Only call fdclose() on successfully-opened FDs.

Since kern_openat() now uses falloc_noinstall() and finstall() separately,
there are cases where we could get to cleanup code without ever creating
a file descriptor. In those cases, we should not call fdclose() on FD -1.

Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc

sys/kern/vfs_syscalls.c

@@ -1116,7 +1116,8 @@ kern_openat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
 		 * Clean up the descriptor, but only if another thread hadn't
 		 * replaced or closed it.
 		 */
-		fdclose(fdp, fp, indx, td);
+		if (indx != -1)
+			fdclose(fdp, fp, indx, td);
 		fdrop(fp, td);
 
 		if (error == ERESTART)
@@ -1185,7 +1186,8 @@ success:
 bad:
 	VFS_UNLOCK_GIANT(vfslocked);
 bad_unlocked:
-	fdclose(fdp, fp, indx, td);
+	if (indx != -1)
+		fdclose(fdp, fp, indx, td);
 	fdrop(fp, td);
 	td->td_retval[0] = -1;
 	return (error);