aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2013-03-04 15:18:25 -0500
committerSteve French <sfrench@us.ibm.com>2013-03-06 20:03:57 -0500
commit94e18007688a13e5da1a2f1b7f52f15cc56c9f5e (patch)
treef01a05a61a19dc40599d2692226b6ddfb3e2ee76
parent25189643a165a5ccad48ee3c116b55905299fd3d (diff)
cifs: don't try to unlock pagecache page after releasing it
We had a recent fix to fix the release of pagecache pages when cifs_writev_requeue writes fail. Unfortunately, it releases the page before trying to unlock it. At that point, the page might be gone by the time the unlock comes in. Unlock the page first before checking the value of "rc", and only then end writeback and release the pages. The page lock isn't required for any of those operations so this should be safe. Reported-by: Anton Altaparmakov <aia21@cam.ac.uk> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r--fs/cifs/cifssmb.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 7353bc5d73d7..8e2e799e7a24 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -1909,12 +1909,12 @@ cifs_writev_requeue(struct cifs_writedata *wdata)
1909 } while (rc == -EAGAIN); 1909 } while (rc == -EAGAIN);
1910 1910
1911 for (i = 0; i < wdata->nr_pages; i++) { 1911 for (i = 0; i < wdata->nr_pages; i++) {
1912 unlock_page(wdata->pages[i]);
1912 if (rc != 0) { 1913 if (rc != 0) {
1913 SetPageError(wdata->pages[i]); 1914 SetPageError(wdata->pages[i]);
1914 end_page_writeback(wdata->pages[i]); 1915 end_page_writeback(wdata->pages[i]);
1915 page_cache_release(wdata->pages[i]); 1916 page_cache_release(wdata->pages[i]);
1916 } 1917 }
1917 unlock_page(wdata->pages[i]);
1918 } 1918 }
1919 1919
1920 mapping_set_error(inode->i_mapping, rc); 1920 mapping_set_error(inode->i_mapping, rc);