From: Sam Mendoza-Jonas <sam@mendozajonas.com>
Date: Tue, 15 Mar 2016 02:35:21 +0000 (+1100)
Subject: discover/boot: Safely cleanup after failed load
X-Git-Tag: v1.0.0~3
X-Git-Url: http://git.ozlabs.org/?p=petitboot;a=commitdiff_plain;h=66ff1c8d36be43e53831a7ada7e2d10bac516afe

discover/boot: Safely cleanup after failed load

If a call to load_url_async() fails immediately, boot() will free the
boot task and return. If other jobs started by load_url_async()
are still running they will attempt to free their task struct in
load_url_process_exit(), however the original boot task is the parent
context of this process task, resulting in a double-free.

Instead call cleanup_cancellations if an error immediately occurs to
cancel any pending load operations safely before freeing the boot task.

Signed-off-by: Sam Mendoza-Jonas <sam@mendozajonas.com>
---

diff --git a/discover/boot.c b/discover/boot.c
index 7778b3f..0d3491f 100644
--- a/discover/boot.c
+++ b/discover/boot.c
@@ -486,9 +486,10 @@ struct boot_task *boot(void *ctx, struct discover_boot_option *opt,
 	  || start_url_load(boot_task, "initrd", initrd, &boot_task->initrd)
 	  || start_url_load(boot_task, "dtb", dtb, &boot_task->dtb);
 
-	/* If all URLs are local, we may be done. */
 	if (rc) {
-		talloc_free(boot_task);
+		/* Don't call boot_cancel() to preserve the status update */
+		boot_task->cancelled = true;
+		cleanup_cancellations(boot_task, NULL);
 		return NULL;
 	}