From e8ec08a62a3ffce3deeeecd8e68408d0879f6915 Mon Sep 17 00:00:00 2001
From: Peter Maydell <peter.maydell@linaro.org>
Date: Fri, 28 Mar 2014 14:22:49 +0000
Subject: [PATCH] dma-helpers: Initialize DMAAIOCB in_cancel flag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

RH-Author: Stefano Garzarella <sgarzare@redhat.com>
RH-MergeRequest: 53: dma-helpers: Initialize DMAAIOCB in_cancel flag
RH-Commit: [1/1] a729d40a4eae4ff0262764d9003552d1e4d67976
RH-Bugzilla: 2007036
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Initialize the dbs->in_cancel flag in dma_bdrv_io(), since qemu_aio_get()
does not return zero-initialized memory. Spotted by the clang sanitizer
(which complained when the value loaded in dma_complete() was not valid
for a bool type); this might have resulted in leaking the AIO block.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 4d1cb6e6f51b0d8405f701806a203a73e7431fe5)
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
---
 dma-helpers.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dma-helpers.c b/dma-helpers.c
index 272632f367..7335dd71c7 100644
--- a/dma-helpers.c
+++ b/dma-helpers.c
@@ -216,6 +216,7 @@ BlockDriverAIOCB *dma_bdrv_io(
     dbs->sg_cur_index = 0;
     dbs->sg_cur_byte = 0;
     dbs->dir = dir;
+    dbs->in_cancel = false;
     dbs->io_func = io_func;
     dbs->bh = NULL;
     qemu_iovec_init(&dbs->iov, sg->nsg);
-- 
2.27.0