diff options
author | Jaegeuk Kim <jaegeuk@kernel.org> | 2015-08-21 23:37:18 -0700 |
---|---|---|
committer | Jaegeuk Kim <jaegeuk@kernel.org> | 2015-08-24 09:37:42 -0700 |
commit | f7409d0fae7a02ea6c8195f75ad73866d5dea617 (patch) | |
tree | a2d4cde5ad43b57bccb78fb9ce951e59981817a4 /fs/f2fs | |
parent | 80c545055dc7c1f7f487176fe0aac17896a4b7af (diff) | |
download | linux-f7409d0fae7a02ea6c8195f75ad73866d5dea617.tar.gz linux-f7409d0fae7a02ea6c8195f75ad73866d5dea617.tar.bz2 linux-f7409d0fae7a02ea6c8195f75ad73866d5dea617.zip |
f2fs: fix wrong pointer access during try_to_free_nids
If we release the lock in list_for_each_entry_safe, we can lose the tmp
pointer by alloc_nid.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Diffstat (limited to 'fs/f2fs')
-rw-r--r-- | fs/f2fs/node.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/fs/f2fs/node.c b/fs/f2fs/node.c index 777066d29fa8..0867325e288f 100644 --- a/fs/f2fs/node.c +++ b/fs/f2fs/node.c @@ -1664,11 +1664,9 @@ int try_to_free_nids(struct f2fs_sb_info *sbi, int nr_shrink) if (i->state == NID_ALLOC) continue; __del_from_free_nid_list(nm_i, i); - nm_i->fcnt--; - spin_unlock(&nm_i->free_nid_list_lock); kmem_cache_free(free_nid_slab, i); + nm_i->fcnt--; nr_shrink--; - spin_lock(&nm_i->free_nid_list_lock); } spin_unlock(&nm_i->free_nid_list_lock); mutex_unlock(&nm_i->build_lock); |