jfs: fix metapage reference count leak in dbAllocCtl

[ Upstream commit 856db37592021e9155384094e331e2d4589f28b1 ] In dbAllocCtl(), read_metapage() increases the reference count of the metapage. However, when dp->tree.budmin < 0, the function returns -EIO without calling release_metapage() to decrease the reference count, leading to a memory leak. Add release_metapage(mp) before the error return to properly manage the metapage reference count and prevent the leak. Fixes: a5f5e4698f8abbb25fe4959814093fb5bfa1aa9d ("jfs: fix shift-out-of-bounds in dbSplit") Signed-off-by: Zheng Yu <zheng.yu@northwestern.edu> Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Zheng Yu <zheng.yu@northwestern.edu> 2025-07-29 01:22:14 +0000
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2025-08-15 12:13:57 +0200
commit: 3406bd02dee37470f1472fcd7c64f6df416802a2 (patch)
tree: e48e33d6615c38ba72854e017352c8595f145f15
parent: 40f0a51f6c54d46a94b9f1180339ede7ca7ee190 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/jfs/jfs_dmap.c b/fs/jfs/jfs_dmap.c
index 35e063c9f3a4..5a877261c3fe 100644
--- a/fs/jfs/jfs_dmap.c
+++ b/fs/jfs/jfs_dmap.c
@@ -1809,8 +1809,10 @@ dbAllocCtl(struct bmap * bmp, s64 nblocks, int l2nb, s64 blkno, s64 * results)
 			return -EIO;
 		dp = (struct dmap *) mp->data;
 
-		if (dp->tree.budmin < 0)
+		if (dp->tree.budmin < 0) {
+			release_metapage(mp);
 			return -EIO;
+		}
 
 		/* try to allocate the blocks.
 		 */
author	Zheng Yu <zheng.yu@northwestern.edu>	2025-07-29 01:22:14 +0000
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2025-08-15 12:13:57 +0200
commit	3406bd02dee37470f1472fcd7c64f6df416802a2 (patch)
tree	e48e33d6615c38ba72854e017352c8595f145f15
parent	40f0a51f6c54d46a94b9f1180339ede7ca7ee190 (diff)