[PATCH V4 1/2] nvme-tcp: Prevent infinite loop if socket closes during CONNECTING state
Keith Busch
kbusch at kernel.org
Sat Apr 5 16:22:19 PDT 2025
On Fri, Apr 04, 2025 at 10:28:00AM +0200, Maurizio Lombardi wrote:
> There is a potential race condition that can occur if
> the target closes the socket while the host is in the CONNECTING state.
>
> If the socket's state changes to TCP_CLOSE, the nvme_tcp_state_change()
> function is invoked. However, nvme_tcp_error_recovery() is unable
> to transition the controller state to NVME_CTRL_RESETTING because
> the controller is still in the CONNECTING state. As a result, error
> recovery is bypassed, and the controller incorrectly transitions
> to the LIVE state with closed sockets.
>
> Subsequent attempts by the host to communicate with the target
> will result in an infinite loop.
>
> Fix the bug by initiating the error recovery process to correctly
> handle the disconnection in case we missed this event
> while transitioning from CONNECTING to LIVE.
Looks good.
Reviewed-by: Keith Busch <kbusch at kernel.org>
More information about the Linux-nvme
mailing list