From: Fam Zheng <famz@redhat.com>
To: Stefan Hajnoczi <stefanha@redhat.com>
Cc: kwolf@redhat.com, Jeff Cody <jcody@redhat.com>,
qemu-devel@nongnu.org, qemu-block@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] block: fix memory leak in early exit
Date: Fri, 16 Oct 2015 10:31:25 +0800 [thread overview]
Message-ID: <20151016022706.GA31963@ad.usersys.redhat.com> (raw)
In-Reply-To: <1444924467-26433-1-git-send-email-stefanha@redhat.com>
On Thu, 10/15 17:54, Stefan Hajnoczi wrote:
> The stream block job has two early exit code paths. They do not free
> s->backing_file_str.
>
> Also, the early exits rely on the fact that the coroutine hasn't yielded
> yet and was launched from the main thread. Therefore the coroutine is
> guaranteed to be running in the main thread where block_job_completed()
> may be called safely. This is very subtle so it's nice to eliminate the
> assumption by unifying the early exit with the normal exit code path.
>
> Cc: Fam Zheng <famz@redhat.com>
> Cc: Jeff Cody <jcody@redhat.com>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> ---
> block/stream.c | 15 ++++++++++-----
> 1 file changed, 10 insertions(+), 5 deletions(-)
>
> diff --git a/block/stream.c b/block/stream.c
> index ab0bd05..1986e9a 100644
> --- a/block/stream.c
> +++ b/block/stream.c
> @@ -120,16 +120,16 @@ static void coroutine_fn stream_run(void *opaque)
> int ret = 0;
> int n = 0;
> void *buf;
> + bool reached_end = false;
>
> if (!bs->backing_hd) {
> - block_job_completed(&s->common, 0);
> - return;
> + goto out;
> }
>
> s->common.len = bdrv_getlength(bs);
> if (s->common.len < 0) {
> - block_job_completed(&s->common, s->common.len);
> - return;
> + ret = s->common.len;
> + goto out;
> }
>
> end = s->common.len >> BDRV_SECTOR_BITS;
> @@ -207,6 +207,10 @@ wait:
> s->common.offset += n * BDRV_SECTOR_SIZE;
> }
>
> + if (sector_num == end) {
> + reached_end = true;
> + }
> +
> if (!base) {
> bdrv_disable_copy_on_read(bs);
> }
> @@ -216,10 +220,11 @@ wait:
>
> qemu_vfree(buf);
>
> +out:
> /* Modify backing chain and close BDSes in main loop */
> data = g_malloc(sizeof(*data));
> data->ret = ret;
> - data->reached_end = sector_num == end;
> + data->reached_end = reached_end;
> block_job_defer_to_main_loop(&s->common, stream_complete, data);
> }
>
> --
> 2.4.3
>
Reviewed-by: Fam Zheng <famz@redhat.com>
next prev parent reply other threads:[~2015-10-16 2:31 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-15 15:54 [Qemu-devel] [PATCH] block: fix memory leak in early exit Stefan Hajnoczi
2015-10-16 2:31 ` Fam Zheng [this message]
2015-10-16 3:34 ` Jeff Cody
2015-10-16 6:58 ` [Qemu-devel] [Qemu-block] " Alberto Garcia
2015-10-16 8:37 ` Stefan Hajnoczi
2015-10-16 11:31 ` Jeff Cody
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151016022706.GA31963@ad.usersys.redhat.com \
--to=famz@redhat.com \
--cc=jcody@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).