Attention is currently required from: pespin.

daniel uploaded patch set #2 to this change.

View Change

osmo_io: Avoid potential double free when sending msgb

Ensure that a msgb  has the proper talloc parent:

All msgbs inside an iofd get the iofd as parent. Received msgbs are reparented
to iofd->msgb_alloc.ctx (which was set in osmo_iofd_setup()) before
being passed to the receive callback.

Before this change the code could fail for msgbs that are submitted via uring
where the (failed) write returns after the iofd has already been
osmo_iofd_free()d. free()ing the iofd is deferred until the write
completes, but the (iofd) parent context could have been free()d in the
meantime.

Change-Id: I3a279b55a3adff96948120683c844e1508d0ba94
---
M src/core/osmo_io.c
M src/core/osmo_io_internal.h
M src/core/osmo_io_poll.c
3 files changed, 42 insertions(+), 14 deletions(-)

git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/44/34144/2

To view, visit change 34144. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: libosmocore
Gerrit-Branch: master
Gerrit-Change-Id: I3a279b55a3adff96948120683c844e1508d0ba94
Gerrit-Change-Number: 34144
Gerrit-PatchSet: 2
Gerrit-Owner: daniel <dwillmann@sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: laforge <laforge@osmocom.org>
Gerrit-CC: pespin <pespin@sysmocom.de>
Gerrit-Attention: pespin <pespin@sysmocom.de>
Gerrit-MessageType: newpatchset