On Mon, Mar 15, 2021 at 05:59:06PM +0100, Jan Kara wrote:
> When filesystem mount fails because of corrupted filesystem we first
> cancel the s_err_report timer reminding fs errors every day and only
> then we flush s_error_work. However s_error_work may report another fs
> error and re-arm timer thus resulting in timer use-after-free. Fix the
> problem by first flushing the work and only after that canceling the
> s_err_report timer.
>
> Reported-by: syzbot+628472a2aac693ab0fcd@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 2d01ddc86606 ("ext4: save error info to sb through journal if available")
> CC: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Jan Kara <jack@xxxxxxx>
Thanks, applied.
- Ted
