From: Boris Burkov <boris@xxxxxx>
commit a56c85fa2d59ab0780514741550edf87989a66e9 upstream.
Another improper use of __folio_put() in an error path after freshly
allocating pages/folios which returns them with the refcount initialized
to 1. The refactor from __free_pages() -> __folio_put() (instead of
folio_put) removed a refcount decrement found in __free_pages() and
folio_put but absent from __folio_put().
Fixes: 13df3775efca ("btrfs: cleanup metadata page pointer usage")
CC: stable@xxxxxxxxxxxxxxx # 6.8+
Tested-by: Ed Tomlinson <edtoml@xxxxxxxxx>
Reviewed-by: Filipe Manana <fdmanana@xxxxxxxx>
Signed-off-by: Boris Burkov <boris@xxxxxx>
Reviewed-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/btrfs/extent_io.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/fs/btrfs/extent_io.c
+++ b/fs/btrfs/extent_io.c
@@ -3526,7 +3526,7 @@ err:
for (int i = 0; i < num_folios; i++) {
if (eb->folios[i]) {
detach_extent_buffer_folio(eb, eb->folios[i]);
- __folio_put(eb->folios[i]);
+ folio_put(eb->folios[i]);
}
}
__free_extent_buffer(eb);
Patches currently in stable-queue which might be from boris@xxxxxx are
queue-6.9/btrfs-zoned-fix-calc_available_free_space-for-zoned-mode.patch
queue-6.9/btrfs-fix-folio-refcount-in-__alloc_dummy_extent_buffer.patch
queue-6.9/btrfs-scrub-initialize-ret-in-scrub_simple_mirror-to.patch
queue-6.9/btrfs-always-do-the-basic-checks-for-btrfs_qgroup_in.patch
