svn commit: r306559 - head/sys/netinet
Rick Macklem
rmacklem at FreeBSD.org
Sat Oct 1 19:39:10 UTC 2016
Author: rmacklem
Date: Sat Oct 1 19:39:09 2016
New Revision: 306559
URL: https://svnweb.freebsd.org/changeset/base/306559
Log:
r297225 broke udp_output() for the case where the "addr" argument
is NULL and the function jumps to the "release:" label.
For this case, the "inp" was write locked, but the code attempted to
read unlock it. This patch fixes the problem.
This case could occur for NFS over UDP mounts, where the server was
down for a few minutes under certain circumstances.
Reported by: bde
Tested by: bde
Reviewed by: gnn
MFC after: 2 weeks
Modified:
head/sys/netinet/udp_usrreq.c
Modified: head/sys/netinet/udp_usrreq.c
==============================================================================
--- head/sys/netinet/udp_usrreq.c Sat Oct 1 19:30:28 2016 (r306558)
+++ head/sys/netinet/udp_usrreq.c Sat Oct 1 19:39:09 2016 (r306559)
@@ -1567,12 +1567,18 @@ udp_output(struct inpcb *inp, struct mbu
release:
if (unlock_udbinfo == UH_WLOCKED) {
+ KASSERT(unlock_inp == UH_WLOCKED,
+ ("%s: excl udbinfo lock, shared inp lock", __func__));
INP_HASH_WUNLOCK(pcbinfo);
INP_WUNLOCK(inp);
} else if (unlock_udbinfo == UH_RLOCKED) {
+ KASSERT(unlock_inp == UH_RLOCKED,
+ ("%s: shared udbinfo lock, excl inp lock", __func__));
INP_HASH_RUNLOCK(pcbinfo);
INP_RUNLOCK(inp);
- } else
+ } else if (unlock_inp == UH_WLOCKED)
+ INP_WUNLOCK(inp);
+ else
INP_RUNLOCK(inp);
m_freem(m);
return (error);
More information about the svn-src-all
mailing list