slirp: fix clearing ifq_so from pending packets
The if_fastq and if_batchq contain not only packets, but queues of packets for the same socket. When sofree frees a socket, it thus has to clear ifq_so from all the packets from the queues, not only the first. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
parent
29c8564a7d
commit
1201d30851
|
@ -59,6 +59,27 @@ socreate(Slirp *slirp)
|
||||||
return(so);
|
return(so);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Remove references to so from the given message queue.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
soqfree(struct socket *so, struct quehead *qh)
|
||||||
|
{
|
||||||
|
struct mbuf *ifq;
|
||||||
|
|
||||||
|
for (ifq = (struct mbuf *) qh->qh_link;
|
||||||
|
(struct quehead *) ifq != qh;
|
||||||
|
ifq = ifq->ifq_next) {
|
||||||
|
if (ifq->ifq_so == so) {
|
||||||
|
struct mbuf *ifm;
|
||||||
|
ifq->ifq_so = NULL;
|
||||||
|
for (ifm = ifq->ifs_next; ifm != ifq; ifm = ifm->ifs_next) {
|
||||||
|
ifm->ifq_so = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* remque and free a socket, clobber cache
|
* remque and free a socket, clobber cache
|
||||||
*/
|
*/
|
||||||
|
@ -66,23 +87,9 @@ void
|
||||||
sofree(struct socket *so)
|
sofree(struct socket *so)
|
||||||
{
|
{
|
||||||
Slirp *slirp = so->slirp;
|
Slirp *slirp = so->slirp;
|
||||||
struct mbuf *ifm;
|
|
||||||
|
|
||||||
for (ifm = (struct mbuf *) slirp->if_fastq.qh_link;
|
soqfree(so, &slirp->if_fastq);
|
||||||
(struct quehead *) ifm != &slirp->if_fastq;
|
soqfree(so, &slirp->if_batchq);
|
||||||
ifm = ifm->ifq_next) {
|
|
||||||
if (ifm->ifq_so == so) {
|
|
||||||
ifm->ifq_so = NULL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
for (ifm = (struct mbuf *) slirp->if_batchq.qh_link;
|
|
||||||
(struct quehead *) ifm != &slirp->if_batchq;
|
|
||||||
ifm = ifm->ifq_next) {
|
|
||||||
if (ifm->ifq_so == so) {
|
|
||||||
ifm->ifq_so = NULL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (so->so_emu==EMU_RSH && so->extra) {
|
if (so->so_emu==EMU_RSH && so->extra) {
|
||||||
sofree(so->extra);
|
sofree(so->extra);
|
||||||
|
|
Loading…
Reference in New Issue