On Fri, Oct 04, 2019 at 12:05:49AM +0200, Jan Kara wrote:
When ext4_mkdir() fails to add entry into directory, it ends up dropping freshly created inode under the running transaction and thus inode truncation happens under that transaction. That breaks assumptions that ext4_evict_inode() does not get called from a transaction context (although I'm not aware of any real issue) and is completely unnecessary. Just stop the transaction before dropping inode reference.
CC: stable@vger.kernel.org Signed-off-by: Jan Kara jack@suse.cz
If we call ext4_journal_stop(handle) before calling iput(inode), there's a chance that we could crash with the inode with i_link_counts == 0, but we won't have yet call ext4_evict_inode() to mark the inode as free in the inode bitmap. This would result in a inode leak.
Also, this isn't the only place where we can enter ext4_evict_inode() with an active handle; the same situation arise in ext4_add_nondir(), and for the same reason.
So I think the code is right as is. Do you agree?
- Ted