From a995e9eb3258df6ab2e9f958e08003978e50d568 Mon Sep 17 00:00:00 2001 From: Trond Myklebust Date: Fri, 2 Feb 2007 15:37:43 -0800 Subject: NLM: Fix double free in __nlm_async_call rpc_call_async() will always call rpc_release_calldata(), so it is an error for __nlm_async_call() to do so as well. Signed-off-by: Trond Myklebust --- fs/lockd/clntproc.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'fs/lockd/clntproc.c') diff --git a/fs/lockd/clntproc.c b/fs/lockd/clntproc.c index 0b4acc1c5e7..a5c019e1a44 100644 --- a/fs/lockd/clntproc.c +++ b/fs/lockd/clntproc.c @@ -361,7 +361,6 @@ static int __nlm_async_call(struct nlm_rqst *req, u32 proc, struct rpc_message * { struct nlm_host *host = req->a_host; struct rpc_clnt *clnt; - int status = -ENOLCK; dprintk("lockd: call procedure %d on %s (async)\n", (int)proc, host->h_name); @@ -373,12 +372,10 @@ static int __nlm_async_call(struct nlm_rqst *req, u32 proc, struct rpc_message * msg->rpc_proc = &clnt->cl_procinfo[proc]; /* bootstrap and kick off the async RPC call */ - status = rpc_call_async(clnt, msg, RPC_TASK_ASYNC, tk_ops, req); - if (status == 0) - return 0; + return rpc_call_async(clnt, msg, RPC_TASK_ASYNC, tk_ops, req); out_err: - nlm_release_call(req); - return status; + tk_ops->rpc_release(req); + return -ENOLCK; } int nlm_async_call(struct nlm_rqst *req, u32 proc, const struct rpc_call_ops *tk_ops) -- cgit v1.2.3-18-g5258