[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC v2 4/7] vhost: Add VhostShadowVirtqueue
|
From: |
Eugenio Perez Martin |
|
Subject: |
Re: [RFC v2 4/7] vhost: Add VhostShadowVirtqueue |
|
Date: |
Wed, 17 Feb 2021 19:40:01 +0100 |
On Wed, Feb 17, 2021 at 2:01 PM Stefan Hajnoczi <stefanha@redhat.com> wrote:
>
> On Tue, Feb 09, 2021 at 04:37:54PM +0100, Eugenio Pérez wrote:
> > +/*
> > + * Creates vhost shadow virtqueue, and instruct vhost device to use the
> > shadow
> > + * methods and file descriptors.
> > + */
> > +VhostShadowVirtqueue *vhost_shadow_vq_new(struct vhost_dev *dev, int idx)
> > +{
> > + g_autofree VhostShadowVirtqueue *svq = g_new0(VhostShadowVirtqueue, 1);
> > + int r;
> > +
> > + r = event_notifier_init(&svq->kick_notifier, 0);
> > + if (r != 0) {
> > + error_report("Couldn't create kick event notifier: %s",
> > + strerror(errno));
> > + goto err_init_kick_notifier;
> > + }
> > +
> > + r = event_notifier_init(&svq->call_notifier, 0);
> > + if (r != 0) {
> > + error_report("Couldn't create call event notifier: %s",
> > + strerror(errno));
> > + goto err_init_call_notifier;
> > + }
> > +
> > + return svq;
>
> Use-after-free due to g_autofree. I think this should be:
>
> return g_steal_pointer(&svq)
>
> https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html#g-steal-pointer
What a miss, thanks for pointing it out!
- Re: [RFC v2 1/7] vhost: Delete trailing dot in errpr_setg argument, (continued)
[RFC v2 2/7] virtio: Add virtio_queue_host_notifier_status, Eugenio Pérez, 2021/02/09
[RFC v2 3/7] vhost: Save masked_notifier state, Eugenio Pérez, 2021/02/09
[RFC v2 4/7] vhost: Add VhostShadowVirtqueue, Eugenio Pérez, 2021/02/09
[RFC v2 5/7] vhost: Add x-vhost-enable-shadow-vq qmp, Eugenio Pérez, 2021/02/09
[RFC v2 6/7] vhost: Route guest->host notification through shadow virtqueue, Eugenio Pérez, 2021/02/09
[RFC v2 7/7] vhost: Route host->guest notification through shadow virtqueue, Eugenio Pérez, 2021/02/09