From: James Simmons <jsimmons@infradead.org>
To: lustre-devel@lists.lustre.org
Subject: [lustre-devel] [PATCH 06/10] lnet: socklnd: fix infinite loop in ksocknal_push()
Date: Sun, 21 Jul 2019 22:12:18 -0400 [thread overview]
Message-ID: <1563761542-3708-7-git-send-email-jsimmons@infradead.org> (raw)
In-Reply-To: <1563761542-3708-1-git-send-email-jsimmons@infradead.org>
From: NeilBrown <neilb@suse.com>
If the list_for_each_entry() loop in ksocknal_push()
ever finds a match, then it will increment 'i', and the outer
loop will continue.
Once peer_off becomes larger than the number of matches
in a given chain, 'peer_ni' will be an invalid pointer, and
ksocknal_push_peer() will probably crash when called on it.
To abort the outer loop properly, we need to test if
"i <= peer_off", which indicates that all patching peers
have been found.
This bug can easily be reproduced by running
lctl --net tcp push
Signed-off-by: NeilBrown <neilb@suse.com>
WC-bug-id: https://jira.whamcloud.com/browse/LU-12101
Reviewed-on: https://review.whamcloud.com/34499
Reviewed-by: James Simmons <jsimmons@infradead.org>
Reviewed-by: Sonia Sharma <sharmaso@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
net/lnet/klnds/socklnd/socklnd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/lnet/klnds/socklnd/socklnd.c b/net/lnet/klnds/socklnd/socklnd.c
index 08feaf7..a422481 100644
--- a/net/lnet/klnds/socklnd/socklnd.c
+++ b/net/lnet/klnds/socklnd/socklnd.c
@@ -1952,7 +1952,7 @@ static int ksocknal_push(struct lnet_ni *ni, struct lnet_process_id id)
}
read_unlock(&ksocknal_data.ksnd_global_lock);
- if (!i) /* no match */
+ if (i <= peer_off) /* no match */
break;
rc = 0;
--
1.8.3.1
next prev parent reply other threads:[~2019-07-22 2:12 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-22 2:12 [lustre-devel] [PATCH 00/10] lustre: push patches ready from lustre-testing James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 01/10] lustre: ldlm: discard varname in ldlm_pool James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 02/10] lustre: lprocfs: use log2.h macros instead of shift loop James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 03/10] lustre: ptlrpc: make ptlrpc_bulk_frag_ops always const James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 04/10] lustre: mgc: remove llog_process_lock James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 05/10] lustre: don't declare extern variables in C files James Simmons
2019-07-22 2:12 ` James Simmons [this message]
2019-07-22 2:12 ` [lustre-devel] [PATCH 07/10] lustre: ptlrpc: remove inline on non-inlined functions James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 08/10] lustre: convert rsi_sem to a spinlock James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 09/10] lustre: ptlrpc: make ptlrpc_last_xid an atomic64_t James Simmons
2019-07-22 2:12 ` [lustre-devel] [PATCH 10/10] lustre: ptlrpc: simplify struct ptlrpc_request_set James Simmons
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1563761542-3708-7-git-send-email-jsimmons@infradead.org \
--to=jsimmons@infradead.org \
--cc=lustre-devel@lists.lustre.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).