[ovs-dev] [PATCH] dpif-linux: Recheck the socket pointer existence before getting its pid.

[Alex Wang]

This commit fixes a race between port deletion and flow miss handling.
More specifically, a port could be removed while handling the flow
miss from it.  If the flow requires slow path action, the handler
thread will try querying a pid from port's sockets.  Since the port
has been deleted, the query will cause a dereference of NULL socket
pointer.

This commit makes the handler thread recheck the socket pointer before
dereferencing it.

VMware-BZ: 1251981

Reported-by: Pratap Reddy <preddy at nicira.com>
Signed-off-by: Alex Wang <alexw at nicira.com>
---
 lib/dpif-linux.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/dpif-linux.c b/lib/dpif-linux.c
index 0eac3e7..b7495ce 100644
--- a/lib/dpif-linux.c
+++ b/lib/dpif-linux.c
@@ -831,7 +831,11 @@ dpif_linux_port_get_pid__(const struct dpif_linux *dpif, odp_port_t port_no,
         uint32_t idx = port_idx >= dpif->uc_array_size ? 0 : port_idx;
         struct dpif_handler *h = &dpif->handlers[hash % dpif->n_handlers];
 
-        pid = nl_sock_pid(h->channels[idx].sock);
+        /* Needs to check in case the socket pointer is changed in between
+         * of holding the locks. */
+        if (h->channels[idx].sock) {
+            pid = nl_sock_pid(h->channels[idx].sock);
+        }
     }
 
     return pid;
-- 
1.7.9.5