fs/netfs/fscache_cache.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
This function dereferences "cache" and then checks if it's
IS_ERR_OR_NULL(). Check first, then dereference.
Fixes: 9549332df4ed ("fscache: Implement cache registration")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
fs/netfs/fscache_cache.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/netfs/fscache_cache.c b/fs/netfs/fscache_cache.c
index d645f8b302a2..f0722cc2eae5 100644
--- a/fs/netfs/fscache_cache.c
+++ b/fs/netfs/fscache_cache.c
@@ -179,7 +179,6 @@ EXPORT_SYMBOL(fscache_acquire_cache);
void fscache_put_cache(struct fscache_cache *cache,
enum fscache_cache_trace where)
{
- unsigned int debug_id = cache->debug_id;
bool zero;
int ref;
@@ -187,7 +186,7 @@ void fscache_put_cache(struct fscache_cache *cache,
return;
zero = __refcount_dec_and_test(&cache->ref, &ref);
- trace_fscache_cache(debug_id, ref - 1, where);
+ trace_fscache_cache(cache->debug_id, ref - 1, where);
if (zero) {
down_write(&fscache_addremove_sem);
--
2.43.0Dan Carpenter <dan.carpenter@linaro.org> wrote: > zero = __refcount_dec_and_test(&cache->ref, &ref); > - trace_fscache_cache(debug_id, ref - 1, where); > + trace_fscache_cache(cache->debug_id, ref - 1, where); You can't do that if !zero. cache may be deallocated between the two lines. David
On Wed, Jan 10, 2024 at 07:01:40PM +0000, David Howells wrote: > Dan Carpenter <dan.carpenter@linaro.org> wrote: > > > zero = __refcount_dec_and_test(&cache->ref, &ref); > > - trace_fscache_cache(debug_id, ref - 1, where); > > + trace_fscache_cache(cache->debug_id, ref - 1, where); > > You can't do that if !zero. cache may be deallocated between the two lines. Ah... Right. I misread what was going on in the latter part of the function. Sorry, I'll resend. regards, dan carpenter
© 2016 - 2025 Red Hat, Inc.