NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: misc/57491: dhcpd segfaulting
The following reply was made to PR misc/57491; it has been noted by GNATS.
From: Martin Husemann <martin%duskware.de@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc:
Subject: Re: misc/57491: dhcpd segfaulting
Date: Wed, 26 Jul 2023 17:16:55 +0200
On Wed, Jul 26, 2023 at 02:45:02PM +0000, Tobias Nygren wrote:
> #3 0x0000f2a3c4ceaf30 in timerevent_destroy (event0=0xf2a3c0908000)
> at /usr/src/external/mpl/bind/lib/libisc/../../dist/lib/isc/timer.c:224
> #4 0x0000f2a3c4d16094 in isc_event_free (eventp=0xf2a3bf5f5800)
> at /usr/src/external/mpl/bind/lib/libisc/../../dist/lib/isc/event.c:95
> #5 0x0000000005577fac in isclib_timer_callback ()
timerevent_destroy() clearly expects timer to be valid at this point,
and not going via this would mean we leave it linked on the
(libs) list.
It seems to me that we just have to swap the order,
i.e. do the isc_event_free() first before calling isc_timer_destroy().
Not sure if this is any good:
diff -u -p -r1.4 dispatch.c
--- dhcp/dist/common/dispatch.c 27 Jun 2023 09:10:25 -0000 1.4
+++ dhcp/dist/common/dispatch.c 26 Jul 2023 15:16:43 -0000
@@ -185,6 +185,7 @@ isclib_timer_callback(isc_task_t *taskp
q->next = free_timeouts;
isc_timer_destroy(&q->isc_timeout);
free_timeouts = q;
+ isc_event_free(&eventp);
} else {
/*
* Hmm, we should clean up the timer structure but aren't
@@ -192,9 +193,9 @@ isclib_timer_callback(isc_task_t *taskp
* don't try to - may change this to a log_fatal
*/
log_error("Error finding timer structure");
+ isc_event_free(&eventp);
}
- isc_event_free(&eventp);
return;
}
Martin
Home |
Main Index |
Thread Index |
Old Index