On 06/25/2014 02:38 AM, Michal Privoznik wrote: > When running a libvirt test suite I've noticed the qemu-img is > crashing occasionally. Tracing the problem down led me to the > following valgrind output:
Thanks for tracking this! It has been reported in other threads, but yours is the first patch. > The problem is apparently in the qemu_opts_append(). Well, if it > gets called twice or more. On the first call, when @dst is NULL > some initialization is done during which @dst->head list gets > initialized. The list is initialized in a way, so that the list > tail points at the list head. However, the next time > qemu_opts_append() is called for new options to be added, > g_realloc() may move @dst at new address making the old list tail s/at new/to a new/ > point at invalid address. If that's the case we must update the > list pointers. > > Signed-off-by: Michal Privoznik <[email protected]> > --- > util/qemu-option.c | 11 ++++++++++- > 1 file changed, 10 insertions(+), 1 deletion(-) Reviewed-by: Eric Blake <[email protected]> > + need_head_update = true; > + } else { > + /* Moreover, even if dst is not NULL, the realloc may move it at a s/at/to/ > + * different address in which case we may get a stale tail pointer > + * in dst->head. */ > + need_head_update = QTAILQ_EMPTY(&dst->head); > } > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
