Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

issue: 3594311 Fix segfault for delegate incoming handshake failure #180

Merged
merged 3 commits into from
Aug 21, 2024
Merged

issue: 3594311 Fix segfault for delegate incoming handshake failure #180

merged 3 commits into from
Aug 21, 2024

Conversation

AlexanderGrissik
Copy link
Collaborator

Description

Seg fault fix for delegated timers and cleanups

What

See commit comments.

Why ?

Crash fix for Nginx Proxy

Change type

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update
  • Refactoring (no functional changes, no api changes)
  • Build related changes
  • CI related changes
  • Documentation content changes
  • Tests
  • Other

Check list

  • Code follows the style de facto guidelines of this project
  • Comments have been inserted in hard to understand places
  • Documentation has been updated (if necessary)
  • Test has been added (if possible)

iftahl
iftahl reviewed Jul 10, 2024
View reviewed changes
Copy link
Collaborator

@iftahl iftahl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and regarding:
The handling of closing SYN_RCVD socket as part of handling FIN in sockinfo_tcp was removed, since we ignore FIN packets in SYN_RCVD state.

This socket closure will be done as part of "tcp_slowtmr - SYN_RCVD timeout"?

src/core/sock/sockinfo_tcp.cpp
{
lock_tcp_con();
child_conn->unlock_tcp_con();

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why don't we leave the child_conn locked through the whole function?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reminder: Remove accpted_conn loop.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed unneeded m_accepted_conn loop after setting m_parent=nullptr before putting the conenction into m_accepted_conn

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do need to unlock child because we lock listen socket. It will work without, but it is not a good practice to have two locks acquired by the same thread.

@AlexanderGrissik
Copy link
Collaborator Author

bot:retest

@AlexanderGrissik AlexanderGrissik added the bug Something isn't working label Jul 17, 2024
@AlexanderGrissik
Copy link
Collaborator Author

The case of FIN at SYN_RCVD state will be handled on timer. This is our current behavior until we decide to change that. RFC/Web do not state what exact behavior should implementation take in this case.

@AlexanderGrissik
Copy link
Collaborator Author

bot:retest

@AlexanderGrissik
issue: 3594311 Fix segfault for delegate incoming handshake failure
4dd3d3c 
When delegate mode is enabled, incoming sockets with failed handshake are not closed immediately
because in this mode socket object will be immediately destroyed in the middle of socket processing.
This leads to access after destroy in related flows.
Instead, we keep the socket in this list and the close() will be invoked as part of timers handling.
We reuse the socket_fd_list_node_offset var to build the list, since this var is used for epoll and
so guaranteed to be unused for half open sockets as application does not receive the fd for such sockets.
The handling of closing SYN_RCVD socket as part of handling FIN in sockinfo_tcp was removed, since
we ignore FIN packets in SYN_RCVD state. RFC https://datatracker.ietf.org/doc/html/rfc9293 does not
state precisely how to handle this case.

Call Hierarchy that may lead to termination of failed incoming connection:
handle_incoming_handshake_failure:
	err_lwip_cb:
		L3_level_tcp_input - In order RST received
		tcp_slowtmr - SYN_RCVD timeout
		tcp_abandon:
			tcp_listen_input: - SYN-ACK enqueue failure
				L3_level_tcp_input
			tcp_pcb_reuse: - SYN-ACK enqueue failure
				tcp_timewait_input:
					L3_level_tcp_input
			tcp_abort: - Unrelated to incoming handshake failure
				L3_level_tcp_input
				tcp_process:
					L3_level_tcp_input
				sockinfo_tcp::abort_connection()

Signed-off-by: Alexander Grissik <[email protected]>
@AlexanderGrissik
issue: 3594311 Removing unused m_received_syn_num
dae0ab4 
The member sockinfo_tcp::m_received_syn_num is unused

Signed-off-by: Alexander Grissik <[email protected]>
@AlexanderGrissik
issue: 3594311 Removing m_sysvar_tcp_ctl_thread precached variable
d860bf0 
Removing precached variable to decrease sockinfo_tcp and CPU cache utilization.

Signed-off-by: Alexander Grissik <[email protected]>
@AlexanderGrissik AlexanderGrissik merged commit 0188d29 into Mellanox:vNext Aug 21, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iftahl iftahl iftahl approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AlexanderGrissik @iftahl