From e8ec08a62a3ffce3deeeecd8e68408d0879f6915 Mon Sep 17 00:00:00 2001

From: Peter Maydell <peter.maydell@linaro.org>

Date: Fri, 28 Mar 2014 14:22:49 +0000

Subject: [PATCH] dma-helpers: Initialize DMAAIOCB in_cancel flag

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

RH-Author: Stefano Garzarella <sgarzare@redhat.com>

RH-MergeRequest: 53: dma-helpers: Initialize DMAAIOCB in_cancel flag

RH-Commit: [1/1] a729d40a4eae4ff0262764d9003552d1e4d67976

RH-Bugzilla: 2007036

RH-Acked-by: Kevin Wolf <kwolf@redhat.com>

RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>

RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Initialize the dbs->in_cancel flag in dma_bdrv_io(), since qemu_aio_get()

does not return zero-initialized memory. Spotted by the clang sanitizer

(which complained when the value loaded in dma_complete() was not valid

for a bool type); this might have resulted in leaking the AIO block.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

(cherry picked from commit 4d1cb6e6f51b0d8405f701806a203a73e7431fe5)

Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>

---

 dma-helpers.c | 1 +

 1 file changed, 1 insertion(+)

diff --git a/dma-helpers.c b/dma-helpers.c

index 272632f367..7335dd71c7 100644

--- a/dma-helpers.c

+++ b/dma-helpers.c

@@ -216,6 +216,7 @@ BlockDriverAIOCB *dma_bdrv_io(

     dbs->sg_cur_index = 0;

     dbs->sg_cur_byte = 0;

     dbs->dir = dir;

+    dbs->in_cancel = false;

     dbs->io_func = io_func;

     dbs->bh = NULL;

     qemu_iovec_init(&dbs->iov, sg->nsg);

-- 

2.27.0