[PATCH] hfs, hfsplus: remove WARN_ON when new bnode already hashed
From: Aditya Srivastava
Date: Mon Jun 22 2026 - 13:18:10 EST
From: Aditya Prakash Srivastava <aditya.ansh182@xxxxxxxxx>
Syzbot reported a warning in hfsplus_bnode_create() when mounting and
traversing a fuzzed/corrupted disk image.
The warning is triggered because the node index is found to be already
active and hashed in the btree hash table, which indicates on-disk
metadata corruption.
Filesystem corruption should be handled gracefully by returning an error
and logging a message, rather than triggering kernel-level warnings
(which can panic the system under panic_on_warn=1 configurations).
The code already prints a critical message and returns -EEXIST (or the
node in hfs), so the WARN_ON() is completely redundant and dangerous.
Remove the WARN_ON(1) from both hfs_bnode_create() and
hfsplus_bnode_create().
Reported-by: syzbot+2bf21610eea63cb2ce93@xxxxxxxxxxxxxxxxxxxxxxxxx
Closes: https://syzkaller.appspot.com/bug?extid=2bf21610eea63cb2ce93
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Aditya Prakash Srivastava <aditya.ansh182@xxxxxxxxx>
---
fs/hfs/bnode.c | 1 -
fs/hfsplus/bnode.c | 1 -
2 files changed, 2 deletions(-)
diff --git a/fs/hfs/bnode.c b/fs/hfs/bnode.c
index 13d58c51fc46..335834961741 100644
--- a/fs/hfs/bnode.c
+++ b/fs/hfs/bnode.c
@@ -517,7 +517,6 @@ struct hfs_bnode *hfs_bnode_create(struct hfs_btree *tree, u32 num)
spin_unlock(&tree->hash_lock);
if (node) {
pr_crit("new node %u already hashed?\n", num);
- WARN_ON(1);
return node;
}
node = __hfs_bnode_create(tree, num);
diff --git a/fs/hfsplus/bnode.c b/fs/hfsplus/bnode.c
index f8b5a8ae58ff..bfc2a7f53edd 100644
--- a/fs/hfsplus/bnode.c
+++ b/fs/hfsplus/bnode.c
@@ -631,7 +631,6 @@ struct hfs_bnode *hfs_bnode_create(struct hfs_btree *tree, u32 num)
spin_unlock(&tree->hash_lock);
if (node) {
pr_crit("new node %u already hashed?\n", num);
- WARN_ON(1);
return ERR_PTR(-EEXIST);
}
node = __hfs_bnode_create(tree, num);
--
2.47.3