Fix double freed in remove_self_from_waiters()#58
Conversation
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
|
Can you revisit codebase to eliminate the similar misuse? |
Hi, Jserv, There is no remaining similar misuse after this PR merged. This PR is the last misuse case. |
|
I defer to @HeatCrab for confirmation. |
HeatCrab
left a comment
HeatCrab
left a comment
There was a problem hiding this comment.
Hi, I've reviewed the entire codebase for similar misuse patterns and confirmed that this is the only remaining instance that needs to be fixed.
LGTM.
jserv
left a comment
jserv
left a comment
There was a problem hiding this comment.
Append Close #57 at the end of git commit message.
vicLin8712
force-pushed
the
fix-double-free
branch
from
697fd63 to
4948444
Compare
visitorckw
left a comment
visitorckw
left a comment
There was a problem hiding this comment.
The code change itself LGTM.
I'm not sure if this description was generated by an LLM, but "prevent doubly function call' sounds a bit strange to me. Calling a function twice isn't an issue, whereas calling free() twice on the same pointer definitely is.
Also, did you omit the user impact from the commit message because it's already described in the issue? I think it's short enough to be included here. The commit message should be self-contained without requiring the reader to check external links.
One last thing: please avoid starting with "This commit". We know it's a commit. Please use the imperative mood instead.
free() is already invoked in list_remove(). Freeing the same pointer twice can crash the program with an invalid free error or corrupt the heap. Ensure a single memory-release path by removing the outer free() call. close sysprog21#57
vicLin8712
force-pushed
the
fix-double-free
branch
from
4948444 to
fc2339c
Compare
Hi @visitorckw, thanks for your feedback, and I've updated the new commit message. If you still have further suggestions, please let me know. |
|
Thank @vicLin8712 for contributing! |
4 participants
Fix double freed in remove_self_from_waiters()
free() is already invoked in list_remove(). Freeing the same pointer twice can crash the program with an invalid free error or corrupt the heap.
Ensure a single memory-release path by removing the outer free() call.
close #57
Summary by cubic
Removed redundant free in remove_self_from_waiters() to prevent a double-free when removing a waiter. list_remove() already frees the node, avoiding crashes and memory corruption in the mutex waiters list.
Written for commit 4948444. Summary will update automatically on new commits.