Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S964881AbaF1R60 (ORCPT ); Sat, 28 Jun 2014 13:58:26 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:54510 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756206AbaF1RxV (ORCPT ); Sat, 28 Jun 2014 13:53:21 -0400 From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Chris Mason Subject: [PATCH 3.15 115/139] Btrfs: fix double free in find_lock_delalloc_range Date: Sat, 28 Jun 2014 10:47:56 -0700 Message-Id: <20140628174610.662550085@linuxfoundation.org> X-Mailer: git-send-email 2.0.1 In-Reply-To: <20140628174605.352098823@linuxfoundation.org> References: <20140628174605.352098823@linuxfoundation.org> User-Agent: quilt/0.63-1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 3.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Chris Mason commit 7d78874273463a784759916fc3e0b4e2eb141c70 upstream. We need to NULL the cached_state after freeing it, otherwise we might free it again if find_delalloc_range doesn't find anything. Signed-off-by: Chris Mason Signed-off-by: Greg Kroah-Hartman --- fs/btrfs/extent_io.c | 1 + 1 file changed, 1 insertion(+) --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -1693,6 +1693,7 @@ again: * shortening the size of the delalloc range we're searching */ free_extent_state(cached_state); + cached_state = NULL; if (!loops) { max_bytes = PAGE_CACHE_SIZE; loops = 1; -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/