Skip to content

Fix a race between resolver query timeout and validation

The resolver.c:validated() function unlinks the current validator from the fetch's validators list, which can leave it empty, then unlocks the bucket lock. If, by a chance, the fetch was timed out just before the validated() call, the final timeout callback running in parallel with validated() can find the fetch context with no active fetches and with an empty validators list and destroy it, which is unexpected for the validated() function and can lead to a crash.

Increase the fetch context's reference count in the beginning of validated() and decrease it when it finishes its work to avoid the unexpected destruction of the fetch context.

Closes #3398 (closed)

Edited by Arаm Sаrgsyаn

Merge request reports