[PATCH] v9fs: fix fd_close If a 9pfs server crashes, v9fs_fd_close() is called. Subsequently, in cleaning up by performing a umount() on the FS that was provided by this server v9fs_fd_close() is called again, and uses the old, freed valus of trans->priv. This patch ensures that trans->priv can be freed only once, otherwise this function bails early. Signed-off-by: Michal Ostrowski <mostrows@watson.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: f5ef3c105bee3a52486d7b55cef3330fcde9bca6 [log] [tgz]
author: Eric Van Hensbergen <ericvh@gmail.com> Sun Jan 08 01:04:56 2006 -0800
committer: Linus Torvalds <torvalds@g5.osdl.org> Sun Jan 08 20:14:05 2006 -0800
tree: 528a6b32cb8fbbeeced3a147e77fc544567e3a6f
parent: 7e7f358c8f8f836c504faa293fda0c1c0733b63c [diff]
diff --git a/fs/9p/trans_fd.c b/fs/9p/trans_fd.c
index 63b58ce..b7ffb98 100644
--- a/fs/9p/trans_fd.c
+++ b/fs/9p/trans_fd.c

@@ -148,12 +148,12 @@
 	if (!trans)
 		return;
 
-	trans->status = Disconnected;
-	ts = trans->priv;
+	ts = xchg(&trans->priv, NULL);
 
 	if (!ts)
 		return;
 
+	trans->status = Disconnected;
 	if (ts->in_file)
 		fput(ts->in_file);
commit	f5ef3c105bee3a52486d7b55cef3330fcde9bca6	[log] [tgz]
author	Eric Van Hensbergen <ericvh@gmail.com>	Sun Jan 08 01:04:56 2006 -0800
committer	Linus Torvalds <torvalds@g5.osdl.org>	Sun Jan 08 20:14:05 2006 -0800
tree	528a6b32cb8fbbeeced3a147e77fc544567e3a6f
parent	7e7f358c8f8f836c504faa293fda0c1c0733b63c [diff]