From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40933) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WznX6-0004JJ-OW for qemu-devel@nongnu.org; Wed, 25 Jun 2014 09:46:46 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WznX0-0007e4-WD for qemu-devel@nongnu.org; Wed, 25 Jun 2014 09:46:40 -0400 Received: from mx1.redhat.com ([209.132.183.28]:20121) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WznX0-0007dw-Oj for qemu-devel@nongnu.org; Wed, 25 Jun 2014 09:46:34 -0400 Message-ID: <53AAD2B8.6010706@redhat.com> Date: Wed, 25 Jun 2014 07:46:32 -0600 From: Eric Blake MIME-Version: 1.0 References: <9ca16cc7ed58cd133ea2c8d86c29707b54005e1d.1403685480.git.mprivozn@redhat.com> In-Reply-To: <9ca16cc7ed58cd133ea2c8d86c29707b54005e1d.1403685480.git.mprivozn@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="DgxSHOIkJQBgSbgQSJj3gphwdG8u5RvGq" Subject: Re: [Qemu-devel] [PATCH for 2.1] qemu_opts_append: Play nicely with QemuOptsList's head List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Michal Privoznik , qemu-devel@nongnu.org Cc: Chunyan Liu , Stefan Hajnoczi This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --DgxSHOIkJQBgSbgQSJj3gphwdG8u5RvGq Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 06/25/2014 02:38 AM, Michal Privoznik wrote: > When running a libvirt test suite I've noticed the qemu-img is > crashing occasionally. Tracing the problem down led me to the > following valgrind output: Thanks for tracking this! It has been reported in other threads, but yours is the first patch. > The problem is apparently in the qemu_opts_append(). Well, if it > gets called twice or more. On the first call, when @dst is NULL > some initialization is done during which @dst->head list gets > initialized. The list is initialized in a way, so that the list > tail points at the list head. However, the next time > qemu_opts_append() is called for new options to be added, > g_realloc() may move @dst at new address making the old list tail s/at new/to a new/ > point at invalid address. If that's the case we must update the > list pointers. >=20 > Signed-off-by: Michal Privoznik > --- > util/qemu-option.c | 11 ++++++++++- > 1 file changed, 10 insertions(+), 1 deletion(-) Reviewed-by: Eric Blake > + need_head_update =3D true; > + } else { > + /* Moreover, even if dst is not NULL, the realloc may move it = at a s/at/to/ > + * different address in which case we may get a stale tail poi= nter > + * in dst->head. */ > + need_head_update =3D QTAILQ_EMPTY(&dst->head); > } > =20 --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --DgxSHOIkJQBgSbgQSJj3gphwdG8u5RvGq Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTqtK4AAoJEKeha0olJ0NqKDcIAIkdvLDcvhsnMrh8neEZoF69 d+mm2qnn8gY7/v/Ls0VXKsOhOEZN5YahNMMq1e59TGHJ2k0B7HihcxDTaLPgeVDV itqbl9YD501U37Xi1bTz4A4CWOt7jBihFW2l255jDKYYsGG5L20wzi618GJ0donG E2hBQApi/Q1rzgpN+AHCFb+R/pkm9UhGs6JPg4QOSKBBouwh+JvSKX6oi8stGxn+ rUIay6rF0bRjI3e3x7iEFBdXELzDvp4cK6QhaTUOIghes5HbkiKbB/CAi7BtPcKT 0hJ5D+0Vi+xCEuv5ljXPPM4IiQul+k4UA2/epmfZPzW+7/vf8/eXAmwFpBnTRko= =MbCT -----END PGP SIGNATURE----- --DgxSHOIkJQBgSbgQSJj3gphwdG8u5RvGq--