On Tue, Apr 03, 2012 at 01:07:50PM -0400, Dave Jones wrote:
> > wait, what...
> >
> > 535 memset(trans, 0, sizeof(*trans));
> > 536 kmem_cache_free(btrfs_trans_handle_cachep, trans);
> > 537
> > 538 if (throttle)
> > 539 btrfs_run_delayed_iputs(root);
> > 540
> > 541 if (trans->aborted ||
> > 542 root->fs_info->fs_state & BTRFS_SUPER_FLAG_ERROR) {
> > 543 return -EIO;
> > 544 }
> >
> > that looks like a pretty clear use-after-free.
>
> Ok, trying this..
Yep that fixes it. Chris I'll mail it to you again with a proper sign-off.
thanks for the help chasing this down David.
Dave
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
