Race condition in socket closing / address binding / DHCP

peku33 wrote on Wednesday, August 10, 2016:


I’m using FreeRTOS 9.0 / Labs TCP project. I discovered a possibility of race condition in process of binding / releasing socket.

The main issue is, that under higher system loads, the DHCP tasks likes to call
configASSERT( xReturn == 0 );
just after
xReturn = vSocketBind( xDHCPData.xDHCPSocket, &xAddress, sizeof( xAddress ), pdFALSE );

After investigation i found this is because of Address in use problem.

This is (most likely) caused by delay between FreeRTOS_closesocket( xDHCPData.xDHCPSocket ); and actual freeing of bind in vSocketClose (which is delayed to task).

Before the port is released, the DHCP socket is recreated and bind fails causing assertion to kill the system.

While I’m able to understand why releasing buffers is delayed, I’m not able to get why removing of bind isn’t done immediately.

Possible solution (but I’m not sure if there aren’t any other constraints) is to move uxListRemove( &( pxSocket->xBoundSocketListItem ) ); to FreeRTOS_closesocket instead of vSocketClose.

Best regards, Paweł Kubrak

rtel wrote on Thursday, August 11, 2016:

Thank you for your feedback - this will be investigated and reported back.

heinbali01 wrote on Saturday, August 13, 2016:

As the DHCP code always runs from within the IP-task, I think it is safe to call the internal close function vSocketClose().

Public API				Internal call

FreeRTOS_closesocket	vSocketClose
FreeRTOS_bind			vSocketBind

Within FreeRTOS_DHCP.c, could you replace all occurrences of FreeRTOS_closesocket() with vSocketClose() and see if that helps?

I just tried that myself and it works fine for me.