Commit 4617516d authored by Andrew Morton's avatar Andrew Morton Committed by Linus Torvalds

[PATCH] fix oops in proc_kill_inodes()

proc_kill_inodes() walks the s_files list, playing with ->f_dentry.

But there is a window in which __fput() will leave a file on that list with a
null f_dentry and f_vfsmnt.

I'm not sure it was ever confirmed that this fixed the reported oops, but it
seems much better to set those fields to null _after_ removing the filp from
the list.

(Actually, there's no need to null those pointers out at all.  But whatever;
it caught a bug).
parent d2c585d3
...@@ -183,9 +183,9 @@ void __fput(struct file *file) ...@@ -183,9 +183,9 @@ void __fput(struct file *file)
fops_put(file->f_op); fops_put(file->f_op);
if (file->f_mode & FMODE_WRITE) if (file->f_mode & FMODE_WRITE)
put_write_access(inode); put_write_access(inode);
file_kill(file);
file->f_dentry = NULL; file->f_dentry = NULL;
file->f_vfsmnt = NULL; file->f_vfsmnt = NULL;
file_kill(file);
file_free(file); file_free(file);
dput(dentry); dput(dentry);
mntput(mnt); mntput(mnt);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment