From: Tao Ma <boyu.mt@xxxxxxxxxx>
For all the callers of dx_probe, frame_in is passed in uninitialized.
So we should set frame->bh to NULL in the beginning of while, not
the end. Otherwise, the first "goto fail2" will try to brelse(frame->bh)
while frame->bh is still invalid.
Cc: "Theodore Ts'o" <tytso@xxxxxxx>
Signed-off-by: Tao Ma <boyu.mt@xxxxxxxxxx>
---
fs/ext4/namei.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index b754b77..86c5c69 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -404,6 +404,7 @@ dx_probe(const struct qstr *d_name, struct inode *dir,
dxtrace(printk("Look up %x", hash));
while (1)
{
+ frame->bh = NULL;
count = dx_get_count(entries);
if (!count || count > dx_get_limit(entries)) {
ext4_warning(dir->i_sb,
@@ -458,7 +459,6 @@ dx_probe(const struct qstr *d_name, struct inode *dir,
goto fail2;
}
frame++;
- frame->bh = NULL;
}
fail2:
while (frame >= frame_in) {
--
1.7.0.4
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
