[PATCH 4.2 47/61] rbd: dont put snap_context twice in rbd_queue_workfn()

From: Greg Kroah-Hartman
Date: Sat Dec 12 2015 - 15:42:56 EST

4.2-stable review patch. If anyone has any objections, please let me know.


From: Ilya Dryomov <idryomov@xxxxxxxxx>

commit 70b16db86f564977df074072143284aec2cb1162 upstream.

Commit 4e752f0ab0e8 ("rbd: access snapshot context and mapping size
safely") moved ceph_get_snap_context() out of rbd_img_request_create()
and into rbd_queue_workfn(), adding a ceph_put_snap_context() to the
error path in rbd_queue_workfn(). However, rbd_img_request_create()
consumes a ref on snapc, so calling ceph_put_snap_context() after
a successful rbd_img_request_create() leads to an extra put. Fix it.

Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx>
Reviewed-by: Josh Durgin <jdurgin@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

drivers/block/rbd.c | 1 +
1 file changed, 1 insertion(+)

--- a/drivers/block/rbd.c
+++ b/drivers/block/rbd.c
@@ -3439,6 +3439,7 @@ static void rbd_queue_workfn(struct work
goto err_rq;
img_request->rq = rq;
+ snapc = NULL; /* img_request consumes a ref */

if (op_type == OBJ_OP_DISCARD)
result = rbd_img_request_fill(img_request, OBJ_REQUEST_NODATA,

