On 10/21/2016 10:39 AM, Eric Blake wrote: > On 10/21/2016 09:01 AM, Markus Armbruster wrote: >> Pino Toscano <ptosc...@redhat.com> writes: >> >>> qmp_output_start_struct() and qmp_output_start_list() create a new >>> QObject (QDict, QList) and push it to the stack of the QmpOutputVisitor, >>> where it is saved as 'value'. When freeing the iterator in >>> qmp_output_free(), these values are never freed properly. >>> >>> The simple solution is to qobject_decref() them. >>> >>> Signed-off-by: Pino Toscano <ptosc...@redhat.com>
>> >> Hmm. The patch looks correct, even though it adds a decref very similar >> to the one deleted by commit f24582d "qapi: fix double free in >> qmp_output_visitor_cleanup()". > In fact, applying this patch regresses to the very state that f24582d tried to prevent. However, I'm unable to see a difference in valgrind on tests/test-qmp-output-visitor either with or without this patch, which sadly means our testsuite is not actually testing this scenario. >> Should this go into -stable? > > I'm still not convinced this patch makes sense. NACK. As mentioned in the v1 thread, the leak that Pino was seeing is fixed by http://lists.nongnu.org/archive/html/qemu-devel/2016-10/msg04023.html I don't think we don't want this patch. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
