Fix closing flushed channel
Fix reading from freed memory. Free at: channel_set_state(c, CS_DOWN) Read at: WALK_LIST2_DELSAFE(c, n, x, tab->channels, table_node) ==00:00:00:00.261 24718== ==00:00:09:31.755 24718== Invalid read of size 8 ==00:00:09:31.755 24718== at 0x4061BA: rt_prune_table (rt-table.c:1688) ==00:00:09:31.755 24718== by 0x405D5E: rt_event (rt-table.c:1559) ==00:00:09:31.755 24718== by 0x45D089: ev_run (event.c:85) ==00:00:09:31.755 24718== by 0x45D158: ev_run_list (event.c:142) ==00:00:09:31.755 24718== by 0x462814: io_loop (io.c:2412) ==00:00:09:31.755 24718== by 0x468712: main (main.c:833) ==00:00:09:31.755 24718== Address 0x5601538 is 136 bytes inside a block of size 304 free'd ==00:00:09:31.755 24718== at 0x4C29D2A: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==00:00:09:31.755 24718== by 0x46FF3E: rfree (resource.c:166) ==00:00:09:31.755 24718== by 0x470309: mb_free (resource.c:415) ==00:00:09:31.755 24718== by 0x406A6B: rt_unlock_table (rt-table.c:1921) ==00:00:09:31.755 24718== by 0x40DAE3: channel_do_down (proto.c:297) ==00:00:09:31.755 24718== by 0x40DD46: channel_set_state (proto.c:359) ==00:00:09:31.755 24718== by 0x4061AD: rt_prune_table (rt-table.c:1692) ==00:00:09:31.755 24718== by 0x405D5E: rt_event (rt-table.c:1559) ==00:00:09:31.755 24718== by 0x45D089: ev_run (event.c:85) ==00:00:09:31.755 24718== by 0x45D158: ev_run_list (event.c:142) ==00:00:09:31.755 24718== by 0x462814: io_loop (io.c:2412) ==00:00:09:31.755 24718== by 0x468712: main (main.c:833) ==00:00:09:31.755 24718== Block was alloc'd at ==00:00:09:31.755 24718== at 0x4C28C10: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==00:00:09:31.755 24718== by 0x470FBC: bird_xmalloc (xmalloc.c:29) ==00:00:09:31.755 24718== by 0x4701E6: mb_alloc (resource.c:339) ==00:00:09:31.755 24718== by 0x406C29: rt_commit (rt-table.c:1977) ==00:00:09:31.755 24718== by 0x45C36D: config_do_commit (conf.c:269) ==00:00:09:31.755 24718== by 0x45C545: config_commit (conf.c:361) ==00:00:09:31.755 24718== by 0x4686F9: main (main.c:822) ==00:00:09:31.755 24718==
This commit is contained in:
Pavel Tvrdík
parent
2a013bb3a0
commit
1bb3ecb2a5
1 changed files with 4 additions and 1 deletions
|
|
@ -1689,7 +1689,10 @@ again:
|
||||||
if (c->flush_active)
|
if (c->flush_active)
|
||||||
{
|
{
|
||||||
c->flush_active = 0;
|
c->flush_active = 0;
|
||||||
channel_set_state(c, CS_DOWN);
|
struct rtable_config *rtab_cf = c->table->config;
|
||||||
|
channel_set_state(c, CS_DOWN); /* Can free (struct rtable *) c->table */
|
||||||
|
if (rtab_cf->table == NULL)
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return;
|
return;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue