On Sun, 2025-06-08 at 18:08 -0400, Chuck Lever wrote: > From: Chuck Lever <chuck.lever@xxxxxxxxxx> > > The new code neglects to remove a freshly-allocated RCL from the > callback's referring call list when no matching referring call is > found. > > Reported-by: kernel test robot <lkp@xxxxxxxxx> > Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > Closes: https://lore.kernel.org/r/202505171002.cE46sdj5-lkp@xxxxxxxxx/ > Fixes: 4f3c8d8c9e10 ("NFSD: Implement CB_SEQUENCE referring call lists") > Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx> > --- > fs/nfsd/nfs4callback.c | 1 + > 1 file changed, 1 insertion(+) > > I don't recall seeing this on the mailing list. Targeting this > one for nfsd-fixes. > > > diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c > index ccb00aa93be0..e00b2aea8da2 100644 > --- a/fs/nfsd/nfs4callback.c > +++ b/fs/nfsd/nfs4callback.c > @@ -1409,6 +1409,7 @@ void nfsd41_cb_referring_call(struct nfsd4_callback *cb, > out: > if (!rcl->__nr_referring_calls) { > cb->cb_nr_referring_call_list--; > + list_del(&rcl->__list); > kfree(rcl); > } > } Nice catch. Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>
