Bug 274991 - telnet hangs due to infinite loop condition
telnet hangs due to infinite loop condition
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: telnet (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Adam Tkac
Fedora Extras Quality Assurance
:
Depends On: 196134
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-03 04:36 EDT by Adam Tkac
Modified: 2013-04-30 19:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-09-20 05:23:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Tkac 2007-09-03 04:36:27 EDT
+++ This bug was initially created as a clone of Bug #196134 +++

Description of problem:
Two telnet client sessions try to contact same server at the same time. One of 
the client will go into a loop consuming large amounts of CPU time.

Version-Release number of selected component (if applicable):
telnet-0.17-26

How reproducible:
It is difficult to reproduce. But the code indicates potential bug


Steps to Reproduce:
netkit-telnet-0.17/telnet/sys_bsd.c in TerminalNewMode()
-----
  if (old < 0 || old > 1) {
#ifdef  USE_TERMIO
        tcgetattr(tin, &tmp_tc);
#endif  /* USE_TERMIO */
        do {
            /*
             * Wait for data to drain, then flush again.
             */
#ifdef  USE_TERMIO
            tcsetattr(tin, TCSADRAIN, &tmp_tc);
#endif  /* USE_TERMIO */
            old = ttyflush(SYNCHing|flushout);
        } while (old < 0 || old > 1);
    }
---------
If there is a problem due to nospace, or interruption inside loop. Telnet 
process hangs with large CPU consmption.

Actual results:
Telnet client process hangs and consumes large CPU.

Expected results:
non working telnet process should come out and should not consume CPU

Additional info:
The code change that would alleviate the problem is in the first code segment - 
the do loop in TerminalNewMode() should be changed to continue only for certain 
errors - new code:

          do {
              /*
               * Wait for data to drain, then flush again.
               */
#ifdef  USE_TERMIO
              tcsetattr(tin, TCSADRAIN, &tmp_tc); #endif  /* USE_TERMIO 
*/
              old = ttyflush(SYNCHing|flushout);
              if (old < 0) {
                  if (! (   (errno == EINTR)
                          || (errno == EAGAIN)
                          || (errno == ENOSPC))) {
                      break;
                  }
              }
          } while (old < 0 || old > 1);
Comment 1 Adam Tkac 2007-09-20 05:23:47 EDT
fixed in 0.17-40

Note You need to log in before you can comment on or make changes to this bug.