[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] New release candidate - 4.2.3



On Mon, Feb 09, 2009 at 04:45:11PM +0100, Lars Ebeling wrote:
> Crashes on HP-UX 11.11
>
> #4  0x00017ec8 in sigsegv_handler (signum=8216) at sig.c:57
> #5  <signal handler called>
> #6  int_compare (a=0xa26bb, b=0x32b83) at rbtr.c:402
> #7  0x00017b38 in rbtFind (h=0xa26bb, key=0xa26bb) at rbtr.c:382
> #8  0x000059a0 in find_cookie (cookie=665275) at hobbitd.c:924

Hmm, yeah - I was kind of expecting that to happen (the same bug was in
an early 4.3.0 version I tested).

The attached patch should fix this.


Regards,
Henrik

Index: hobbitd/hobbitd.c
===================================================================
--- hobbitd/hobbitd.c	(revision 6100)
+++ hobbitd/hobbitd.c	(working copy)
@@ -921,7 +921,7 @@
 
 	dbgprintf("-> find_cookie\n");
 
-	cookiehandle = rbtFind(rbcookies, (void *)cookie);
+	cookiehandle = rbtFind(rbcookies, (void *)&cookie);
 	if (cookiehandle != rbtEnd(rbcookies)) {
 		result = gettreeitem(rbcookies, cookiehandle);
 		if (result->cookieexpires <= time(NULL)) result = NULL;
@@ -938,7 +938,7 @@
 
 	if (log->cookie <= 0) return;
 
-	cookiehandle = rbtFind(rbcookies, (void *)log->cookie);
+	cookiehandle = rbtFind(rbcookies, (void *)&log->cookie);
 	log->cookie = -1; log->cookieexpires = 0;
 
 	if (cookiehandle == rbtEnd(rbcookies)) return;
@@ -1134,7 +1134,7 @@
 			} while (find_cookie(newcookie));
 
 			log->cookie = newcookie;
-			rbtInsert(rbcookies, (void *)newcookie, log);
+			rbtInsert(rbcookies, (void *)&log->cookie, log);
 
 			/*
 			 * This is fundamentally flawed. The cookie should be generated by
@@ -3712,7 +3712,7 @@
 		else 
 			ltail->ackmsg = NULL;
 		ltail->cookie = cookie;
-		if (cookie > 0) rbtInsert(rbcookies, (void *)cookie, ltail);
+		if (cookie > 0) rbtInsert(rbcookies, (void *)&ltail->cookie, ltail);
 		ltail->cookieexpires = cookieexpires;
 		ltail->metas = NULL;
 		ltail->acklist = NULL;