[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qemu-block
Subject:    Re: [Qemu-block] [PATCH] block: Fix leak of BdrvIoctlCompletionData when driver returns NULL
From:       Fam Zheng <famz () redhat ! com>
Date:       2016-05-31 10:49:40
Message-ID: 20160531104940.GA25364 () ad ! usersys ! redhat ! com
[Download RAW message or body]

On Tue, 05/31 11:14, Paolo Bonzini wrote:
> 
> 
> On 31/05/2016 10:34, Fam Zheng wrote:
> > "data" allocated in bdrv_co_do_ioctl is not freed. Free it before
> > returning.
> > 
> > Cc: qemu-stable@nongnu.org
> > Reported-by: Kevin Wolf <kwolf@redhat.com>
> > Signed-off-by: Fam Zheng <famz@redhat.com>
> > ---
> >  block/io.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/block/io.c b/block/io.c
> > index 2d832aa..aa5a5d7 100644
> > --- a/block/io.c
> > +++ b/block/io.c
> > @@ -2320,6 +2320,7 @@ static void bdrv_ioctl_bh_cb(void *opaque)
> >  
> >      bdrv_co_io_em_complete(data->co, -ENOTSUP);
> >      qemu_bh_delete(data->bh);
> > +    g_free(data);
> >  }
> >  
> >  static int bdrv_co_do_ioctl(BlockDriverState *bs, int req, void *buf)
> > 
> 
> Is the bottom half needed at all?  Why can't you just do "co.ret =
> -ENOTSUP;"?  The bottom half indirection is not needed for coroutine
> functions, only for bdrv_aio_*; and bdrv_co_maybe_schedule_bh already
> provides it.
> 

You are right, I missed that.  Let's drop the BH.

Fam


[prev in list] [next in list] [prev in thread] [next in thread]