Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Thanks for the report and for the fix proposal.
However it is not clear to me how the crash is happening. In case of timeout (like it looks in your case) this line set sockptr to NULL so that, when sock_cb is called, "cell" iS ULL and thsi condition is false. From the backtrace we see that this is not the case in your crash because sockptr still holds the pointer to the cell that has already be unlinked and freed. I'm not sure what's happening in your case but:
On the patch side: you are right that we could, in sock_cb, lookup for the cell by the easy handler, there would be no need of a cell_tmp to compare with in this case.
Anyway this scenario should never occur this way so I would like to understand more.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.