dlm: fix plock use-after-free
Fix a regression from the original addition of nfs lock support 586759f0. When a synchronous (non-nfs) plock completes, the waiting thread will wake up and free the op struct. This races with the user thread in dev_write() which goes on to read the op's callback field to check if the lock is async and needs a callback. This check can happen on the freed op. The fix is to note the callback value before the op can be freed. Signed-off-by:David Teigland <teigland@redhat.com>
Loading
Please sign in to comment