summaryrefslogtreecommitdiffstats
path: root/fs/fscache/cookie.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2021-06-18 12:19:49 +0200
committerDavid Howells <dhowells@redhat.com>2021-08-27 14:34:02 +0200
commit33cba859220b0878b3b2931caa1629a3d2432379 (patch)
tree16479e10dd084bd8193cf70946bfe8367a127c9a /fs/fscache/cookie.c
parentfscache: Fix cookie key hashing (diff)
downloadlinux-33cba859220b0878b3b2931caa1629a3d2432379.tar.xz
linux-33cba859220b0878b3b2931caa1629a3d2432379.zip
fscache: Fix fscache_cookie_put() to not deref after dec
fscache_cookie_put() accesses the cookie it has just put inside the tracepoint that monitors the change - but this is something it's not allowed to do if we didn't reduce the count to zero. Fix this by dropping most of those values from the tracepoint and grabbing the cookie debug ID before doing the dec. Also take the opportunity to switch over the usage and where arguments on the tracepoint to put the reason last. Fixes: a18feb55769b ("fscache: Add tracepoints") Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Jeff Layton <jlayton@redhat.com> cc: linux-cachefs@redhat.com Link: https://lore.kernel.org/r/162431203107.2908479.3259582550347000088.stgit@warthog.procyon.org.uk/
Diffstat (limited to 'fs/fscache/cookie.c')
-rw-r--r--fs/fscache/cookie.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/fs/fscache/cookie.c b/fs/fscache/cookie.c
index 2558814193e9..6df3732cf1b4 100644
--- a/fs/fscache/cookie.c
+++ b/fs/fscache/cookie.c
@@ -225,8 +225,8 @@ struct fscache_cookie *fscache_hash_cookie(struct fscache_cookie *candidate)
collision:
if (test_and_set_bit(FSCACHE_COOKIE_ACQUIRED, &cursor->flags)) {
- trace_fscache_cookie(cursor, fscache_cookie_collision,
- atomic_read(&cursor->usage));
+ trace_fscache_cookie(cursor->debug_id, atomic_read(&cursor->usage),
+ fscache_cookie_collision);
pr_err("Duplicate cookie detected\n");
fscache_print_cookie(cursor, 'O');
fscache_print_cookie(candidate, 'N');
@@ -305,7 +305,8 @@ struct fscache_cookie *__fscache_acquire_cookie(
cookie = fscache_hash_cookie(candidate);
if (!cookie) {
- trace_fscache_cookie(candidate, fscache_cookie_discard, 1);
+ trace_fscache_cookie(candidate->debug_id, 1,
+ fscache_cookie_discard);
goto out;
}
@@ -866,8 +867,9 @@ void fscache_cookie_put(struct fscache_cookie *cookie,
_enter("%x", cookie->debug_id);
do {
+ unsigned int cookie_debug_id = cookie->debug_id;
usage = atomic_dec_return(&cookie->usage);
- trace_fscache_cookie(cookie, where, usage);
+ trace_fscache_cookie(cookie_debug_id, usage, where);
if (usage > 0)
return;