On Tue, Apr 03, 2012 at 01:16:33PM -0400, Dave Jones wrote:
> On Tue, Apr 03, 2012 at 01:07:50PM -0400, Dave Jones wrote:
>
> > > wait, what...
> > >
> > > 535 memset(trans, 0, sizeof(*trans));
> > > 536 kmem_cache_free(btrfs_trans_handle_cachep, trans);
> > > 537
> > > 538 if (throttle)
> > > 539 btrfs_run_delayed_iputs(root);
> > > 540
> > > 541 if (trans->aborted ||
> > > 542 root->fs_info->fs_state & BTRFS_SUPER_FLAG_ERROR) {
> > > 543 return -EIO;
> > > 544 }
> > >
> > > that looks like a pretty clear use-after-free.
> >
> > Ok, trying this..
>
> Yep that fixes it. Chris I'll mail it to you again with a proper sign-off.
>
> thanks for the help chasing this down David.
Awesome, many thanks guys.
-chris
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
