From eb1716af887375f1e2099f69bb89dfc5bd169bfa Mon Sep 17 00:00:00 2001 From: Jan Schmidt Date: Tue, 28 May 2013 15:47:23 +0000 Subject: [PATCH] Btrfs: avoid double free of fs_info->qgroup_ulist When btrfs_read_qgroup_config or btrfs_quota_enable return non-zero, we've already freed the fs_info->qgroup_ulist. The final btrfs_free_qgroup_config called from quota_disable makes another ulist_free(fs_info->qgroup_ulist) call. We set fs_info->qgroup_ulist to NULL on the mentioned error paths, turning the ulist_free in btrfs_free_qgroup_config into a noop. Cc: Wang Shilong Signed-off-by: Jan Schmidt Signed-off-by: Josef Bacik --- fs/btrfs/qgroup.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index 74b432d0b703..c6ce64276869 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -430,8 +430,10 @@ out: } btrfs_free_path(path); - if (ret < 0) + if (ret < 0) { ulist_free(fs_info->qgroup_ulist); + fs_info->qgroup_ulist = NULL; + } return ret < 0 ? ret : 0; } @@ -932,8 +934,10 @@ out_free_root: kfree(quota_root); } out: - if (ret) + if (ret) { ulist_free(fs_info->qgroup_ulist); + fs_info->qgroup_ulist = NULL; + } mutex_unlock(&fs_info->qgroup_ioctl_lock); return ret; }