tapv2: abort in tap_create_if (VPP-1179)

The following command sequences cause the crash:

create tap id 0 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
set interface state tap0 up
set interface state tap1 up
delete tap tap0
delete tap tap1
create tap id 0 rx-ring-size 1024 tx-ring-size 1024

0: /home/sluong/vpp2/vpp/build-data/../src/vnet/interface_funcs.h:46
 (vnet_get_hw_interface) assertion `! pool_is_free (vnm->interface_main.hw_interfaces, _e)' fails

The reason for the crash is because when the tap interface is deleted,
the code does not remove the entry from the device queue. But the interface
is deleted anyway from vnet_main.interface_main.hw_interfaces.
When an interface is created again, it may encounter
the deleted entry in the device queue and crash. Notice create and delete a
single entry does not cause a crash. Need to create and delete 2 interfaces
to create a "hole" in the device queue.

Change-Id: I42ce0b7943d73b3eab32a16751a0a3183de62d9f
Signed-off-by: Steven <sluong@cisco.com>

diff --git a/src/vnet/devices/tap/tap.c b/src/vnet/devices/tap/tap.c
index de6107a..eb5a7a9 100644 (file)
--- a/src/vnet/devices/tap/tap.c
+++ b/src/vnet/devices/tap/tap.c
@@ -443,6 +443,7 @@ tap_delete_if (vlib_main_t * vm, u32 sw_if_index)
   /* bring down the interface */
   vnet_hw_interface_set_flags (vnm, vif->hw_if_index, 0);
   vnet_sw_interface_set_flags (vnm, vif->sw_if_index, 0);
+  vnet_hw_interface_unassign_rx_thread (vnm, vif->hw_if_index, 0);
 
   ethernet_delete_interface (vnm, vif->hw_if_index);
   vif->hw_if_index = ~0;