From 03803a9d792d613e60fcc0b5e810e68488e17b87 Mon Sep 17 00:00:00 2001
From: zwelch <zwelch@b42882b7-edfa-0310-969c-e2dbd0fdcd60>
Date: Tue, 16 Jun 2009 00:22:52 +0000
Subject: [PATCH] David Brownell <david-b@pacbell.net>:

Fix a memory leak in jtag_tap_free():  unregister the event
callback too.

Also fix the associated conceptual bug in unregistering JTAG
event callbacks:  since the same callback procedure is used
many times with different callback data (a TAP handle), that
data must be considered when unregistering any callback.

This could fix some crashes after TAP registration errors,
by making sure the reset event handler doesn't scribble over
memory that's now used by something else.


git-svn-id: svn://svn.berlios.de/openocd/trunk@2245 b42882b7-edfa-0310-969c-e2dbd0fdcd60
---
 src/jtag/core.c | 18 +++++++++++++-----
 src/jtag/jtag.h |  2 +-
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/jtag/core.c b/src/jtag/core.c
index 0d786e164..347196c0d 100644
--- a/src/jtag/core.c
+++ b/src/jtag/core.c
@@ -243,24 +243,30 @@ int jtag_register_event_callback(jtag_event_handler_t callback, void *priv)
 	return ERROR_OK;
 }
 
-int jtag_unregister_event_callback(jtag_event_handler_t callback)
+int jtag_unregister_event_callback(jtag_event_handler_t callback, void *priv)
 {
-	jtag_event_callback_t **callbacks_p = &jtag_event_callbacks;
+	jtag_event_callback_t **callbacks_p;
+	jtag_event_callback_t **next;
 
 	if (callback == NULL)
 	{
 		return ERROR_INVALID_ARGUMENTS;
 	}
 
-	while (*callbacks_p)
+	for (callbacks_p = &jtag_event_callbacks;
+			*callbacks_p != NULL;
+			callbacks_p = next)
 	{
-		jtag_event_callback_t **next = &((*callbacks_p)->next);
+		next = &((*callbacks_p)->next);
+
+		if ((*callbacks_p)->priv != priv)
+			continue;
+
 		if ((*callbacks_p)->callback == callback)
 		{
 			free(*callbacks_p);
 			*callbacks_p = *next;
 		}
-		callbacks_p = next;
 	}
 
 	return ERROR_OK;
@@ -1092,6 +1098,8 @@ void jtag_tap_init(jtag_tap_t *tap)
 
 void jtag_tap_free(jtag_tap_t *tap)
 {
+	jtag_unregister_event_callback(&jtag_reset_callback, tap);
+
 	/// @todo is anything missing? no memory leaks please 
 	free((void *)tap->expected_ids);
 	free((void *)tap->chip);
diff --git a/src/jtag/jtag.h b/src/jtag/jtag.h
index 9b378a11e..34a099b8e 100644
--- a/src/jtag/jtag.h
+++ b/src/jtag/jtag.h
@@ -230,7 +230,7 @@ struct jtag_tap_event_action_s
 typedef int (*jtag_event_handler_t)(enum jtag_event event, void* priv);
 
 extern int jtag_register_event_callback(jtag_event_handler_t f, void *x);
-extern int jtag_unregister_event_callback(jtag_event_handler_t f);
+extern int jtag_unregister_event_callback(jtag_event_handler_t f, void *x);
 
 extern int jtag_call_event_callbacks(enum jtag_event event);
 
-- 
GitLab