From: Peter Xu <peterx@redhat.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: Zongmin Zhou <zhouzongmin@kylinos.cn>,
quintela@redhat.com, farosas@suse.de, leobras@redhat.com,
qemu-devel@nongnu.org
Subject: Re: [PATCH] migration: free 'saddr' since be no longer used
Date: Wed, 15 Nov 2023 11:44:35 -0500 [thread overview]
Message-ID: <ZVT1c3Ptd_P3Nfb_@x1n> (raw)
In-Reply-To: <ZVSUFTBwSKHxVV_9@redhat.com>
On Wed, Nov 15, 2023 at 09:49:09AM +0000, Daniel P. Berrangé wrote:
> On Wed, Nov 15, 2023 at 11:27:39AM +0800, Zongmin Zhou wrote:
> > Since socket_parse() will allocate memory for 'saddr',
> > and its value will pass to 'addr' that allocated
> > by migrate_uri_parse(),so free 'saddr' to avoid memory leak.
> >
> > Fixes: 72a8192e225c ("migration: convert migration 'uri' into 'MigrateAddress'")
> > Signed-off-by: Zongmin Zhou<zhouzongmin@kylinos.cn>
> > ---
> > migration/migration.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/migration/migration.c b/migration/migration.c
> > index 28a34c9068..30ed4bf6b6 100644
> > --- a/migration/migration.c
> > +++ b/migration/migration.c
> > @@ -493,6 +493,7 @@ bool migrate_uri_parse(const char *uri, MigrationChannel **channel,
> > }
> > addr->u.socket.type = saddr->type;
> > addr->u.socket.u = saddr->u;
>
> 'saddr->u' is a union embedded in SocketAddress, containing:
>
> union { /* union tag is @type */
> InetSocketAddressWrapper inet;
> UnixSocketAddressWrapper q_unix;
> VsockSocketAddressWrapper vsock;
> StringWrapper fd;
> } u;
>
> THis assignment is *shallow* copying the contents of the union.
>
> All the type specifics structs that are members of this union
> containing allocated strings, and with this shallow copy, we
> are stealing the pointers to these allocated strings
>
>
> > + qapi_free_SocketAddress(saddr);
>
> This meanwhle is doing a *deep* free of the contents of the
> SocketAddress, which includes all the pointers we just stole.
>
> IOW, unless I'm mistaken somehow, this is going to cause a
> double-free
Right. I think what we need is a g_free(saddr), with a comment explaining?
Or, is there better way to do that? Something like a QAPI_CLONE() but not
exactly: we already have the object allocated. We want to deep copy it to
the current object only on the fields but not the object itself.
--
Peter Xu
next prev parent reply other threads:[~2023-11-15 16:45 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-15 3:27 [PATCH] migration: free 'saddr' since be no longer used Zongmin Zhou
2023-11-15 9:49 ` Daniel P. Berrangé
2023-11-15 16:44 ` Peter Xu [this message]
2023-11-16 6:34 ` [PATCH v2] " Zongmin Zhou
2023-11-16 14:19 ` Juan Quintela
2023-11-17 2:51 ` Zongmin Zhou
2023-11-17 13:56 ` Peter Xu
2023-11-20 3:14 ` [PATCH v3] " Zongmin Zhou
2023-11-20 9:08 ` Daniel P. Berrangé
2023-11-20 14:01 ` Peter Xu
2023-11-29 2:09 ` Zongmin Zhou
2023-11-29 14:47 ` Peter Xu
2023-11-30 10:20 ` Het Gala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZVT1c3Ptd_P3Nfb_@x1n \
--to=peterx@redhat.com \
--cc=berrange@redhat.com \
--cc=farosas@suse.de \
--cc=leobras@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=zhouzongmin@kylinos.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.