aboutsummaryrefslogtreecommitdiffstats
path: root/fs/xfs/linux-2.6
diff options
context:
space:
mode:
authorLachlan McIlroy <lachlan@sgi.com>2008-08-13 01:42:10 -0400
committerLachlan McIlroy <lachlan@redback.melbourne.sgi.com>2008-08-13 01:42:10 -0400
commit3790689fa3c771bba6bafb7dee3e8389dd0b55bc (patch)
tree1445885f92de7f14034f4f5a647ea3e5ea6b43d8 /fs/xfs/linux-2.6
parent79071eb0b2f142b9cc6531d04fa2915943938b5e (diff)
[XFS] Do not access buffers after dropping reference count
We should not access a buffer after dropping it's reference count otherwise we could race with another thread that releases the final reference count and frees the buffer causing us to access potentially unmapped memory. The bug this change fixes only occured on DEBUG XFS since the offending code was in an ASSERT. SGI-PV: 984429 SGI-Modid: xfs-linux-melb:xfs-kern:31715a Signed-off-by: Lachlan McIlroy <lachlan@sgi.com> Signed-off-by: David Chinner <david@fromorbit.com>
Diffstat (limited to 'fs/xfs/linux-2.6')
-rw-r--r--fs/xfs/linux-2.6/xfs_buf.c6
1 files changed, 1 insertions, 5 deletions
diff --git a/fs/xfs/linux-2.6/xfs_buf.c b/fs/xfs/linux-2.6/xfs_buf.c
index 9cc8f0213095..9f45c74f1a84 100644
--- a/fs/xfs/linux-2.6/xfs_buf.c
+++ b/fs/xfs/linux-2.6/xfs_buf.c
@@ -838,6 +838,7 @@ xfs_buf_rele(
838 return; 838 return;
839 } 839 }
840 840
841 ASSERT(atomic_read(&bp->b_hold) > 0);
841 if (atomic_dec_and_lock(&bp->b_hold, &hash->bh_lock)) { 842 if (atomic_dec_and_lock(&bp->b_hold, &hash->bh_lock)) {
842 if (bp->b_relse) { 843 if (bp->b_relse) {
843 atomic_inc(&bp->b_hold); 844 atomic_inc(&bp->b_hold);
@@ -851,11 +852,6 @@ xfs_buf_rele(
851 spin_unlock(&hash->bh_lock); 852 spin_unlock(&hash->bh_lock);
852 xfs_buf_free(bp); 853 xfs_buf_free(bp);
853 } 854 }
854 } else {
855 /*
856 * Catch reference count leaks
857 */
858 ASSERT(atomic_read(&bp->b_hold) >= 0);
859 } 855 }
860} 856}
861 857