From patchwork Mon Mar 18 14:49:07 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 2292931 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork2.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork2.kernel.org (Postfix) with ESMTP id 4BE45DF215 for ; Mon, 18 Mar 2013 14:49:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753242Ab3CROtN (ORCPT ); Mon, 18 Mar 2013 10:49:13 -0400 Received: from mail-oa0-f45.google.com ([209.85.219.45]:60309 "EHLO mail-oa0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753202Ab3CROtM (ORCPT ); Mon, 18 Mar 2013 10:49:12 -0400 Received: by mail-oa0-f45.google.com with SMTP id o6so5735490oag.32 for ; Mon, 18 Mar 2013 07:49:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:sender:from:to:cc:subject:date:message-id:x-mailer :x-gm-message-state; bh=aOzR70sCga5CwPBFBiBNOfYIyME4dGFF0R1ZUU/2koQ=; b=Ks0j1B2mz9dfx4l2nrOgme8xVB63MYYCUHk/PKuCqFN4sE44hJ+0Hg7tV5ZESa1Rkg ETCxk8CWYwK4+YZ7dADnd6EpVwgUeo8NuRg8BjDVGIRuwBdM5OcW52ut5bsUG3ICaDZM eLQoBnvrWG6sqi0yZz9EB58OR47YQwpYZOBpH0j3PjcaRk/fhPXzV7nK/BlipIgLwf/A VDiRGvslFqUrl090nV3m+CWf+GaVwy0+h4K2qDrTMi0aRZlrM0bvGtDcRayqV8DKL8GA ju6ZONB5q1r9MjtYRGCW9+S1J56BPvusAtfCGaOZiEb9+/XqXUAsauJOPV5VrvD1DsUh l9+w== X-Received: by 10.60.7.67 with SMTP id h3mr6901161oea.69.1363618152009; Mon, 18 Mar 2013 07:49:12 -0700 (PDT) Received: from salusa.poochiereds.net (cpe-107-015-113-143.nc.res.rr.com. [107.15.113.143]) by mx.google.com with ESMTPS id d10sm6540672obk.1.2013.03.18.07.49.11 (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 18 Mar 2013 07:49:11 -0700 (PDT) From: Jeff Layton To: bfields@fieldses.org Cc: linux-nfs@vger.kernel.org Subject: [PATCH] nfsd: only unhash DRC entries that are in the hashtable Date: Mon, 18 Mar 2013 10:49:07 -0400 Message-Id: <1363618147-24676-1-git-send-email-jlayton@redhat.com> X-Mailer: git-send-email 1.7.11.7 X-Gm-Message-State: ALoCoQlvd/eTl0M9jmhixYXDrxOALCLCeM31eYURvWyLpiF8dU3eXd9XYzf+uTEPNQpWM64Cv5e7 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org It's not safe to call hlist_del() on a newly initialized hlist_node. That leads to a NULL pointer dereference. Only do that if the entry is hashed. Signed-off-by: Jeff Layton --- fs/nfsd/nfscache.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/nfsd/nfscache.c b/fs/nfsd/nfscache.c index f5ad28e..ca05f6d 100644 --- a/fs/nfsd/nfscache.c +++ b/fs/nfsd/nfscache.c @@ -102,7 +102,8 @@ nfsd_reply_cache_free_locked(struct svc_cacherep *rp) { if (rp->c_type == RC_REPLBUFF) kfree(rp->c_replvec.iov_base); - hlist_del(&rp->c_hash); + if (!hlist_unhashed(&rp->c_hash)) + hlist_del(&rp->c_hash); list_del(&rp->c_lru); --num_drc_entries; kmem_cache_free(drc_slab, rp);