From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:56666) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QZ4TC-0007ZD-1n for qemu-devel@nongnu.org; Tue, 21 Jun 2011 13:10:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QZ4TA-0001DG-J7 for qemu-devel@nongnu.org; Tue, 21 Jun 2011 13:10:33 -0400 Received: from mx1.redhat.com ([209.132.183.28]:44919) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QZ4TA-0001DC-5R for qemu-devel@nongnu.org; Tue, 21 Jun 2011 13:10:32 -0400 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p5LHAUOe002589 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 21 Jun 2011 13:10:30 -0400 Date: Tue, 21 Jun 2011 20:10:45 +0300 From: "Michael S. Tsirkin" Message-ID: <20110621171044.GA16869@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [Qemu-devel] [PATCH] vhost: fix double free on device stop List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org, Jason Wang , Juan Quintela , Jes.Sorensen@redhat.com vhost dev stop failed to clear the log field. Typically not an issue as dev start overwrites this field, but if logging gets disabled before the following start, it doesn't so this causes a double free. Signed-off-by: Michael S. Tsirkin --- hw/vhost.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/hw/vhost.c b/hw/vhost.c index 80f771e..1fbf2e5 100644 --- a/hw/vhost.c +++ b/hw/vhost.c @@ -784,5 +784,9 @@ void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice *vdev) hdev->started = false; qemu_free(hdev->log); + if (hdev->log) { + qemu_free(hdev->log); + } + hdev->log = NULL; hdev->log_size = 0; } -- 1.7.5.53.gc233e