Sriram Patil has uploaded this change for review.

View Change

Releasing session refcount after sending response to client

Session refcount should be decremented only after sending reply back to the
client. If we decrement the refcount after processing the compound request and
before sending the reply, the current response may get freed from the cache.
This happens when there is a concurrent CREATE_SESSION request from a client
whose client owner turns out to be the same as the current one.

In case of client owner conflict the new client decrements the session
refcount. If the current request is still processing the request and has not
sent the response, it may free the cached response when decrementing the
refcount because the refcount now becomes zero. When sending reply this causes
ganesha crash because the result is already freed.

This change fixes the above race condition by always decrementing the session
refcount after the reply is successfully sent.

Change-Id: I9ab34f47347eec6d7438ad6f6c8505949eb1d963
Signed-off-by: Sriram Patil <sriramp@vmware.com>
---
M src/MainNFSD/nfs_worker_thread.c
M src/Protocols/NFS/nfs4_Compound.c
M src/include/fsal_api.h
3 files changed, 17 insertions(+), 1 deletion(-)

git pull ssh://review.gerrithub.io:29418/ffilz/nfs-ganesha refs/changes/09/441409/1

To view, visit change 441409. To unsubscribe, or for help writing mail filters, visit settings.