BUG/MINOR: quic: fix race-condition on trace for CID retrieval

quic_rx_pkt_retrieve_conn() is used when parsing a received datagram
from the listener socket. It returned the quic_conn instance
corresponding to the first packet DCID, unless it is mapped to another
thread.

As expected, global CID tree access is protected by a lock in the
function. However, there is a race condition due to the final trace
where qc instance is dereferenced outside of the lock. Fix this by
adding a new trace under lock protection and remove qc deferencement at
function end.

This may fix first crash of github issue #2607.

This must be backported up to 2.8.

(cherry picked from commit bbb9f82)
Signed-off-by: Christopher Faulet <[email protected]>

Author: a-denoyelle

src/quic_cid.c

@@ -257,10 +257,11 @@ struct quic_conn *retrieve_qc_conn_from_cid(struct quic_rx_packet *pkt,
 		goto end;
 	}
 	qc = conn_id->qc;
+	TRACE_DEVEL("found connection", QUIC_EV_CONN_RXPKT, qc);
 
  end:
 	HA_RWLOCK_RDUNLOCK(QC_CID_LOCK, &tree->lock);
-	TRACE_LEAVE(QUIC_EV_CONN_RXPKT, qc);
+	TRACE_LEAVE(QUIC_EV_CONN_RXPKT);
 	return qc;
 }