Linux kernel ext4: silence warning on inode eviction with dioread_nolock
CVE-2022-50730 Published on December 24, 2025
ext4: silence the warning when evicting inode with dioread_nolock
In the Linux kernel, the following vulnerability has been resolved:
ext4: silence the warning when evicting inode with dioread_nolock
When evicting an inode with default dioread_nolock, it could be raced by
the unwritten extents converting kworker after writeback some new
allocated dirty blocks. It convert unwritten extents to written, the
extents could be merged to upper level and free extent blocks, so it
could mark the inode dirty again even this inode has been marked
I_FREEING. But the inode->i_io_list check and warning in
ext4_evict_inode() missing this corner case. Fortunately,
ext4_evict_inode() will wait all extents converting finished before this
check, so it will not lead to inode use-after-free problem, every thing
is OK besides this warning. The WARN_ON_ONCE was originally designed
for finding inode use-after-free issues in advance, but if we add
current dioread_nolock case in, it will become not quite useful, so fix
this warning by just remove this check.
======
WARNING: CPU: 7 PID: 1092 at fs/ext4/inode.c:227
ext4_evict_inode+0x875/0xc60
...
RIP: 0010:ext4_evict_inode+0x875/0xc60
...
Call Trace:
<TASK>
evict+0x11c/0x2b0
iput+0x236/0x3a0
do_unlinkat+0x1b4/0x490
__x64_sys_unlinkat+0x4c/0xb0
do_syscall_64+0x3b/0x90
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fa933c1115b
======
rm kworker
ext4_end_io_end()
vfs_unlink()
ext4_unlink()
ext4_convert_unwritten_io_end_vec()
ext4_convert_unwritten_extents()
ext4_map_blocks()
ext4_ext_map_blocks()
ext4_ext_try_to_merge_up()
__mark_inode_dirty()
check !I_FREEING
locked_inode_to_wb_and_lock_list()
iput()
iput_final()
evict()
ext4_evict_inode()
truncate_inode_pages_final() //wait release io_end
inode_io_list_move_locked()
ext4_release_io_end()
trigger WARN_ON_ONCE()
Products Associated with CVE-2022-50730
stack.watch emails you whenever new vulnerabilities are published in Linux Kernel or Linux Kernel. Just hit a watch button to start following.
Affected Versions
Linux:- Version ceff86fddae8748fe00d4f2d249cb02cae62ad84 and below bdc698ce91f232fd5eb11d2373e9f82f687314b8 is affected.
- Version ceff86fddae8748fe00d4f2d249cb02cae62ad84 and below 0d041b7251c13679a0f6c7926751ce1d8a7237c1 is affected.
- Version ceff86fddae8748fe00d4f2d249cb02cae62ad84 and below 3b893cc9a8d8b4e486a6639f5e107b56b7197d2e is affected.
- Version ceff86fddae8748fe00d4f2d249cb02cae62ad84 and below b085fb43feede48ebf80ab7e2dd150c8d9902932 is affected.
- Version ceff86fddae8748fe00d4f2d249cb02cae62ad84 and below bc12ac98ea2e1b70adc6478c8b473a0003b659d3 is affected.
- Version 5.8 is affected.
- Before 5.8 is unaffected.
- Version 5.10.163, <= 5.10.* is unaffected.
- Version 5.15.87, <= 5.15.* is unaffected.
- Version 6.0.18, <= 6.0.* is unaffected.
- Version 6.1.4, <= 6.1.* is unaffected.
- Version 6.2, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.