• Vasily Averin's avatar
    sunrpc: fix cache_head leak due to queued request · 4ecd55ea
    Vasily Averin authored
    After commit d202cce8, an expired cache_head can be removed from the
    cache_detail's hash.
    
    However, the expired cache_head may be waiting for a reply from a
    previously submitted request. Such a cache_head has an increased
    refcounter and therefore it won't be freed after cache_put(freeme).
    
    Because the cache_head was removed from the hash it cannot be found
    during cache_clean() and can be leaked forever, together with stalled
    cache_request and other taken resources.
    
    In our case we noticed it because an entry in the export cache was
    holding a reference on a filesystem.
    
    Fixes d202cce8 ("sunrpc: never return expired entries in sunrpc_cache_lookup")
    Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Cc: stable@kernel.org # 2.6.35
    Signed-off-by: default avatarVasily Averin <vvs@virtuozzo.com>
    Reviewed-by: default avatarNeilBrown <neilb@suse.com>
    Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
    4ecd55ea
cache.c 45.2 KB