xfs: Don't reference the EFI after it is freed
Checking the EFI for whether it is being released from recovery after we've already released the known active reference is a mistake worthy of a brown paper bag. Fix the (now) obvious use after free that it can cause. Reported-by: Dave Jones <davej@redhat.com> Signed-off-by: Dave Chinner <dchinner@redhat.com> Reviewed-by: Brian Foster <bfoster@redhat.com> Signed-off-by: Ben Myers <bpm@sgi.com>
This commit is contained in:
Родитель
28ca489c63
Коммит
52c24ad39f
|
@ -305,11 +305,12 @@ xfs_efi_release(xfs_efi_log_item_t *efip,
|
|||
{
|
||||
ASSERT(atomic_read(&efip->efi_next_extent) >= nextents);
|
||||
if (atomic_sub_and_test(nextents, &efip->efi_next_extent)) {
|
||||
__xfs_efi_release(efip);
|
||||
|
||||
/* recovery needs us to drop the EFI reference, too */
|
||||
if (test_bit(XFS_EFI_RECOVERED, &efip->efi_flags))
|
||||
__xfs_efi_release(efip);
|
||||
|
||||
__xfs_efi_release(efip);
|
||||
/* efip may now have been freed, do not reference it again. */
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче