From: Willy Tarreau <w@1wt.eu>
Date: Fri, 18 Mar 2022 16:37:20 +0000 (+0100)
Subject: BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner
X-Git-Tag: v2.6-dev4~52
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6e805dab2add31c7a60f2f4be933f8e6903151fe;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner

There's a rare race condition possible when trying to retrieve session from
a back connection's owner, that was fixed in 2.4 and described in commit
3aab17bd5 ("BUG/MAJOR: connection: reset conn->owner when detaching from
session list").

It also affects the trace code which does the same, so the same fix is
needed, i.e. check from conn->session_list that the connection is still
enlisted. It's visible when sending a few tens to hundreds of parallel
requests to an h2 backend and enabling traces in parallel.

This should be backported as far as 2.2 which is the oldest version
supporting traces.
---

diff --git a/src/trace.c b/src/trace.c
index 8a39854066..541acf2132 100644
--- a/src/trace.c
+++ b/src/trace.c
@@ -122,7 +122,7 @@ void __trace(enum trace_level level, uint64_t mask, struct trace_source *src,
 
 	if (!sess && strm)
 		sess = strm->sess;
-	else if (!sess && conn)
+	else if (!sess && conn && LIST_INLIST(&conn->session_list))
 		sess = conn->owner;
 	else if (!sess && check)
 		sess = check->sess;