Commit 35622709 authored Feb 23, 2026 by Yuto Ohnuki Committed by Theodore Ts'o Mar 27, 2026

ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio



Replace BUG_ON() with proper error handling when inline data size
exceeds PAGE_SIZE. This prevents kernel panic and allows the system to
continue running while properly reporting the filesystem corruption.

The error is logged via ext4_error_inode(), the buffer head is released
to prevent memory leak, and -EFSCORRUPTED is returned to indicate
filesystem corruption.

Signed-off-by: Yuto Ohnuki <ytohnuki@amazon.com>
Link: https://patch.msgid.link/20260223123345.14838-2-ytohnuki@amazon.com


Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org

parent 1308255b

fs/ext4/inline.c

+9 −1

Original line number	Diff line number	Diff line
		@@ -522,7 +522,15 @@ static int ext4_read_inline_folio(struct inode inode, struct folio folio)
		goto out;

		len = min_t(size_t, ext4_get_inline_size(inode), i_size_read(inode));
		BUG_ON(len > PAGE_SIZE);

		if (len > PAGE_SIZE) {
		ext4_error_inode(inode, __func__, __LINE__, 0,
		"inline size %zu exceeds PAGE_SIZE", len);
		ret = -EFSCORRUPTED;
		brelse(iloc.bh);
		goto out;
		}

		kaddr = kmap_local_folio(folio, 0);
		ret = ext4_read_inline_data(inode, kaddr, len, &iloc);
		kaddr = folio_zero_tail(folio, len, kaddr + len);