[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] qapi: fix memory leak in QmpOutputVisitor
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-devel] [PATCH] qapi: fix memory leak in QmpOutputVisitor |
|
Date: |
Fri, 21 Oct 2016 16:20:30 -0500 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 |
On 10/18/2016 06:22 AM, Pino Toscano wrote:
> On Tuesday, 18 October 2016 06:13:30 CEST Eric Blake wrote:
>> On 10/18/2016 04:17 AM, Pino Toscano wrote:
>>> qmp_output_start_struct() and qmp_output_start_list() create a new
>>> QObject (QDict, QList) and push it to the stack of the QmpOutputVisitor,
>>> where it is saved as 'value'. When freeing the iterator in
>>> qmp_output_free(), these values are never freed properly.
>>
>> Do any of the tests (perhaps run under valgrind) show this leak? If not,
>> maybe we should enhance their coverage.
>
> Running a simple `qemu-img info file.qcow2` under valgrind was enough
> for me to show the leak.
I'm still not reproducing it. :(
>
> In this case, another simple fix is needed to fully fix the leak:
> http://lists.nongnu.org/archive/html/qemu-devel/2016-10/msg04023.html
In fact, isn't that fix alone enough to fix the leak? The more I think
about this patch (and the thread on v2), the more I think it is too
prone to double-freeing things.
>>> +++ b/qapi/qmp-output-visitor.c
>>> @@ -220,6 +220,7 @@ static void qmp_output_free(Visitor *v)
>>> while (!QSLIST_EMPTY(&qov->stack)) {
>>> e = QSLIST_FIRST(&qov->stack);
>>> QSLIST_REMOVE_HEAD(&qov->stack, node);
>>> + qobject_decref(e->value);
>>> g_free(e);
>>> }
>>>
>>>
>>
>>
>
>
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature