Fix SNAT rollback #700
Fix SNAT rollback #700
Conversation
|
The second commit is an addition as it occurred to me that having the |
|
Thanks for spotting this potential leak. I was able to understand the first two commits, but couldn't relate the third commit "Fix edge-case in SNAT deletion" with the wording in the issue description, as it seems to be a code reorg, which looks better for sure. Could you help to elaborate more or point to the relevant description in the issue? |
I edited the issue. The problem was that there was a quick-return but that jumped over the code at the end with This would become a bigger issue in the followup PRs as I will be adding more to the "finishing" part of this function |
PlagueCZ
force-pushed
the
fix/snat_rollback
branch
from
5f514e3 to
c52b306
Compare
byteocean
left a comment
byteocean
left a comment
There was a problem hiding this comment.
Approved as communicated
| DPS_LOG_ERR("Cannot lookup portmap key", DP_LOG_RET(ret)); | ||
| if (ret != -ENOENT) | ||
| return ret; | ||
| // otherwise already deleted, finish |
There was a problem hiding this comment.
I understand that this control flow fall through is intentional now so that it can hit the INC macro at the end but this would also cause the new code to hit the lines below for ret == ENOENT case.
created_port = dp_get_port_by_id(cntrack->created_port_id);
if (!created_port)
return DP_ERROR;
Was this intentional ?
There was a problem hiding this comment.
Yes. This is the commit that "fixes SNAT edge case" because previously it could have found a portmap entry (and immediately deleted it), but not found portoverload entry and then return without actually decreasing the counter.
Addressed rollback problems as per issue.
Hopefully I did not misunderstand the code flow, please verify.
Fixes #699