The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7c1c0e94363db09af0c260d9292160cdd2230f23
commit 7c1c0e94363db09af0c260d9292160cdd2230f23 Author: Mark Johnston <[email protected]> AuthorDate: 2026-02-12 14:00:43 +0000 Commit: Mark Johnston <[email protected]> CommitDate: 2026-02-12 14:00:43 +0000 rpc: Improve socket locking in svc_vc_accept() so_state modifications must be synchronized by the socket lock. For the listening socket this probably doesn't matter but for the child socket I think it's possible that this unlocked update clobbers a state transition if the nascent connection is being disconnected for some reason. Also fix the line which potentially clears SS_NBIO in the listening socket. It is unclear whether this code is used at all. Reviewed by: glebius MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D55247 --- sys/rpc/svc_vc.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sys/rpc/svc_vc.c b/sys/rpc/svc_vc.c index 7e30582c59e0..848109704ad0 100644 --- a/sys/rpc/svc_vc.c +++ b/sys/rpc/svc_vc.c @@ -389,12 +389,15 @@ svc_vc_accept(struct socket *head, struct socket **sop) SOLISTEN_LOCK(head); nbio = head->so_state & SS_NBIO; head->so_state |= SS_NBIO; - error = solisten_dequeue(head, &so, 0); - head->so_state &= (nbio & ~SS_NBIO); + error = solisten_dequeue(head, &so, nbio ? SOCK_NONBLOCK : 0); + if (nbio == 0) { + SOLISTEN_LOCK(head); + head->so_state &= ~SS_NBIO; + SOLISTEN_UNLOCK(head); + } if (error) goto done; - so->so_state |= nbio; *sop = so; /* connection has been removed from the listen queue */
