5/0xe0 RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216 RAX: fffffffffffffffb RBX: 00000000fffffffb RCX: ffff8f595287faf0 RDX: ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000 RBP: ffff8f5953af9450 R08: 0000000000000019 R09: 0000000000000001 R10: 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800 R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065 FS: 00007fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc5287f47c0 CR3: 000000011275e002 CR4: 0000000000370ee0 Call Trace: replayonebuffer+0x409/0x470 ? btreereadextentbufferpages+0xd0/0x110 walkuplogtree+0x157/0x1e0 walklogtree+0xa6/0x1d0 btrfsrecoverlogtrees+0x1da/0x360 ? replayoneextent+0x7b0/0x7b0 openctree+0x1486/0x1720 btrfsmountroot.cold+0x12/0xea ? _kmalloctrackcaller+0x12f/0x240 legacygettree+0x24/0x40 vfsgettree+0x22/0xb0 vfskernmount.part.0+0x71/0xb0 btrfsmount+0x10d/0x380 ? vfsparsefsstring+0x4d/0x90 legacygettree+0x24/0x40 vfsgettree+0x22/0xb0 pathmount+0x433/0xa10 _x64sysmount+0xe3/0x120 dosyscall64+0x3d/0x80 entrySYSCALL64after_hwframe+0x44/0xae
We can get -EIO or any number of legitimate errors from btrfssearchslot(), panicing here is not the appropriate response. The error path for this code handles errors properly, simply return the error.