Commit ec0a750
ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths
During code review, Joseph found that ext4_fc_replay_inode() calls
ext4_get_fc_inode_loc() to get the inode location, which holds a
reference to iloc.bh that must be released via brelse().
However, several error paths jump to the 'out' label without
releasing iloc.bh:
- ext4_handle_dirty_metadata() failure
- sync_dirty_buffer() failure
- ext4_mark_inode_used() failure
- ext4_iget() failure
Fix this by introducing an 'out_brelse' label placed just before
the existing 'out' label to ensure iloc.bh is always released.
Additionally, make ext4_fc_replay_inode() propagate errors
properly instead of always returning 0.
Reported-by: Joseph Qi <joseph.qi@linux.alibaba.com>
Fixes: 8016e29 ("ext4: fast commit recovery path")
Signed-off-by: Baokun Li <libaokun@linux.alibaba.com>
Reviewed-by: Zhang Yi <yi.zhang@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://patch.msgid.link/20260323060836.3452660-1-libaokun@linux.alibaba.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org1 parent 0c90eed commit ec0a750
1 file changed
Lines changed: 8 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1613 | 1613 | | |
1614 | 1614 | | |
1615 | 1615 | | |
1616 | | - | |
| 1616 | + | |
1617 | 1617 | | |
1618 | 1618 | | |
1619 | | - | |
| 1619 | + | |
1620 | 1620 | | |
1621 | 1621 | | |
1622 | | - | |
| 1622 | + | |
1623 | 1623 | | |
1624 | 1624 | | |
1625 | 1625 | | |
1626 | 1626 | | |
1627 | 1627 | | |
1628 | | - | |
| 1628 | + | |
| 1629 | + | |
| 1630 | + | |
1629 | 1631 | | |
1630 | 1632 | | |
1631 | 1633 | | |
| |||
1642 | 1644 | | |
1643 | 1645 | | |
1644 | 1646 | | |
| 1647 | + | |
1645 | 1648 | | |
1646 | 1649 | | |
1647 | 1650 | | |
1648 | 1651 | | |
1649 | 1652 | | |
1650 | 1653 | | |
1651 | | - | |
| 1654 | + | |
1652 | 1655 | | |
1653 | 1656 | | |
1654 | 1657 | | |
| |||
0 commit comments