On Mon, Mar 22, 2021 at 02:13:42PM +0900, Namjae Jeon wrote:
> +static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
> + unsigned int id)
> +{
> + bool unclaimed = true;
> + struct ksmbd_file *fp;
> +
> + read_lock(&ft->lock);
> + fp = idr_find(ft->idr, id);
> + if (fp)
> + fp = ksmbd_fp_get(fp);
> +
> + if (fp && fp->f_ci) {
> + read_lock(&fp->f_ci->m_lock);
> + unclaimed = list_empty(&fp->node);
> + read_unlock(&fp->f_ci->m_lock);
> + }
> + read_unlock(&ft->lock);
> +
> + if (fp && unclaimed) {
> + atomic_dec(&fp->refcount);
> + return NULL;
> + }
Can that atomic_dec() end up dropping the last remaining reference?
If not, what's to prevent that?
