• David Howells's avatar
    afs: Fix missing cursor clearance · fe4d774c
    David Howells authored
    afs_select_fileserver() ends the address cursor it is using in the case in
    which we get some sort of network error and run out of addresses to iterate
    through, before it jumps to try the next server.  This also needs to be
    done when the server aborts with some sort of error that means we should
    try the next server.
    
    Fix this by:
    
     (1) Move the iterate_address afs_end_cursor() call to the next_server
         case.
    
     (2) End the cursor in the failed case.
    
     (3) Make afs_end_cursor() clear the ->begun flag and ->addr pointer in the
         address cursor.
    
     (4) Make afs_end_cursor() able to be called on an already cleared cursor.
    
    Without this, something like the following oops may occur:
    
    	AFS: Assertion failed
    	18446612134397189888 == 0 is false
    	0xffff88007c279f00 == 0x0 is false
    	------------[ cut here ]------------
    	kernel BUG at fs/afs/rotate.c:360!
    	RIP: 0010:afs_select_fileserver+0x79b/0xa30 [kafs]
    	Call Trace:
    	 afs_statfs+0xcc/0x180 [kafs]
    	 ? p9_client_statfs+0x9e/0x110 [9pnet]
    	 ? _cond_resched+0x19/0x40
    	 statfs_by_dentry+0x6d/0x90
    	 vfs_statfs+0x1b/0xc0
    	 user_statfs+0x4b/0x80
    	 SYSC_statfs+0x15/0x30
    	 SyS_statfs+0xe/0x10
    	 entry_SYSCALL_64_fastpath+0x20/0x83
    
    Fixes: d2ddc776 ("afs: Overhaul volume and server record caching and fileserver rotation")
    Reported-by: default avatarMarc Dionne <marc.dionne@auristor.com>
    Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
    cc: stable@vger.kernel.org
    fe4d774c
rotate.c 18.8 KB