Hi,

I was discussing this crash[1] with Jan at the 29C3 and recently in Iceland. On top of that Katarina pointed me to the best practises[2] of talloc. In general I disagree with them[3] but they provide a nice solution for the SGSN/MSGB ownership issue.

Methods that send a msgb should create a new local context and attach it to a global context for all local contexts (so we see them in the leak report). This would probably be done with a helper function in libosmocore.

Once the msgb is created, we will steal it into the local context. Then we pass it down the rabbit hole. Once it is reaching the write_queue it is stolen back (or into a write queue context). The initial caller will free his local context. And now there are three options:

a.) The msgb has made it into the write_queue. b.) The msgb has been already deleted due to an error c.) The msgb is still in the local context and will be freed.

Using the talloc_steal and the local context will make sure we do not leak and do not double free. We can (and should) add a warning to see under which circumstances the msgb has not been freed.

I think the implementation of this will be about 10-15 lines of code (probably too optimistic).

comments? holger

[1] http://openbsc.osmocom.org/trac/ticket/55 [2] http://talloc.samba.org/talloc/doc/html/libtalloc__bestpractices.html [3] Most of our functions only allocate one object. There is no point in having a hierachy of ROOT -> SingleObject. This indirection is wasteful in most cases.