rx: Avoid rxi_Delay on RXS_CheckResponse failure

Currently we rxi_Delay whenever RXS_CheckResponse fails for any
reason. This can result in disastrous performance degradations if a
client keeps sending "bad" responses, since rxi_Delay'ing here will
delay the Rx listener thread. This means we cannot receive any packets
for about a second, which can easily cause us to drop a lot of
incoming packets.

Instead, send the abort after 1 second by scheduling an event. This
will retain existing behavior from the point of view of the client
(it will get the abort after 1 second), but avoids hanging the Rx
listener thread.

FIXES 131802

(cherry picked from commit 0ec67b0a9a175af14e360da75d1f5429c6c97b24)

Change-Id: Idf2fb2cc26c013b9071d578b46f6d4831ff3fe5f

diff --git a/src/rx/rx.c b/src/rx/rx.c
index 8773234d99730c0567c80b81d4601072e4afdb07..58105277f9286bb3d6feb28339557cbd6eb0ad20 100644 (file)
--- a/src/rx/rx.c
+++ b/src/rx/rx.c
@@ -4816,13 +4816,12 @@ rxi_ReceiveResponsePacket(struct rx_connection *conn,
     error = RXS_CheckResponse(conn->securityObject, conn, np);
     if (error) {
        /* If the response is invalid, reset the connection, sending
-        * an abort to the peer */
-#ifndef KERNEL
-       rxi_Delay(1);
-#endif
+        * an abort to the peer. Send the abort with a 1 second delay,
+        * to avoid a peer hammering us by constantly recreating a
+        * connection with bad credentials. */
        rxi_ConnectionError(conn, error);
        MUTEX_ENTER(&conn->conn_data_lock);
-       np = rxi_SendConnectionAbort(conn, np, istack, 0);
+       rxi_SendConnectionAbortLater(conn, 1000);
        MUTEX_EXIT(&conn->conn_data_lock);
        return np;
     } else {