On Wed, Nov 3, 2010 at 2:35 PM, Denis Bilenko <denis.bile...@gmail.com> wrote:
> On Wed, Nov 3, 2010 at 10:38 PM, Nick Mathewson <ni...@freehaven.net> wrote:
>>> Probably the right answer here is to add a reference count to the
>>> request, and not actually free it until the reference count hits zero.
>>
>> Actually, we can go even simpler. Here's the patch I've got in mind.
>>
>> There may be better ways to do this, and simplify the code even more,
>> but I'd rather keep changes to this rats'-nest nice and minimal while
>> we're trying to stabilize it.
>>
>> Denis, does this fix stuff for you?
>
> No, it's still crashes. The crash is now more certain though.
>
> This seems wrong:
>
> + if (! req->handle->pending_cb) {
> + /* If we're planning to run the callback,
> + * don't free the handle until later. */
> + mm_free(req->handle);
> + }
> + req->handle->current_req = NULL;
>
> You free req->handle and then access it.
Ugh. What if we move "req->handle->current_req =NULL" to *above* that "if" ?
***********************************************************************
To unsubscribe, send an e-mail to majord...@freehaven.net with
unsubscribe libevent-users in the body.
