NFS: Ensure we always dereference the page head last (08fead2a) · Commits · e / devices / android_kernel_fairphone_FP5

fs/nfs/pagelist.c

+6 −5

Original line number	Diff line number	Diff line
		@@ -306,14 +306,11 @@ static void
		nfs_page_group_destroy(struct kref *kref)
		{
		struct nfs_page *req = container_of(kref, struct nfs_page, wb_kref);
		struct nfs_page *head = req->wb_head;
		struct nfs_page tmp, next;

		/* subrequests must release the ref on the head request */
		if (req->wb_head != req)
		nfs_release_request(req->wb_head);

		if (!nfs_page_group_sync_on_bit(req, PG_TEARDOWN))
		return;
		goto out;

		tmp = req;
		do {
		@@ -324,6 +321,10 @@ nfs_page_group_destroy(struct kref *kref)
		nfs_free_request(tmp);
		tmp = next;
		} while (tmp != req);
		out:
		/* subrequests must release the ref on the head request */
		if (head != req)
		nfs_release_request(head);
		}

		/**