On Mon, Sep 19, 2016 at 02:49:41PM -0400, Chris Mason wrote: > On 09/19/2016 02:13 PM, David Sterba wrote: > > On Wed, Sep 07, 2016 at 10:38:58AM +0300, Nikolay Borisov wrote: > >> btrfs_uuid_iter_rem is able to return -ENOENT, however this condition > >> is not handled in btrfs_uuid_tree_iterate which can lead to calling > >> btrfs_next_item with freed path argument, leading to a null pointer > >> dereference. Fix it by redoing the search but with an incremented > >> objectid so we don't loop over the same key. > >> > >> Signed-off-by: Nikolay Borisov <ker...@kyup.com> > >> Suggested-by: Chris Mason <c...@fb.com> > >> Link: https://lkml.kernel.org/r/57a473b0.2040...@kyup.com > > > > I'll queue the patch for 4.9, thanks. > > > > Not having a good test for this kept me from trying the patch cold. I > think bumping the objectid will end up missing items.
Ok, so I can keep it in the branches that are not for the upcoming merges but still in for-next. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
