We don't cleanup properly fnp in case lookup fails.
This causes goto out to try to unlock fnp which is not
locked at all. Crash!
Setting it to NULL fixes this.
---
libdiskfs/dir-renamed.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libdiskfs/dir-renamed.c b/libdiskfs/dir-renamed.c
index a0c4bc6f..df59f283 100644
--- a/libdiskfs/dir-renamed.c
+++ b/libdiskfs/dir-renamed.c
@@ -128,7 +128,12 @@ diskfs_rename_dir (struct node *fdp, struct node *fnp,
const char *fromname,
diskfs_nrele (tmpnp);
diskfs_drop_dirstat (fdp, tmpds);
if (err)
- goto out;
+ {
+ assert_backtrace (!tmpnp);
+ /* diskfs_lookup has not locked fnp then, do not unlock it. */
+ fnp = NULL;
+ goto out;
+ }
if (tnp)
{
--
2.52.0
