| To: | xfs-dev <xfs-dev@xxxxxxx>, xfs-oss <xfs@xxxxxxxxxxx> |
|---|---|
| Subject: | [PATCH] Do not access buffers after dropping reference count |
| From: | Lachlan McIlroy <lachlan@xxxxxxx> |
| Date: | Tue, 22 Jul 2008 12:16:45 +1000 |
| Reply-to: | lachlan@xxxxxxx |
| Sender: | xfs-bounce@xxxxxxxxxxx |
| User-agent: | Thunderbird 2.0.0.14 (X11/20080421) |
We should not access a buffer after dropping it's reference count otherwise we could race with another thread that releases the final reference count and frees the buffer causing us to access potentially unmapped memory. Lachlan --- fs/xfs/linux-2.6/xfs_buf.c_1.257 2008-07-16 17:38:00.000000000 +1000
+++ fs/xfs/linux-2.6/xfs_buf.c 2008-07-22 12:05:50.000000000 +1000
@@ -839,6 +839,7 @@ xfs_buf_rele(
return;
}+ ASSERT(atomic_read(&bp->b_hold) > 0);
if (atomic_dec_and_lock(&bp->b_hold, &hash->bh_lock)) {
if (bp->b_relse) {
atomic_inc(&bp->b_hold);
@@ -852,11 +853,6 @@ xfs_buf_rele(
spin_unlock(&hash->bh_lock);
xfs_buf_free(bp);
}
- } else {
- /*
- * Catch reference count leaks
- */
- ASSERT(atomic_read(&bp->b_hold) >= 0);
}
} |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: XFS internal error xfs_btree_check_lblock, Eric Sandeen |
|---|---|
| Next by Date: | Re: INFO: task pdflush:393 blocked for more than 120 seconds. & Call traces ... (fwd), Dave Chinner |
| Previous by Thread: | Re: INFO: task pdflush:393 blocked for more than 120 seconds. & Call traces ... (fwd), Neil Brown |
| Next by Thread: | Re: [PATCH] Do not access buffers after dropping reference count, Dave Chinner |
| Indexes: | [Date] [Thread] [Top] [All Lists] |