From b2619f005d55e8f6377345f5ca52c84c37a718d4 Mon Sep 17 00:00:00 2001
From: David Teigland <teigland@redhat.com>
Date: Jul 18 2024 16:09:12 +0000
Subject: sanlock: fix freeing lvb after io timeout


If reading or writing the lvb times out, set r->lvb to NULL
so that free_resource() won't free the lvb buffer.  The lvb
buffer (referenced by aicb->buf) will be freed when the io
completes.

---

diff --git a/src/resource.c b/src/resource.c
index 98d1918..af22f10 100644
--- a/src/resource.c
+++ b/src/resource.c
@@ -71,8 +71,10 @@ static void free_resource(struct resource *r)
 	struct resource *rtmp = NULL;
 	struct resource *rmin = NULL;
 
-	if (r->lvb)
+	if (r->lvb) {
 		free(r->lvb);
+		r->lvb = NULL;
+	}
 
 	if (resources_free_count < FREE_RES_COUNT) {
 		resources_free_count++;
@@ -707,6 +709,10 @@ static int read_lvb_block(struct task *task, struct token *token)
 
 	rv = read_iobuf(disk->fd, offset, iobuf, iobuf_len, task, token->io_timeout, NULL);
 
+	/* for io timeout, lvb iobuf is freed when the aio completes, not by free_resource */
+	if (rv == SANLK_AIO_TIMEOUT)
+		r->lvb = NULL;
+
 	return rv;
 }
 
@@ -727,6 +733,10 @@ static int write_lvb_block(struct task *task, struct resource *r, struct token *
 
 	rv = write_iobuf(disk->fd, offset, iobuf, iobuf_len, task, token->io_timeout, NULL);
 
+	/* for io timeout, lvb iobuf is freed when the aio completes, not by free_resource */
+	if (rv == SANLK_AIO_TIMEOUT)
+		r->lvb = NULL;
+
 	return rv;
 }