Fix: flt.utils.trimmer: bt_message_put_ref() on freed message
Issue
=====
In this function, we convert a timestamp in second to a clock value in
order to create a stream activity beginning message. We create a new
message and proceed to call `clock_raw_value_from_ns_from_origin()` to
convert the timestamp to a clock value.
If this call fails, we put the reference on this message using
`bt_message_put_ref()`. This frees the message as the refcount was at 1
because it was just created.
The problem here is that we don't reset the `msg` pointer and return it
to the call via the output parameter. This pointer points to freed data.
The caller then figures that the function failed by looking at the
return value and proceed to call `bt_message_put_ref()` again resulting
and assertion failure.
This can be easily triggered by passing a `begin` parameter of value 0
to a trimmer component.
Solution
========
Use a local variable to keep the pointer to the newly created message
and move that reference to the output parameter only on success.
Drawbacks
=========
None.
Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
Change-Id: Id589f25d9ec6f555abd44ccb71e72af8e1684272
Reviewed-on: https://review.lttng.org/c/babeltrace/+/1314
Tested-by: jenkins
Reviewed-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
This page took 0.033687 seconds and 4 git commands to generate.
projects / babeltrace.git / commit
