From fc511a330211f9b81d6b2541872add484c40108e Mon Sep 17 00:00:00 2001 From: Navdeep Parhar Date: Fri, 27 May 2016 23:44:33 +0000 Subject: [PATCH] iw_cxgbe: Plug a lock leak in process_mpa_request(). If the parent is DEAD or connect_request_upcall() fails, the parent mutex is left locked. This leads to a hang when process_mpa_request() is called again for another child of the listening endpoint. Submitted by: Krishnamraju Eraparaju @ Chelsio Obtained from: upstream iw_cxgb4 Sponsored by: Chelsio Communications --- sys/dev/cxgbe/iw_cxgbe/cm.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/sys/dev/cxgbe/iw_cxgbe/cm.c b/sys/dev/cxgbe/iw_cxgbe/cm.c index 37591408688..dc5617d9bc5 100644 --- a/sys/dev/cxgbe/iw_cxgbe/cm.c +++ b/sys/dev/cxgbe/iw_cxgbe/cm.c @@ -1861,14 +1861,16 @@ process_mpa_request(struct c4iw_ep *ep) /* drive upcall */ mutex_lock(&ep->parent_ep->com.mutex); if (ep->parent_ep->com.state != DEAD) { - if(connect_request_upcall(ep)) - goto err_out; - }else { - goto err_out; - } + if (connect_request_upcall(ep)) + goto err_unlock_parent; + } else + goto err_unlock_parent; mutex_unlock(&ep->parent_ep->com.mutex); return 0; +err_unlock_parent: + mutex_unlock(&ep->parent_ep->com.mutex); + goto err_out; err_stop_timer: STOP_EP_TIMER(ep); err_out: