Padraig O'Briain wrote: > Ghee, > > Thanks for picking this up. > > Were you able to reproduce the bug or did you just inspect the code? I inspected the code based on the stack trace. I think I will ask the submitter to install a copy of the fix and let him run for a while before putting back the fix. Of course if you have more information to exercise the avahi-browse program, I can try to come up with a reproducible test case.
-Ghee > > The bug reporter seems to have just reported on how to reproduce it. > > Padraig > > On 02/18/09 20:28, Ghee Teo wrote: >> In avahi-03-entry.diff >> The function void avahi_cleanup_dead_entries(AvahiServer *s) >> >> attempts to free up group and entry. The same freeing function, >> avahi_service_free() >> >> which is where the corruption has occurred because the line >> /* Remove from associated group */ >> if (as->group) >> AVAHI_LLIST_REMOVE(AvahiService, services, as->group->services, as); >> >> has been called twice. >> The fix is to remove these lines fro the current patch. >> >> 2$ svn diff >> Index: patches/avahi-03-entry.diff >> =================================================================== >> --- patches/avahi-03-entry.diff (revision 17476) >> +++ patches/avahi-03-entry.diff (working copy) >> @@ -88,10 +88,6 @@ >> + /* Remove from linked list */ >> + AVAHI_LLIST_REMOVE(AvahiService, services, s->services, as); >> + >> -+ /* Remove from associated group */ >> -+ if (as->group) >> -+ AVAHI_LLIST_REMOVE(AvahiService, services, >> as->group->services, as); >> -+ >> + if (as->name) >> + avahi_free(as->name); >> + >> >> >> -Ghee >>
