NLM: Fix double free in __nlm_async_call rpc_call_async() will always call rpc_release_calldata(), so it is an error for __nlm_async_call() to do so as well. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

commit: a995e9eb3258df6ab2e9f958e08003978e50d568 [log] [tgz]
author: Trond Myklebust <Trond.Myklebust@netapp.com> Fri Feb 02 15:37:43 2007 -0800
committer: Trond Myklebust <Trond.Myklebust@netapp.com> Sat Feb 03 15:35:02 2007 -0800
tree: 03caf30a4c79f5b2254ad1f15b98bfe4d3519983
parent: ce35a81a71f405031ed6fd0d454d3aaa55dc8ed2 [diff] [blame]
diff --git a/fs/lockd/clntproc.c b/fs/lockd/clntproc.c
index 0b4acc1..a5c019e 100644
--- a/fs/lockd/clntproc.c
+++ b/fs/lockd/clntproc.c

@@ -361,7 +361,6 @@
 {
 	struct nlm_host	*host = req->a_host;
 	struct rpc_clnt	*clnt;
-	int status = -ENOLCK;
 
 	dprintk("lockd: call procedure %d on %s (async)\n",
 			(int)proc, host->h_name);
@@ -373,12 +372,10 @@
 	msg->rpc_proc = &clnt->cl_procinfo[proc];
 
         /* bootstrap and kick off the async RPC call */
-        status = rpc_call_async(clnt, msg, RPC_TASK_ASYNC, tk_ops, req);
-	if (status == 0)
-		return 0;
+        return rpc_call_async(clnt, msg, RPC_TASK_ASYNC, tk_ops, req);
 out_err:
-	nlm_release_call(req);
-	return status;
+	tk_ops->rpc_release(req);
+	return -ENOLCK;
 }
 
 int nlm_async_call(struct nlm_rqst *req, u32 proc, const struct rpc_call_ops *tk_ops)
commit	a995e9eb3258df6ab2e9f958e08003978e50d568	[log] [tgz]
author	Trond Myklebust <Trond.Myklebust@netapp.com>	Fri Feb 02 15:37:43 2007 -0800
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	Sat Feb 03 15:35:02 2007 -0800
tree	03caf30a4c79f5b2254ad1f15b98bfe4d3519983
parent	ce35a81a71f405031ed6fd0d454d3aaa55dc8ed2 [diff] [blame]