jfs: fix metapage reference count leak in dbAllocCtl

[ Upstream commit 856db37592021e9155384094e331e2d4589f28b1 ] In dbAllocCtl(), read_metapage() increases the reference count of the metapage. However, when dp->tree.budmin < 0, the function returns -EIO without calling release_metapage() to decrease the reference count, leading to a memory leak. Add release_metapage(mp) before the error return to properly manage the metapage reference count and prevent the leak. Fixes: a5f5e4698f8abbb25fe4959814093fb5bfa1aa9d ("jfs: fix shift-out-of-bounds in dbSplit") Signed-off-by: Zheng Yu <zheng.yu@northwestern.edu> Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Zheng Yu <zheng.yu@northwestern.edu> 2025-07-29 01:22:14 +0000
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2025-08-15 16:39:13 +0200
commit: daec64f523a5f840f4ef1106b25b5e8c8163ed98 (patch)
tree: 639d19b927f1e3e2cb8799b4fe7fd45ad0ce9c4d
parent: 5bd7db66c4e0e0b3d3106e88b0466d3e71313f3e (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/jfs/jfs_dmap.c b/fs/jfs/jfs_dmap.c
index 35e063c9f3a4..5a877261c3fe 100644
--- a/fs/jfs/jfs_dmap.c
+++ b/fs/jfs/jfs_dmap.c
@@ -1809,8 +1809,10 @@ dbAllocCtl(struct bmap * bmp, s64 nblocks, int l2nb, s64 blkno, s64 * results)
 			return -EIO;
 		dp = (struct dmap *) mp->data;
 
-		if (dp->tree.budmin < 0)
+		if (dp->tree.budmin < 0) {
+			release_metapage(mp);
 			return -EIO;
+		}
 
 		/* try to allocate the blocks.
 		 */
author	Zheng Yu <zheng.yu@northwestern.edu>	2025-07-29 01:22:14 +0000
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2025-08-15 16:39:13 +0200
commit	daec64f523a5f840f4ef1106b25b5e8c8163ed98 (patch)
tree	639d19b927f1e3e2cb8799b4fe7fd45ad0ce9c4d
parent	5bd7db66c4e0e0b3d3106e88b0466d3e71313f3e (diff)