From d363d282f8e80f9ca9593de443999e3dc15d3474 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Wed, 1 Jun 2005 12:14:56 +0000
Subject: When aborting tcp_attach() due to a problem allocating or attaching
 the tcpcb, lock the inpcb before calling in_pcbdetach() or in6_pcbdetach(),
 as they expect the inpcb to be passed locked.

MFC after:	7 days
---
 sys/netinet/tcp_usrreq.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'sys/netinet/tcp_usrreq.c')

diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c
index ccdc807..653ab6c 100644
--- a/sys/netinet/tcp_usrreq.c
+++ b/sys/netinet/tcp_usrreq.c
@@ -1211,6 +1211,8 @@ tcp_attach(so)
 		int nofd = so->so_state & SS_NOFDREF;	/* XXX */
 
 		so->so_state &= ~SS_NOFDREF;	/* don't free the socket yet */
+
+		INP_LOCK(inp);
 #ifdef INET6
 		if (isipv6)
 			in6_pcbdetach(inp);
-- 
cgit v1.1