From owner-svn-src-head@FreeBSD.ORG Sun Nov 3 23:17:31 2013 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 518ED350; Sun, 3 Nov 2013 23:17:31 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3D1062944; Sun, 3 Nov 2013 23:17:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id rA3NHVKn088586; Sun, 3 Nov 2013 23:17:31 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id rA3NHVtJ088585; Sun, 3 Nov 2013 23:17:31 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201311032317.rA3NHVtJ088585@svn.freebsd.org> From: Rick Macklem Date: Sun, 3 Nov 2013 23:17:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r257598 - head/sys/fs/nfs X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Nov 2013 23:17:31 -0000 Author: rmacklem Date: Sun Nov 3 23:17:30 2013 New Revision: 257598 URL: http://svnweb.freebsd.org/changeset/base/257598 Log: During code inspection, I spotted that there was a code path where CLNT_CONTROL() would be called on "client" after it was released via CLNT_RELEASE(). It was unlikely that this code path gets executed and I have not heard of any problem report caused by this bug. This patch fixes the code so that this cannot happen. MFC after: 2 months Modified: head/sys/fs/nfs/nfs_commonkrpc.c Modified: head/sys/fs/nfs/nfs_commonkrpc.c ============================================================================== --- head/sys/fs/nfs/nfs_commonkrpc.c Sun Nov 3 23:06:24 2013 (r257597) +++ head/sys/fs/nfs/nfs_commonkrpc.c Sun Nov 3 23:17:30 2013 (r257598) @@ -336,24 +336,25 @@ newnfs_connect(struct nfsmount *nmp, str mtx_lock(&nrp->nr_mtx); if (nrp->nr_client != NULL) { + mtx_unlock(&nrp->nr_mtx); /* * Someone else already connected. */ CLNT_RELEASE(client); } else { nrp->nr_client = client; + /* + * Protocols that do not require connections may be optionally + * left unconnected for servers that reply from a port other + * than NFS_PORT. + */ + if (nmp == NULL || (nmp->nm_flag & NFSMNT_NOCONN) == 0) { + mtx_unlock(&nrp->nr_mtx); + CLNT_CONTROL(client, CLSET_CONNECT, &one); + } else + mtx_unlock(&nrp->nr_mtx); } - /* - * Protocols that do not require connections may be optionally left - * unconnected for servers that reply from a port other than NFS_PORT. - */ - if (nmp == NULL || (nmp->nm_flag & NFSMNT_NOCONN) == 0) { - mtx_unlock(&nrp->nr_mtx); - CLNT_CONTROL(client, CLSET_CONNECT, &one); - } else { - mtx_unlock(&nrp->nr_mtx); - } /* Restore current thread's credentials. */ td->td_ucred = origcred;