]> granicus.if.org Git - zfs/commitdiff
projects / zfs / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 549423c)
spl-mutex: fix race in mutex_exit
authorGvozden Neskovic <neskovic@gmail.com>
Thu, 3 Aug 2017 03:42:58 +0000 (05:42 +0200)
committerBrian Behlendorf <behlendorf1@llnl.gov>
Thu, 3 Aug 2017 03:42:58 +0000 (20:42 -0700)
Prevent race on accessing kmutex_t when the mutex is
embedded in a ref counted structure.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Chunwei Chen <david.chen@osnexus.com>
Signed-off-by: Gvozden Neskovic <neskovic@gmail.com>
Closes zfsonlinux/zfs#6401
Closes #637

include/sys/mutex.h patch | blob | history

diff --git a/include/sys/mutex.h b/include/sys/mutex.h
index 31923522308e8391ad2e2ba6dec94345f9eb7a98..8a98a92138d4497f5e5f6a59bf51e513ac9ac6c2 100644 (file)
--- a/include/sys/mutex.h
+++ b/include/sys/mutex.h
@@ -183,12 +183,13 @@ spl_mutex_lockdep_on_maybe(kmutex_t *mp)                  \
  */
 #define        mutex_exit(mp)                                          \
 {                                                              \
-       spl_mutex_lockdep_off_maybe(mp);                        \
-       spin_lock(&(mp)->m_lock);                               \
        spl_mutex_clear_owner(mp);                              \
+       spin_lock(&(mp)->m_lock);                               \
+       spl_mutex_lockdep_off_maybe(mp);                        \
        mutex_unlock(MUTEX(mp));                                \
-       spin_unlock(&(mp)->m_lock);                             \
        spl_mutex_lockdep_on_maybe(mp);                         \
+       spin_unlock(&(mp)->m_lock);                             \
+       /* NOTE: do not dereference mp after this point */      \
 }
 
 int spl_mutex_init(void);
Unnamed repository; edit this file 'description' to name the repository.