diff options
author | David Howells <dhowells@redhat.com> | 2016-08-08 14:06:41 +0200 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2016-08-09 18:12:23 +0200 |
commit | 17b963e319449f709e78dc1ef445d797a13eecbc (patch) | |
tree | 6aed9ab4d827efa35256777f3cc4f21db4c4df44 /net | |
parent | rxrpc: fix uninitialized pointer dereference in debug code (diff) | |
download | linux-17b963e319449f709e78dc1ef445d797a13eecbc.tar.xz linux-17b963e319449f709e78dc1ef445d797a13eecbc.zip |
rxrpc: Need to flag call as being released on connect failure
If rxrpc_new_client_call() fails to make a connection, the call record that
it allocated needs to be marked as RXRPC_CALL_RELEASED before it is passed
to rxrpc_put_call() to indicate that it no longer has any attachment to the
AF_RXRPC socket.
Without this, an assertion failure may occur at:
net/rxrpc/call_object:635
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/rxrpc/call_object.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/rxrpc/call_object.c b/net/rxrpc/call_object.c index e8c953c48cb8..ae057e0740f3 100644 --- a/net/rxrpc/call_object.c +++ b/net/rxrpc/call_object.c @@ -275,6 +275,7 @@ error: list_del_init(&call->link); write_unlock_bh(&rxrpc_call_lock); + set_bit(RXRPC_CALL_RELEASED, &call->flags); call->state = RXRPC_CALL_DEAD; rxrpc_put_call(call); _leave(" = %d", ret); @@ -287,6 +288,7 @@ error: */ found_user_ID_now_present: write_unlock(&rx->call_lock); + set_bit(RXRPC_CALL_RELEASED, &call->flags); call->state = RXRPC_CALL_DEAD; rxrpc_put_call(call); _leave(" = -EEXIST [%p]", call); |