On Tue, Nov 04, 2014 at 10:58:48AM -0500, Chris Mason wrote:
>> Not a new bug unfortunately, but since it is in the error handling people
>> must not be hitting it often. It's also not related to device replace.
>>
>>
>> while (ret < 0 && !list_empty(&tmplist)) {
>> sums = list_entry(&tmplist, struct btrfs_ordered_sum,
>> list);
>> list_del(&sums->list);
>> kfree(sums);
>> }
>>
>> We're trying to call kfree on the on-stack list head. I'm fixing it up
>> here, thanks for posting the oops!
>
> Fix attached, or you can wait for the next rc. Thanks.
>
> -chris
>
>
> >From 6e5aafb27419f32575b27ef9d6a31e5d54661aca Mon Sep 17 00:00:00 2001
> From: Chris Mason <clm@xxxxxx>
> Date: Tue, 4 Nov 2014 06:59:04 -0800
> Subject: [PATCH] Btrfs: fix kfree on list_head in btrfs_lookup_csums_range
> error cleanup
>
> If we hit any errors in btrfs_lookup_csums_range, we'll loop through all
> the csums we allocate and free them. But the code was using list_entry
> incorrectly, and ended up trying to free the on-stack list_head instead.
>
> This bug came from commit 0678b6185
Wow, that's an old commit! Thanks for the CC. The fix looks good to me, so
you can add:
Reviewed-by: Mark Fasheh <mfasheh@xxxxxxx>
if you like, thanks.
--Mark
--
Mark Fasheh
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
