> -----邮件原件-----
> 发件人: Eric Blake [mailto:ebl...@redhat.com]
> 发送时间: 2017年12月21日 11:36
> 收件人: linzhecheng <linzhech...@huawei.com>; Paolo Bonzini
> <pbonz...@redhat.com>; qemu-devel@nongnu.org; f...@redhat.com
> 抄送: wangxin (U) <wangxinxin.w...@huawei.com>
> 主题: Re: [Qemu-devel] [PULL 02/46] qemu-thread: fix races on threads that
> exit very quickly
>
> On 12/20/2017 09:29 PM, linzhecheng wrote:
>
> >> +} QemuThreadArgs;
> >> +
> >> +static void *qemu_thread_start(void *args) {
> >> + QemuThreadArgs *qemu_thread_args = args;
> >> + void *(*start_routine)(void *) = qemu_thread_args->start_routine;
> >> + void *arg = qemu_thread_args->arg;
> >> +
> >> + /* Attempt to set the threads name; note that this is for debug, so
> >> + * we're not going to fail if we can't set it.
> >> + */
> >> + pthread_setname_np(pthread_self(), qemu_thread_args->name);
> >> + g_free(qemu_thread_args->name);
> >> + g_free(qemu_thread_args);
> > If qemu_thread_args is freed here, start_routine(arg) will lead to use
> > after free because arg equals to qemu_thread_args
>
> No, we explicitly copied qemu_thread_args->arg into a local variable prior to
> freeing qemu_thread_args, so that we do not have to dereference the freed
> variable.
OK, that's true.
>
> --
> Eric Blake, Principal Software Engineer
> Red Hat, Inc. +1-919-301-3266
> Virtualization: qemu.org | libvirt.org
