Bug: pkvpInstance destroyed in call_callback_on_match

[bhanucbp]

Problem/Opportunity

In call_callback_on_match, a ut_kvp_instance_t (pkvpInstance) is created and passed to registered callbacks.
However, the function calls ut_kvp_destroyInstance(pkvpInstance) after invoking the callbacks.

Callbacks are asynchronous, and clients may attempt to access the pkvpInstance later. Since the instance is already destroyed, this leads to undefined behaviour.

Current code snippet

for (uint32_t i = 0; i < pInternal->callback_entry_index; i++) {
    CallbackEntry_t entry = pInternal->callbackEntryList[i];
    if (ut_kvp_fieldPresent(pkvpInstance, entry.key)) {
        entry.pCallback(entry.key, pkvpInstance, entry.userData);
    }
}
ut_kvp_destroyInstance(pkvpInstance);   // <-- destroyed too early

Proposed Solution

• Remove ut_kvp_destroyInstance(pkvpInstance) from call_callback_on_match.
• Transfer ownership of pkvpInstance to the client via the callback.
• The client is responsible for calling ut_kvp_destroyInstance() when the instance is no longer needed

Steps to reproduce

No response

Expected Behavior

--

Actual Behavior

--

Notes (Optional)

No response

[kanjoe24]

As per discussion, it has been decided not to transfer ownership.
The PR however, will provide improved documentation for ut-control apis.