From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48390) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WmPvB-0003St-75 for qemu-devel@nongnu.org; Mon, 19 May 2014 11:56:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WmPv3-0005j7-P5 for qemu-devel@nongnu.org; Mon, 19 May 2014 11:56:13 -0400 Received: from mx1.redhat.com ([209.132.183.28]:9207) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WmPv3-0005j0-HU for qemu-devel@nongnu.org; Mon, 19 May 2014 11:56:05 -0400 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s4JFu4re013011 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 19 May 2014 11:56:05 -0400 From: Kevin Wolf Date: Mon, 19 May 2014 17:56:01 +0200 Message-Id: <1400514961-30472-1-git-send-email-kwolf@redhat.com> Subject: [Qemu-devel] [PATCH] qcow2: Fix memory leak in COW error path List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: kwolf@redhat.com, stefanha@redhat.com, mreitz@redhat.com This triggers if bs->drv becomes NULL in a concurrent request. This is currently only the case when corruption prevention kicks in (i.e. at most once per image, and after that it produces I/O errors). Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index 76d2bcf..4208dc0 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -379,7 +379,8 @@ static int coroutine_fn copy_sectors(BlockDriverState *bs, BLKDBG_EVENT(bs->file, BLKDBG_COW_READ); if (!bs->drv) { - return -ENOMEDIUM; + ret = -ENOMEDIUM; + goto out; } /* Call .bdrv_co_readv() directly instead of using the public block-layer -- 1.8.3.1