From 6f8830c1c286c03717f67c2bf1fa446517e5cc8f Mon Sep 17 00:00:00 2001
From: Maxim Patlasov <Maxim.Patlasov@Sun.COM>
Date: Mon, 22 Feb 2010 14:20:43 -0800
Subject: [PATCH] b=21911 fix for double release of ibc_lock in o2iblnd

Re-acquire ibc_lock in kiblnd_post_tx_locked(). Add extra reference to conn before calling kiblnd_post_tx_locked() to avoid scenario when conn disappears inside kiblnd_post_tx_locked().

i=liang
---
 lnet/klnds/o2iblnd/o2iblnd_cb.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lnet/klnds/o2iblnd/o2iblnd_cb.c b/lnet/klnds/o2iblnd/o2iblnd_cb.c
index f869420..afbb352 100644
--- a/lnet/klnds/o2iblnd/o2iblnd_cb.c
+++ b/lnet/klnds/o2iblnd/o2iblnd_cb.c
@@ -874,6 +874,9 @@ kiblnd_post_tx_locked (kib_conn_t *conn, kib_tx_t *tx, int credit)
 
         if (done)
                 kiblnd_tx_done(peer->ibp_ni, tx);
+
+        cfs_spin_lock(&conn->ibc_lock);
+
         return -EIO;
 }
 
@@ -919,6 +922,8 @@ kiblnd_check_sends (kib_conn_t *conn)
                         kiblnd_queue_tx_locked(tx, conn);
         }
 
+        kiblnd_conn_addref(conn); /* 1 ref for me.... (see b21911) */
+
         for (;;) {
                 int credit;
 
@@ -938,6 +943,8 @@ kiblnd_check_sends (kib_conn_t *conn)
         }
 
         cfs_spin_unlock(&conn->ibc_lock);
+
+        kiblnd_conn_decref(conn); /* ...until here */
 }
 
 void
-- 
1.8.3.1