From 88c6cf5e08792a86853a27b94944dc9df1d3a330 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Wed, 12 Dec 2018 17:37:54 -0500 Subject: [PATCH] Fix: do not repurpose iterator while it is being used MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The hash table iteration uses an iterator that needs to stay valid for the next loop. Using that same iterator variable in a nested lookup in a different hash table leads to segmentation fault. This is a 2.10-specific instance of the issue affecting bind_trigger_to_matching_channels() which was found in the master and 2.11 branches. This one affects handle_notification_thread_command_register_trigger(). Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-sessiond/notification-thread-events.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/bin/lttng-sessiond/notification-thread-events.c b/src/bin/lttng-sessiond/notification-thread-events.c index 6777fd6dd..f54141e73 100644 --- a/src/bin/lttng-sessiond/notification-thread-events.c +++ b/src/bin/lttng-sessiond/notification-thread-events.c @@ -1119,6 +1119,7 @@ int handle_notification_thread_command_register_trigger( channels_ht_node) { struct lttng_trigger_list_element *trigger_list_element; struct lttng_channel_trigger_list *trigger_list; + struct cds_lfht_iter lookup_iter; if (!trigger_applies_to_channel(trigger, channel)) { continue; @@ -1128,8 +1129,8 @@ int handle_notification_thread_command_register_trigger( hash_channel_key(&channel->key), match_channel_trigger_list, &channel->key, - &iter); - node = cds_lfht_iter_get_node(&iter); + &lookup_iter); + node = cds_lfht_iter_get_node(&lookup_iter); assert(node); trigger_list = caa_container_of(node, struct lttng_channel_trigger_list, -- 2.34.1