Commit a517b608 authored by Jeff Layton's avatar Jeff Layton Committed by J. Bruce Fields

nfsd: only unhash DRC entries that are in the hashtable

It's not safe to call hlist_del() on a newly initialized hlist_node.
That leads to a NULL pointer dereference. Only do that if the entry
is hashed.
Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent a937536b
...@@ -102,7 +102,8 @@ nfsd_reply_cache_free_locked(struct svc_cacherep *rp) ...@@ -102,7 +102,8 @@ nfsd_reply_cache_free_locked(struct svc_cacherep *rp)
{ {
if (rp->c_type == RC_REPLBUFF) if (rp->c_type == RC_REPLBUFF)
kfree(rp->c_replvec.iov_base); kfree(rp->c_replvec.iov_base);
hlist_del(&rp->c_hash); if (!hlist_unhashed(&rp->c_hash))
hlist_del(&rp->c_hash);
list_del(&rp->c_lru); list_del(&rp->c_lru);
--num_drc_entries; --num_drc_entries;
kmem_cache_free(drc_slab, rp); kmem_cache_free(drc_slab, rp);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment