gerrit.fd Code Review - vpp.git/commit

author	Steven <sluong@cisco.com>
	Wed, 28 Feb 2018 19:00:34 +0000 (11:00 -0800)
committer	Damjan Marion <dmarion.lists@gmail.com>
	Wed, 28 Feb 2018 21:42:31 +0000 (21:42 +0000)
commit	0b8567331c3edf8b6aee51c849b8391a2922d9ab
tree	a962740e2ceb935711a9d7d3fbdceffddd84515a	tree \| snapshot
parent	a608b60641a5a2d482de5c2fbf2cb89e8c96d6d0	commit \| diff

tapv2: abort in tap_create_if (VPP-1179)

The following command sequences cause the crash:

create tap id 0 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
set interface state tap0 up
set interface state tap1 up
delete tap tap0
delete tap tap1
create tap id 0 rx-ring-size 1024 tx-ring-size 1024

0: /home/sluong/vpp2/vpp/build-data/../src/vnet/interface_funcs.h:46
(vnet_get_hw_interface) assertion `! pool_is_free (vnm->interface_main.hw_interfaces, _e)' fails

The reason for the crash is because when the tap interface is deleted,
the code does not remove the entry from the device queue. But the interface
is deleted anyway from vnet_main.interface_main.hw_interfaces.
When an interface is created again, it may encounter
the deleted entry in the device queue and crash. Notice create and delete a
single entry does not cause a crash. Need to create and delete 2 interfaces
to create a "hole" in the device queue.

Change-Id: I42ce0b7943d73b3eab32a16751a0a3183de62d9f
Signed-off-by: Steven <sluong@cisco.com>