Re: [PATCH v4] ext4: fix kernel BUG in ext4_write_inline_data_end

Next message: Mike Rapoport: "Re: [PATCH] mm/memfd_luo: validate serialized_data before conversion"
Previous message: Parvathi Pudi: "[PATCH net-next 3/3] net: ti: icssm-prueth: Support duplicate HW offload feature for HSR and PRP"
In reply to: Aditya Prakash Srivastava: "Re: [PATCH v4] ext4: fix kernel BUG in ext4_write_inline_data_end"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Theodore Ts'o

Date: Thu Jun 11 2026 - 08:39:58 EST

On Tue, 09 Jun 2026 06:20:05 +0000, Aditya Prakash Srivastava wrote:
> When the data=journal mount option is used, the ext4_journalled_write_end()
> function incorrectly calls ext4_write_inline_data_end() without checking
> if the EXT4_STATE_MAY_INLINE_DATA flag is still set on the inode.
>
> If a previous attempt to convert the inline data to an extent failed (e.g.
> due to ENOSPC), the EXT4_STATE_MAY_INLINE_DATA flag is cleared, but
> the EXT4_INODE_INLINE_DATA flag remains set. In this scenario, the next
> call to ext4_write_begin() will not prepare the inline data xattr for
> writing, but ext4_journalled_write_end() will incorrectly attempt to write
> to it, triggering a BUG_ON(pos + len > EXT4_I(inode)->i_inline_size) in
> ext4_write_inline_data() since i_inline_size was not expanded.
>
> [...]

Applied, thanks!

[1/1] ext4: fix kernel BUG in ext4_write_inline_data_end
commit: ad09aa45965d3fafaf9963bc78109b73c0f9ac8d

Best regards,
--
Theodore Ts'o <tytso@xxxxxxx>