From 3dc4e5a5b947aa55b65a6bde17bbce331586894b Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Tue, 13 Sep 2022 16:49:21 +0200 Subject: [PATCH] BUG/MINOR: mux-quic: do not keep detached qcs with empty Tx buffers A qcs instance free may be postponed in stream detach operation if the stream is not locally closed. This condition is there to achieve transfering data still present in Tx buffer. Once all data have been emitted to quic-conn layer, qcs instance can be released. However, the stream is only closed locally if HTX EOM has been seen or it has been resetted. In case the transfer finished without EOM, a detached qcs won't be freed even if there is no more activity on it. This bug was not reproduced but was found on code analysis. Its precise impact is unknown but it should not cause any leak as all qcs instances are freed with its parent qcc connection : this should eventually happen on MUX timeout or QUIC idle timeout. To adjust this, condition to mark a stream as locally closed has been extended. On qcc_streams_sent_done() notification, if its Tx buffer has been fully transmitted, it will be closed if either FIN STREAM was set or the stream is detached. This must be backported up to 2.6. --- src/mux_quic.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/mux_quic.c b/src/mux_quic.c index 38c863dee..83672cb0b 100644 --- a/src/mux_quic.c +++ b/src/mux_quic.c @@ -1436,7 +1436,8 @@ void qcc_streams_sent_done(struct qcs *qcs, uint64_t data, uint64_t offset) } } - if (qcs->tx.offset == qcs->tx.sent_offset && qcs_stream_fin(qcs)) { + if (qcs->tx.offset == qcs->tx.sent_offset && !b_data(&qcs->tx.buf) && + qcs->flags & (QC_SF_FIN_STREAM|QC_SF_DETACH)) { /* Close stream locally. */ qcs_close_local(qcs); /* Reset flag to not emit multiple FIN STREAM frames. */ @@ -2226,6 +2227,9 @@ static size_t qc_snd_buf(struct stconn *sc, struct buffer *buf, TRACE_ENTER(QMUX_EV_STRM_SEND, qcs->qcc->conn, qcs); + /* stream layer has been detached so no transfer must occur after. */ + BUG_ON_HOT(qcs->flags & QC_SF_DETACH); + if (qcs_is_close_local(qcs) || (qcs->flags & QC_SF_TO_RESET)) { ret = count; goto end;