• T
    SUNRPC: accept() may return sockets that are still in SYN_RECV · b2f21f7d
    Trond Myklebust 提交于
    We're seeing traces of the following form:
    
     [10952.396347] svc: transport ffff88042ba4a 000 dequeued, inuse=2
     [10952.396351] svc: tcp_accept ffff88042ba4 a000 sock ffff88042a6e4c80
     [10952.396362] nfsd: connect from 10.2.6.1, port=187
     [10952.396364] svc: svc_setup_socket ffff8800b99bcf00
     [10952.396368] setting up TCP socket for reading
     [10952.396370] svc: svc_setup_socket created ffff8803eb10a000 (inet ffff88042b75b800)
     [10952.396373] svc: transport ffff8803eb10a000 put into queue
     [10952.396375] svc: transport ffff88042ba4a000 put into queue
     [10952.396377] svc: server ffff8800bb0ec000 waiting for data (to = 3600000)
     [10952.396380] svc: transport ffff8803eb10a000 dequeued, inuse=2
     [10952.396381] svc_recv: found XPT_CLOSE
     [10952.396397] svc: svc_delete_xprt(ffff8803eb10a000)
     [10952.396398] svc: svc_tcp_sock_detach(ffff8803eb10a000)
     [10952.396399] svc: svc_sock_detach(ffff8803eb10a000)
     [10952.396412] svc: svc_sock_free(ffff8803eb10a000)
    
    i.e. an immediate close of the socket after initialisation.
    
    The culprit appears to be the test at the end of svc_tcp_init, which
    checks if the newly created socket is in the TCP_ESTABLISHED state,
    and immediately closes it if not. The evidence appears to suggest that
    the socket might still be in the SYN_RECV state at this time.
    
    The fix is to check for both states, and then to add a check in
    svc_tcp_state_change() to ensure we don't close the socket when
    it transitions into TCP_ESTABLISHED.
    Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
    Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
    b2f21f7d
svcsock.c 40.8 KB