[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC.

[Dan Carpenter]

Hi David,

The patch 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS
filesystem use AF_RXRPC." from Apr 26, 2007, leads to the following
static checker warning:
"fs/afs/cmservice.c:155 SRXAFSCB_CallBack()
	 warn: 'call' was already freed."

fs/afs/cmservice.c
   142  static void SRXAFSCB_CallBack(struct work_struct *work)
   143  {
   144          struct afs_call *call = container_of(work, struct afs_call, work);
   145  
   146          _enter("");
   147  
   148          /* be sure to send the reply *before* attempting to spam the AFS server
   149           * with FSFetchStatus requests on the vnodes with broken callbacks lest
   150           * the AFS server get into a vicious cycle of trying to break further
   151           * callbacks because it hadn't received completion of the CBCallBack op
   152           * yet */
   153          afs_send_empty_reply(call);
   154  
   155          afs_break_callbacks(call->server, call->count, call->request);
   156          _leave("");

The problem is that if afs_send_empty_reply() will free "call" if it
encounters any error.  It would be simple enough to make
afs_send_empty_reply() return an error code on error and add a test to
prevent this, but I'm not actually sure it's the right thing to free
"call" there...  Probably that leads to a double free somewhere.

regards,
dan carpenter