This wait_var_event_spinlock() in nfs_uuid_put() is waiting for the
wakeup signalled at the end of nfs_close_local_fh(). That
wake_up_var_locked() uses &nfl->nfs_uuid, so the waiter must use the
same address, else nfs_uuid_put() could wait indefinitely causing
various problems.
Fixes: 21fb44034695 ("nfs_localio: protect race between nfs_uuid_put() and nfs_close_local_fh()")
Reported-by: Mike Snitzer <snitzer@xxxxxxxxxx>
Signed-off-by: NeilBrown <neil@xxxxxxxxxx>
---
fs/nfs_common/nfslocalio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/nfs_common/nfslocalio.c b/fs/nfs_common/nfslocalio.c
index 05c7c16e37ab..bc8dcfb256a3 100644
--- a/fs/nfs_common/nfslocalio.c
+++ b/fs/nfs_common/nfslocalio.c
@@ -177,7 +177,7 @@ static bool nfs_uuid_put(nfs_uuid_t *nfs_uuid)
/* nfs_close_local_fh() is doing the
* close and we must wait. until it unlinks
*/
- wait_var_event_spinlock(nfl,
+ wait_var_event_spinlock(&nfl->nfs_uuid,
list_first_entry_or_null(
&nfs_uuid->files,
struct nfs_file_localio,
--
2.49.0
