From 2b7a3c474c52ef89c48fb66f16b084b4ee196367 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Mon, 22 Mar 2021 13:29:52 +0100 Subject: [PATCH] BUG/MEDIUM: mux-fcgi: Fix locking of idle_conns lock in the FCGI I/O callback When the commit e388f2fbc ("MEDIUM: muxes: mark idle conns tasklets with TASK_F_USR1") was backported (commit id b360bb88 on the 2.3), a call to HA_SPIN_UNLOCK() was missed and not moved in the right code block. Thus it is possible to unlock the idle_conns lock while it was never acquired. This patch should fix the issue #1191. It is 2.3 specific, thus there is no upstream commid id. No backport is needed except if commit b360bb88 is backported. --- src/mux_fcgi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/mux_fcgi.c b/src/mux_fcgi.c index 08dde23..5f3989a 100644 --- a/src/mux_fcgi.c +++ b/src/mux_fcgi.c @@ -2957,13 +2957,14 @@ struct task *fcgi_io_cb(struct task *t, void *ctx, unsigned short status) conn_in_list = conn->flags & CO_FL_LIST_MASK; if (conn_in_list) MT_LIST_DEL(&conn->list); + + HA_SPIN_UNLOCK(OTHER_LOCK, &idle_conns[tid].takeover_lock); } else { /* we're certain the connection was not in an idle list */ conn = fconn->conn; TRACE_ENTER(FCGI_EV_FCONN_WAKE, conn); conn_in_list = 0; } - HA_SPIN_UNLOCK(OTHER_LOCK, &idle_conns[tid].takeover_lock); if (!(fconn->wait_event.events & SUB_RETRY_SEND)) ret = fcgi_send(fconn); -- 1.7.10.4