From patchwork Tue Jun 21 17:10:45 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael S. Tsirkin" X-Patchwork-Id: 101339 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [140.186.70.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id E7FADB6F84 for ; Wed, 22 Jun 2011 03:53:40 +1000 (EST) Received: from localhost ([::1]:52347 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QZ58q-0002M8-BF for incoming@patchwork.ozlabs.org; Tue, 21 Jun 2011 13:53:36 -0400 Received: from eggs.gnu.org ([140.186.70.92]:56666) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QZ4TC-0007ZD-1n for qemu-devel@nongnu.org; Tue, 21 Jun 2011 13:10:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QZ4TA-0001DG-J7 for qemu-devel@nongnu.org; Tue, 21 Jun 2011 13:10:33 -0400 Received: from mx1.redhat.com ([209.132.183.28]:44919) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QZ4TA-0001DC-5R for qemu-devel@nongnu.org; Tue, 21 Jun 2011 13:10:32 -0400 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p5LHAUOe002589 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 21 Jun 2011 13:10:30 -0400 Received: from redhat.com (dhcp-1-35.tlv.redhat.com [10.35.1.35]) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with SMTP id p5LHASvb008774; Tue, 21 Jun 2011 13:10:28 -0400 Date: Tue, 21 Jun 2011 20:10:45 +0300 From: "Michael S. Tsirkin" To: qemu-devel@nongnu.org, Jason Wang , Juan Quintela , Jes.Sorensen@redhat.com Message-ID: <20110621171044.GA16869@redhat.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Scanned-By: MIMEDefang 2.68 on 10.5.11.25 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH] vhost: fix double free on device stop X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org vhost dev stop failed to clear the log field. Typically not an issue as dev start overwrites this field, but if logging gets disabled before the following start, it doesn't so this causes a double free. Signed-off-by: Michael S. Tsirkin --- hw/vhost.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/hw/vhost.c b/hw/vhost.c index 80f771e..1fbf2e5 100644 --- a/hw/vhost.c +++ b/hw/vhost.c @@ -784,5 +784,9 @@ void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice *vdev) hdev->started = false; qemu_free(hdev->log); + if (hdev->log) { + qemu_free(hdev->log); + } + hdev->log = NULL; hdev->log_size = 0; }