summaryrefslogtreecommitdiffstats
path: root/src/vnet/session
diff options
context:
space:
mode:
authorDongya Zhang <fortitude.zhang@gmail.com>2022-11-03 15:22:34 +0800
committerDongya Zhang <fortitude.zhang@gmail.com>2022-11-03 16:22:54 +0800
commit7a87c71542ae42626e4bc4f5b9a1e98b8a8e400a (patch)
treedd6d0547701a8b2adfe66508874e0c95080b7c8e /src/vnet/session
parent39d6deca5f71ee4fe772c10d76ed5b65d1ebec44 (diff)
session: fix tx_fifo clear and incorrect bitmap invalidation
The tx_fifo of session may not be set up yet, if app request to disconnect the session, svm_fifo_dequeue_drop_all will crash. In debug image, ho_session_alloc will do clib_bitmap_validate to prevent race condition, however the input is not correct which will make vpp crash. Type: fix Change-Id: Ia8bff325d238eacb671e6764ea2a4eecd3fca609 Signed-off-by: Dongya Zhang <fortitude.zhang@gmail.com>
Diffstat (limited to 'src/vnet/session')
-rw-r--r--src/vnet/session/session.c14
-rw-r--r--src/vnet/session/session.h3
2 files changed, 12 insertions, 5 deletions
diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c
index a56ff9fe800..91e9ed5451d 100644
--- a/src/vnet/session/session.c
+++ b/src/vnet/session/session.c
@@ -1539,8 +1539,11 @@ session_close (session_t * s)
return;
}
- /* App closed so stop propagating dequeue notifications */
- svm_fifo_clear_deq_ntf (s->tx_fifo);
+ /* App closed so stop propagating dequeue notifications.
+ * App might disconnect session before connected, in this case,
+ * tx_fifo may not be setup yet, so clear only it's inited. */
+ if (s->tx_fifo)
+ svm_fifo_clear_deq_ntf (s->tx_fifo);
session_set_state (s, SESSION_STATE_CLOSING);
session_program_transport_ctrl_evt (s, SESSION_CTRL_EVT_CLOSE);
}
@@ -1553,8 +1556,11 @@ session_reset (session_t * s)
{
if (s->session_state >= SESSION_STATE_CLOSING)
return;
- /* Drop all outstanding tx data */
- svm_fifo_dequeue_drop_all (s->tx_fifo);
+ /* Drop all outstanding tx data
+ * App might disconnect session before connected, in this case,
+ * tx_fifo may not be setup yet, so clear only it's inited. */
+ if (s->tx_fifo)
+ svm_fifo_dequeue_drop_all (s->tx_fifo);
session_set_state (s, SESSION_STATE_CLOSING);
session_program_transport_ctrl_evt (s, SESSION_CTRL_EVT_RESET);
}
diff --git a/src/vnet/session/session.h b/src/vnet/session/session.h
index 54740e64cf0..0ccd3fb13bd 100644
--- a/src/vnet/session/session.h
+++ b/src/vnet/session/session.h
@@ -681,7 +681,8 @@ ho_session_alloc (void)
if (CLIB_DEBUG)
{
session_t *sp = session_main.wrk[0].sessions;
- clib_bitmap_validate (pool_header (sp)->free_bitmap, s->session_index);
+ clib_bitmap_validate (pool_header (sp)->free_bitmap,
+ s->session_index + 1);
}
return s;
}