SUNRPC: Ensure we always run the tk_callback before tk_action

This fixes a race in which the task->tk_callback() puts the rpc_task
to sleep, setting a new callback. Under certain circumstances, the current
code may end up executing the task->tk_action before it gets round to the
callback.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: stable@kernel.org

diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c
index 5681c6a12d202a42969480b9043cb090041b0293..2e9387b23841f2d6d202611315d0781ba7de3794 100644 (file)
--- a/net/sunrpc/sched.c
+++ b/net/sunrpc/sched.c
@@ -630,14 +630,12 @@ static void __rpc_execute(struct rpc_task *task)
                        save_callback = task->tk_callback;
                        task->tk_callback = NULL;
                        save_callback(task);
-               }
-
-               /*
-                * Perform the next FSM step.
-                * tk_action may be NULL when the task has been killed
-                * by someone else.
-                */
-               if (!RPC_IS_QUEUED(task)) {
+               } else {
+                       /*
+                        * Perform the next FSM step.
+                        * tk_action may be NULL when the task has been killed
+                        * by someone else.
+                        */
                        if (task->tk_action == NULL)
                                break;
                        task->tk_action(task);