Crash due to fr_packet_cmp
Padam J Singh
padam.singh at inventum.cc
Wed Nov 18 11:44:37 CET 2009
Alan,
Could this be some sort of a compiler optimization that may be causing
this? May be some memory barrier is required?
Padam
Alan DeKok wrote:
> fabiana marvani wrote:
>
>> Why is not there a protection for "null pointer" to avoid this kind of
>> problem?
>>
>
> Because the design of the server means that this crash *should* be
> impossible.
>
> The request packet has been placed in a hash table. The crash comes
> because the request data structure is still in the hash, but the request
> packet has been freed. This should *not* happen.
>
> And reading src/main/event.c, there are only 3-4 locations in the code
> that reads/writes "request->packet". i.e. it FIRST removes the request
> from the hash, and THEN frees the packet. It's always in this order,
> and always done in the main thread.
>
> So I have no idea why this is happening...
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20091118/e05e9fcb/attachment.html>
More information about the Freeradius-Users
mailing list