mirror of
https://github.com/torvalds/linux.git
synced 2024-11-24 05:02:12 +00:00
Btrfs: fix accessing a freed tree root
inode_tree_del() will move the tree root into the dead root list, and then the tree will be destroyed by the cleaner. So if we remove the delayed node which is cached in the inode after inode_tree_del(), we may access a freed tree root. Fix it. Signed-off-by: Miao Xie <miaox@cn.fujitsu.com> Signed-off-by: Josef Bacik <jbacik@fusionio.com>
This commit is contained in:
parent
b9aa55bed1
commit
89042e5ad2
@ -4727,6 +4727,7 @@ void btrfs_evict_inode(struct inode *inode)
|
||||
btrfs_end_transaction(trans, root);
|
||||
btrfs_btree_balance_dirty(root);
|
||||
no_delete:
|
||||
btrfs_remove_delayed_node(inode);
|
||||
clear_inode(inode);
|
||||
return;
|
||||
}
|
||||
@ -7982,7 +7983,6 @@ void btrfs_destroy_inode(struct inode *inode)
|
||||
inode_tree_del(inode);
|
||||
btrfs_drop_extent_cache(inode, 0, (u64)-1, 0);
|
||||
free:
|
||||
btrfs_remove_delayed_node(inode);
|
||||
call_rcu(&inode->i_rcu, btrfs_i_callback);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user