CID 308517 (#1 of 1): Missing unlock (LOCK)
Valentin V. Bartenev
vbart at nginx.com
Wed Jun 12 01:47:41 UTC 2019
On Wednesday, 12 June 2019 04:11:42 MSK Ranier Vf wrote:
> Hi,
> You are right.
> But with this warning I think Coverity is correct (not false positive).
> file: ngx_unit.c
> line: 3161 nxt_unit_process_use(ctx, process, -1);
>
> If all conditions take true nxt_unit_process_use, free var process (line
> 2306).
[..]
The nxt_unit_process_use() increments and decrements reference counter
of the "process" object. When the reference counter turns 0, which
effectively means no references, it frees the object.
When "process" is allocated, the reference counter is initialized to 1.
Each time when a new "port" is added to the process->ports queue, the
reference counter is incremented.
> And in line 3183, nxt_unit_process_use is called again, now with var
> process freed.
That's wrong, because all previous calls of nxt_unit_process_use() in
this function related to iterating over the process->ports queue.
So, at that particular moment, when all ports have been removed,
the reference counter is at least 1, and the "process" object
is still there.
The code here is correct and won't double free the process object
while the reference counting is used correctly.
wbr, Valentin V. Bartenev
More information about the unit
mailing list