> -----Original Message-----
> From: Derek Su <dere...@qnap.com>
> Sent: Saturday, March 28, 2020 8:47 PM
> To: qemu-devel@nongnu.org
> Cc: Zhang, Chen <chen.zh...@intel.com>; lizhij...@cn.fujitsu.com;
> jasow...@redhat.com; ctch...@qnap.com; chy...@qnap.com;
> jwsu1...@gmail.com; Derek Su <dere...@qnap.com>
> Subject: [PATCH v4 1/2] net/colo-compare.c: Fix memory leak in
> packet_enqueue()
>
> The patch is to fix the "pkt" memory leak in packet_enqueue().
> The allocated "pkt" needs to be freed if the colo compare primary or
> secondary queue is too big.
>
> Signed-off-by: Derek Su <dere...@qnap.com>
Reviewed-by: Zhang Chen <chen.zh...@intel.com>
> ---
> net/colo-compare.c | 23 +++++++++++++++--------
> 1 file changed, 15 insertions(+), 8 deletions(-)
>
> diff --git a/net/colo-compare.c b/net/colo-compare.c index
> 7ee17f2cf8..cdd87b2aa8 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -120,6 +120,10 @@ enum {
> SECONDARY_IN,
> };
>
> +static const char *colo_mode[] = {
> + [PRIMARY_IN] = "primary",
> + [SECONDARY_IN] = "secondary",
> +};
>
> static int compare_chr_send(CompareState *s,
> const uint8_t *buf, @@ -215,6 +219,7 @@ static
> int
> packet_enqueue(CompareState *s, int mode, Connection **con)
> ConnectionKey key;
> Packet *pkt = NULL;
> Connection *conn;
> + int ret;
>
> if (mode == PRIMARY_IN) {
> pkt = packet_new(s->pri_rs.buf, @@ -243,16 +248,18 @@ static int
> packet_enqueue(CompareState *s, int mode, Connection **con)
> }
>
> if (mode == PRIMARY_IN) {
> - if (!colo_insert_packet(&conn->primary_list, pkt, &conn->pack)) {
> - error_report("colo compare primary queue size too big,"
> - "drop packet");
> - }
> + ret = colo_insert_packet(&conn->primary_list, pkt,
> + &conn->pack);
> } else {
> - if (!colo_insert_packet(&conn->secondary_list, pkt, &conn->sack)) {
> - error_report("colo compare secondary queue size too big,"
> - "drop packet");
> - }
> + ret = colo_insert_packet(&conn->secondary_list, pkt,
> + &conn->sack);
> }
> +
> + if (!ret) {
> + error_report("colo compare %s queue size too big,"
> + "drop packet", colo_mode[mode]);
> + packet_destroy(pkt, NULL);
> + pkt = NULL;
> + }
> +
> *con = conn;
>
> return 0;
> --
> 2.17.1