BUG/MINOR: listener: close tiny race between resume_listener() and stopping
Pierre Cheynier reported a very rare race condition on soft-stop in the
listeners. What happens is that if a previously limited listener is
being resumed by another thread finishing an accept loop, and at the
same time a soft-stop is performed, the soft-stop will turn the
listener's state to LI_INIT, and once the listener's lock is released,
resume_listener() in the second thread will try to resume this listener
which has an fd==-1, yielding a crash in listener_set_state():
FATAL: bug condition "l->rx.fd == -1" matched at src/listener.c:288
The reason is that resume_listener() only checks for LI_READY, but doesn't
consider being called with a non-initialized or a stopped listener. Let's
also make sure we don't try to ressuscitate such a listener there.
This will have to be backported to all versions.
diff --git a/src/listener.c b/src/listener.c
index c94702a..aa466d0 100644
--- a/src/listener.c
+++ b/src/listener.c
@@ -530,6 +530,10 @@
if (l->state == LI_READY)
goto end;
+ /* the listener might have been stopped in parallel */
+ if (l->state < LI_PAUSED)
+ goto end;
+
if (l->rx.proto->resume)
ret = l->rx.proto->resume(l);