From 7a47e5e5f9ea8c996bfcbe3997513e00a2694fef Mon Sep 17 00:00:00 2001
From: Davide Caratti <dcaratti@redhat.com>
Date: Thu, 3 Nov 2022 14:41:06 +0100
Subject: [PATCH] fix segfault on element removal

when elements' lifetime reaches 0, and program is compiled with debug, bmon
gets a segmentation fault:

 Program received signal SIGSEGV, Segmentation fault.
                                                    __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:74
 Downloading 0.00 MB source file /usr/src/debug/glibc-2.34-43.fc35.x86_64/string/../sysdeps/x86_64/multiarch/strlen-avx2.S
 74              VPCMPEQ (%rdi), %ymm0, %ymm1
 (gdb) bt
 #0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:74
 #1  0x00007ffff7a84228 in __vfprintf_internal (s=s@entry=0x7fffffffb9f0,
     format=0x410f08 "[DBG] %20s:%-4u %s: Deleting dead element %s\n", ap=0x7fffffffdb30, mode_flags=0)
     at vfprintf-internal.c:1647
 #2  0x00007ffff7a849ef in buffered_vfprintf (s=0x7ffff7bfb6a0 <_IO_2_1_stderr_>,
     format=format@entry=0x410f08 "[DBG] %20s:%-4u %s: Deleting dead element %s\n", args=args@entry=0x7fffffffdb30,
     mode_flags=mode_flags@entry=0) at vfprintf-internal.c:2295
 #3  0x00007ffff7a839cb in __vfprintf_internal (s=<optimized out>,
     format=0x410f08 "[DBG] %20s:%-4u %s: Deleting dead element %s\n", ap=ap@entry=0x7fffffffdb30,
     mode_flags=mode_flags@entry=0) at vfprintf-internal.c:1377
 #4  0x00007ffff7a6f3ca in __fprintf (stream=<optimized out>, format=<optimized out>) at fprintf.c:32
 #5  0x0000000000406339 in __group_foreach_element (g=g@entry=0x422ae0, list=list@entry=0x4da940,
     cb=cb@entry=0x407260 <element_check_if_dead>, arg=arg@entry=0x0) at group.c:45
 #6  0x0000000000406351 in __group_foreach_element (g=g@entry=0x422ae0, list=list@entry=0x4d6d40,
     cb=cb@entry=0x407260 <element_check_if_dead>, arg=arg@entry=0x0) at group.c:48
 #7  0x0000000000406351 in __group_foreach_element (g=0x422ae0, list=0x422af0, cb=0x407260 <element_check_if_dead>,
     arg=arg@entry=0x0) at group.c:48
 #8  0x0000000000406750 in group_foreach_recursive (arg=0x0, cb=<optimized out>) at group.c:67
 #9  free_unused_elements () at group.c:192
 #10 0x00000000004041f0 in main (argc=<optimized out>, argv=0x7fffffffdfb8) at bmon.c:350
 (gdb)

this happens because 'e->e_name' is used by 'DBG()' after the call to
element_free(e); calling DBG(...) before element_free() proved to fix the
above crash.

Signed-off-by: Davide Caratti <dcaratti@redhat.com>
---
 src/element.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/element.c b/src/element.c
index 32917db..2306695 100644
--- a/src/element.c
+++ b/src/element.c
@@ -322,8 +322,8 @@ void element_check_if_dead(struct element_group *g,
 			   struct element *e, void *arg)
 {
 	if (--(e->e_lifecycles) <= 0) {
-		element_free(e);
 		DBG("Deleting dead element %s", e->e_name);
+		element_free(e);
 	}
 }