From: Dipankar Sarma <dipankar@in.ibm.com>

locate_fd() may expand fdtable, so the fdtable pointer must be reloaded after
locate_fd().  Fixes bugme #4770.

Signed-off-by: Dipankar Sarma <dipankar@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 fs/fcntl.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletion(-)

diff -puN fs/fcntl.c~files-break-up-files-struct-fix-dupfd-by-fdt-reload fs/fcntl.c
--- 25/fs/fcntl.c~files-break-up-files-struct-fix-dupfd-by-fdt-reload	2005-06-24 22:49:43.000000000 -0700
+++ 25-akpm/fs/fcntl.c	2005-06-24 22:49:43.000000000 -0700
@@ -111,9 +111,10 @@ static int dupfd(struct file *file, unsi
 	int fd;
 
 	spin_lock(&files->file_lock);
-	fdt = files_fdtable(files);
 	fd = locate_fd(files, file, start);
 	if (fd >= 0) {
+		/* locate_fd() may have expanded fdtable, load the ptr */
+		fdt = files_fdtable(files);
 		FD_SET(fd, fdt->open_fds);
 		FD_CLR(fd, fdt->close_on_exec);
 		spin_unlock(&files->file_lock);
_