Re: [PATCH v2 2/2] NFS: Fix RCU dereference of cl_xprt in nfs_compare_super_address

Next message: syzbot: "Re: [syzbot] [net?] KASAN: null-ptr-deref Write in send_to_lecd"
Previous message: Tejun Heo: "Re: [PATCH sched_ext/for-7.2] sched_ext: Documentation: update scx_qmap description for BPF arena"
In reply to: Benjamin Coddington: "Re: [PATCH v2 2/2] NFS: Fix RCU dereference of cl_xprt in nfs_compare_super_address"
Next in thread: Sean Chang: "[PATCH v2 1/2] NFS: remove redundant __private attribute from nfs_page_class"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Chang

Date: Sun Apr 19 2026 - 12:06:50 EST

On Sun, Apr 19, 2026 at 9:52 PM Benjamin Coddington
<ben.coddington@xxxxxxxxxxxxxxx> wrote:
>
>
> > +
> > + if (!xprt1 || !xprt2 ||
> > + !test_bit(XPRT_CONNECTED, &xprt1->state) ||
> > + !test_bit(XPRT_CONNECTED, &xprt2->state))
> > + goto out_unlock;
>
> ^^ I really don't think this check is necessary. Aren't we only ever
> comparing with one freshly created, and the other looked up holding sb_lock?
>
> I'm doubtful this hunk is fixing a real problem.
>

Hi Ben,

Thanks for the clarification.

You're right. I've traced the call path and confirmed that
nfs_compare_super() is called by sget_fc() while holding
the global sb_lock. This ensures the existence and stability
of the existing superblocks and their associated transports
during the comparison.

Since the connection state doesn't affect the identity of the
server, I'll remove the redundant test_bit and pointer checks and send out v3.

Thanks,
Sean