diff options
author | Chris Mason <clm@fb.com> | 2014-05-21 16:49:54 +0400 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2014-07-01 07:09:45 +0400 |
commit | 8e3ddf4c9b438953922840b3d236ac04777408e6 (patch) | |
tree | f0207ce5a538ab2df992ccd03bbf3c87c030e07e | |
parent | b124695c12cb8c4dc0f91cc18eac640f546c6456 (diff) | |
download | linux-8e3ddf4c9b438953922840b3d236ac04777408e6.tar.xz |
Btrfs: fix double free in find_lock_delalloc_range
commit 7d78874273463a784759916fc3e0b4e2eb141c70 upstream.
We need to NULL the cached_state after freeing it, otherwise
we might free it again if find_delalloc_range doesn't find anything.
Signed-off-by: Chris Mason <clm@fb.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rw-r--r-- | fs/btrfs/extent_io.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index e7e7afb4a872..82de09090935 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -1624,6 +1624,7 @@ again: * shortening the size of the delalloc range we're searching */ free_extent_state(cached_state); + cached_state = NULL; if (!loops) { unsigned long offset = (*start) & (PAGE_CACHE_SIZE - 1); max_bytes = PAGE_CACHE_SIZE - offset; |