forked from Minki/linux
NLM: Fix double free in __nlm_async_call
rpc_call_async() will always call rpc_release_calldata(), so it is an error for __nlm_async_call() to do so as well. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
This commit is contained in:
parent
ce35a81a71
commit
a995e9eb32
@ -361,7 +361,6 @@ static int __nlm_async_call(struct nlm_rqst *req, u32 proc, struct rpc_message *
|
||||
{
|
||||
struct nlm_host *host = req->a_host;
|
||||
struct rpc_clnt *clnt;
|
||||
int status = -ENOLCK;
|
||||
|
||||
dprintk("lockd: call procedure %d on %s (async)\n",
|
||||
(int)proc, host->h_name);
|
||||
@ -373,12 +372,10 @@ static int __nlm_async_call(struct nlm_rqst *req, u32 proc, struct rpc_message *
|
||||
msg->rpc_proc = &clnt->cl_procinfo[proc];
|
||||
|
||||
/* bootstrap and kick off the async RPC call */
|
||||
status = rpc_call_async(clnt, msg, RPC_TASK_ASYNC, tk_ops, req);
|
||||
if (status == 0)
|
||||
return 0;
|
||||
return rpc_call_async(clnt, msg, RPC_TASK_ASYNC, tk_ops, req);
|
||||
out_err:
|
||||
nlm_release_call(req);
|
||||
return status;
|
||||
tk_ops->rpc_release(req);
|
||||
return -ENOLCK;
|
||||
}
|
||||
|
||||
int nlm_async_call(struct nlm_rqst *req, u32 proc, const struct rpc_call_ops *tk_ops)
|
||||
|
@ -593,9 +593,7 @@ callback:
|
||||
|
||||
/* Call the client */
|
||||
kref_get(&block->b_count);
|
||||
if (nlm_async_call(block->b_call, NLMPROC_GRANTED_MSG,
|
||||
&nlmsvc_grant_ops) < 0)
|
||||
nlmsvc_release_block(block);
|
||||
nlm_async_call(block->b_call, NLMPROC_GRANTED_MSG, &nlmsvc_grant_ops);
|
||||
}
|
||||
|
||||
/*
|
||||
|
Loading…
Reference in New Issue
Block a user