From: Willy Tarreau Date: Fri, 18 Jun 2021 08:33:47 +0000 (+0200) Subject: MINOR: queue: update the stream's pend_pos before queuing it X-Git-Tag: v2.5-dev1~66 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=901972e261da6747aff7ea2ebbd0f35aec6a8a08;p=thirdparty%2Fhaproxy.git MINOR: queue: update the stream's pend_pos before queuing it Since commit c7eedf7a5 ("MINOR: queue: reduce the locked area in pendconn_add()") the stream's pend_pos is set out of the lock, after the pendconn is queued. While this entry is only manipulated by the stream itself and there is no bug caused by this right now, it's a bit dangerous because another thread could decide to look at this field during dequeuing and could randomly see something else. Also in case of crashes, memory inspection wouldn't be as trustable. Let's assign the pendconn before it can be found in the queue. --- diff --git a/src/queue.c b/src/queue.c index 6ff3404413..6c51dcd290 100644 --- a/src/queue.c +++ b/src/queue.c @@ -397,6 +397,7 @@ struct pendconn *pendconn_add(struct stream *strm) p->px = px; p->strm = strm; p->strm_flags = strm->flags; + strm->pend_pos = p; if (srv) { unsigned int old_max, new_max; @@ -430,7 +431,6 @@ struct pendconn *pendconn_add(struct stream *strm) eb32_insert(&px->pendconns, &p->node); HA_RWLOCK_WRUNLOCK(PROXY_LOCK, &p->px->lock); } - strm->pend_pos = p; _HA_ATOMIC_INC(&px->totpend); return p;