BUG/MINOR: mux-quic: free task on qc_init() app ops failure
qc_init() is used to initialize a QUIC MUX instance. On failure, each
resources are released via a series of goto statements. There is one
issue if the app_ops.init callback fails. In this case, MUX task is not
freed.
This can cause a crash as the task is already scheduled. When the
handler will run, it will crash when trying to access qcc instance.
To fix this, properly destroy qcc task on fail_install_app_ops label.
The impact of this bug is minor as app_ops.init callback succeeds most
of the time. However, it may fail on allocation failure due to memory
exhaustion.
This may fix github issue #2154.
This must be backported up to 2.7.
diff --git a/src/mux_quic.c b/src/mux_quic.c
index 15fd570..1ac9956 100644
--- a/src/mux_quic.c
+++ b/src/mux_quic.c
@@ -2569,6 +2569,7 @@
fail_install_app_ops:
if (qcc->app_ops && qcc->app_ops->release)
qcc->app_ops->release(qcc->ctx);
+ task_destroy(qcc->task);
fail_no_timeout_task:
tasklet_free(qcc->wait_event.tasklet);
fail_no_tasklet: