From nobody@FreeBSD.org  Mon Jan 15 08:34:27 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 7F03E16A416
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 15 Jan 2007 08:34:27 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 6FA9D13C457
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 15 Jan 2007 08:34:27 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id l0F8YRPi029220
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 15 Jan 2007 08:34:27 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id l0F8YRA1029219;
	Mon, 15 Jan 2007 08:34:27 GMT
	(envelope-from nobody)
Message-Id: <200701150834.l0F8YRA1029219@www.freebsd.org>
Date: Mon, 15 Jan 2007 08:34:27 GMT
From: Yuxiang Luo<fedora@ercist.iscas.ac.cn>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Forget to unlock mutex-locks
X-Send-Pr-Version: www-3.0

>Number:         107944
>Category:       kern
>Synopsis:       [wi] [patch] Forget to unlock mutex-locks
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-net
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 15 08:40:16 GMT 2007
>Closed-Date:    
>Last-Modified:  Sun Sep 28 02:50:35 UTC 2008
>Originator:     Yuxiang Luo
>Release:        6.0 stable
>Organization:
Institute of Software, Chinese Academy of Sciences
>Environment:
FreeBSD Earth.Earth 6.0-RELEASE FreeBSD 6.0-RELEASE #2: Tue Feb 28 02:32:45 UTC 2006     root@guhao.fsd.iscas:/usr/obj/usr/src/sys/CAS-EARTH  i386
>Description:
These two bugs, exiting with mutex-lock holded, are detected by a static analyzer we are developing.
One of them are caused by GOTO statement.

>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -cr dev/aac/aac_cam.c dev_new/aac/aac_cam.c
*** dev/aac/aac_cam.c	Wed Jul 26 07:46:00 2006
--- dev_new/aac/aac_cam.c	Mon Jan 15 16:15:28 2007
***************
*** 571,576 ****
--- 571,577 ----
  		device_printf(sc->aac_dev,"Error %d sending ResetBus command\n",
  		    e);
  		aac_release_sync_fib(sc);
+ 		mtx_unlock(&sc->aac_io_lock);
  		return (CAM_REQ_ABORTED);
  	}
  
diff -cr dev/wi/if_wi.c dev_new/wi/if_wi.c
*** dev/wi/if_wi.c	Tue Aug  1 07:37:22 2006
--- dev_new/wi/if_wi.c	Mon Jan 15 16:29:59 2007
***************
*** 1760,1767 ****
  #endif
  		if (ifma->ifma_addr->sa_family != AF_LINK)
  			continue;
! 		if (n >= 16)
  			goto allmulti;
  		IEEE80211_ADDR_COPY(&mlist.wi_mcast[n],
  		    (LLADDR((struct sockaddr_dl *)ifma->ifma_addr)));
  		n++;
--- 1760,1769 ----
  #endif
  		if (ifma->ifma_addr->sa_family != AF_LINK)
  			continue;
! 		if (n >= 16) {
! 			IF_ADDR_UNLOCK(ifp);
  			goto allmulti;
+ 		}
  		IEEE80211_ADDR_COPY(&mlist.wi_mcast[n],
  		    (LLADDR((struct sockaddr_dl *)ifma->ifma_addr)));
  		n++;

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Mon Jan 15 08:42:20 UTC 2007 
State-Changed-Why:  
duplicate of i386/107943 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
State-Changed-From-To: closed->open 
State-Changed-By: emaste 
State-Changed-When: Wed Aug 22 14:50:03 UTC 2007 
State-Changed-Why:  
Not actually a dupe; i386/107943 mentions two bugs but includes 
only one patch.  The patch in i386/107943 has been applied to 
aac_cam.c, while the patch to if_wi.c which exists only in this 
PR has not been applied. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
Responsible-Changed-From-To: freebsd-i386->freebsd-bugs 
Responsible-Changed-By: emaste 
Responsible-Changed-When: Wed Aug 22 14:54:47 UTC 2007 
Responsible-Changed-Why:  
Not i386 specific. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
Responsible-Changed-From-To: freebsd-bugs->kmacy 
Responsible-Changed-By: kmacy 
Responsible-Changed-When: Fri Nov 16 09:42:27 UTC 2007 
Responsible-Changed-Why:  

I'll take a look at the wi patch. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
Responsible-Changed-From-To: kmacy->rink 
Responsible-Changed-By: kmacy 
Responsible-Changed-When: Fri Nov 16 20:41:15 UTC 2007 
Responsible-Changed-Why:  

rink said he would be willing to test the patch against wi 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
Responsible-Changed-From-To: rink->freebsd-bugs 
Responsible-Changed-By: rink 
Responsible-Changed-When: Wed Jan 30 13:40:45 UTC 2008 
Responsible-Changed-Why:  
My wi(4) appears to be broken - with or without this patch, I don't even see 
any SSID's :-(. Can someone with working hardware check this? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
Responsible-Changed-From-To: freebsd-bugs->freebsd-net 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sun Sep 28 02:50:27 UTC 2008 
Responsible-Changed-Why:  
reclassify. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107944 
>Unformatted:
