Hi,
On 22/10/15 20:30, Bob Peterson wrote:
This patch changes a failure case in function gfs2_create_inode.
In some error paths, it jumps to label fail_gunlock3, which fails
to set the free_vfs_inode flag. This, in turn, prevents the code
from setting the GIF_FREE_VFS_INODE inode flag. That, in turn,
allow the code to mistakenly unlink the dinode and not ever delete
its data blocks.
This code path is rather a mess unfortunately. I'm trying to figure out
how the inode could have any data blocks at this stage? There should
only be the inode itself, and possibly a preallocated block waiting to
take xattrs at the time that the fail_gunlock3 path is taken,
Steve.
Signed-off-by: Bob Peterson <[email protected]>
---
fs/gfs2/inode.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c
index 063fdfc..c56edb8 100644
--- a/fs/gfs2/inode.c
+++ b/fs/gfs2/inode.c
@@ -766,11 +766,8 @@ static int gfs2_create_inode(struct inode *dir, struct
dentry *dentry,
return error;
fail_gunlock3:
- gfs2_glock_dq_uninit(ghs + 1);
- if (ip->i_gl)
- gfs2_glock_put(ip->i_gl);
- goto fail_gunlock;
-
+ if (ip->i_iopen_gh.gh_gl) /* if holder is linked to the glock */
+ gfs2_glock_put(ip->i_iopen_gh.gh_gl);
fail_gunlock2:
gfs2_glock_dq_uninit(ghs + 1);
fail_free_inode:
