If there were less than 2 entries in the multipath list, then
xprt_iter_next_entry_multiple() would never advance beyond the
first entry, which is correct for round robin behaviour, but not
for the list iteration.
The end result would be infinite looping in rpc_clnt_iterate_for_each_xprt()
as we would never see the xprt == NULL condition fulfilled.
Reported-by: Oleg Drokin <[email protected]>
Fixes: 80b14d5e61ca ("SUNRPC: Add a structure to track multiple transports")
Signed-off-by: Trond Myklebust <[email protected]>
---
net/sunrpc/xprtmultipath.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/net/sunrpc/xprtmultipath.c b/net/sunrpc/xprtmultipath.c
index e7fd76975d86..66c9d63f4797 100644
--- a/net/sunrpc/xprtmultipath.c
+++ b/net/sunrpc/xprtmultipath.c
@@ -271,14 +271,12 @@ struct rpc_xprt *xprt_iter_next_entry_multiple(struct rpc_xprt_iter *xpi,
xprt_switch_find_xprt_t find_next)
{
struct rpc_xprt_switch *xps = rcu_dereference(xpi->xpi_xpswitch);
- struct list_head *head;
if (xps == NULL)
return NULL;
- head = &xps->xps_xprt_list;
- if (xps->xps_nxprts < 2)
- return xprt_switch_find_first_entry(head);
- return xprt_switch_set_next_cursor(head, &xpi->xpi_cursor, find_next);
+ return xprt_switch_set_next_cursor(&xps->xps_xprt_list,
+ &xpi->xpi_cursor,
+ find_next);
}
static
--
2.7.4
I have found (with Chuck's help) that this patch appears to fix an issue
I've been struggling with for the past couple of weeks, where my clients
will just hammer the server with BIND_CONN_TO_SESSION requests endlessly
until the server dies from OOM. Really, Chuck found the patch and all I
did was apply it locally. At least that issue hasn't reoccurred so far.
The server probably shouldn't die from a confused client, but that's a
separate issue.
However, this patch isn't tagged for stable. Would you consider
submitting it there? I'm hoping that Fedora will integrate it locally
but I think it would be of more general use.
Thanks,
--
Jason L Tibbitts III - [email protected] - 713/743-3486 - 660PGH
System Manager: University of Houston Department of Mathematics
> On Aug 29, 2016, at 12:49, Jason L Tibbitts III <[email protected]> wrote=
:
>=20
> I have found (with Chuck's help) that this patch appears to fix an issue
> I've been struggling with for the past couple of weeks, where my clients
> will just hammer the server with BIND_CONN_TO_SESSION requests endlessly
> until the server dies from OOM. Really, Chuck found the patch and all I
> did was apply it locally. At least that issue hasn't reoccurred so far.
>=20
> The server probably shouldn't die from a confused client, but that's a
> separate issue.
>=20
> However, this patch isn't tagged for stable. Would you consider
> submitting it there? I'm hoping that Fedora will integrate it locally
> but I think it would be of more general use.
Feel free to submit it to [email protected]=85
Cheers,
Trond