On Wed, Jan 21, 2015 at 01:22:47PM +0100, Martin Pieuchot wrote:
> It is indeed confusing. I tried to check every cases but in the end I
> think that it might be better to decouple the removal from the routing
> table and the rtfree(). Updated diff below does that.
I think the code is not eqivalent. Note the &rt that is passed to
rtrequest1() in rtdeletemsg(). That allowed rtrequest1() to change
the route that got freed in the end.
Old code in rtflushclone1() did this;
call rtdeletemsg(rt)
get info from rt
call rtrequest1(info, &rt)
call rnh_lookup(info)
call rnh_deladdr(info)
store new route into *rt, which is variable in rtdeletemsg()
call rt_missmsg(info)
call rtfree(rt), which is the new route
New code in rtflushclone1 does this:
call rtdeletemsg(rt)
get info from rt
call rtrequest1(info, &rt)
call rnh_lookup(info)
call rnh_deladdr(info)
store new route into *rt, which is variable in rtdeletemsg()
call rt_missmsg(info)
call rtfree(rt), which is the original route
bluhm
