Il 29/11/2013 15:58, Marc-André Lureau ha scritto: > ==15815== Thread 1: > ==15815== Syscall param socketcall.sendto(msg) points to uninitialised byte(s) > ==15815== at 0x65AD5CB: send (send.c:31) > ==15815== by 0x37F84B: nbd_wr_sync (nbd.c:145) > ==15815== by 0x37F94B: write_sync (nbd.c:186) > ==15815== by 0x380FA9: nbd_send_request (nbd.c:681) > ==15815== by 0x1C4A2D: nbd_teardown_connection (nbd-client.c:337) > ==15815== by 0x1C4AD8: nbd_client_session_close (nbd-client.c:354) > ==15815== by 0x1ED2D8: close_socketpair (spicebd.c:132) > ==15815== by 0x1EE265: spice_close (spicebd.c:457) > ==15815== by 0x1ACBF6: bdrv_close (block.c:1519) > ==15815== by 0x1AD804: bdrv_delete (block.c:1772) > ==15815== by 0x1B4136: bdrv_unref (block.c:4476) > ==15815== by 0x1ACCE0: bdrv_close (block.c:1541) > ==15815== Address 0x7feffef98 is on thread 1's stack > > Signed-off-by: Marc-André Lureau <marcandre.lur...@gmail.com> > --- > block/nbd-client.c | 21 +++++++++------------ > 1 file changed, 9 insertions(+), 12 deletions(-) > > diff --git a/block/nbd-client.c b/block/nbd-client.c > index ad6fb01..82806f1 100644 > --- a/block/nbd-client.c > +++ b/block/nbd-client.c > @@ -186,11 +186,10 @@ static int nbd_co_readv_1(NbdClientSession *client, > int64_t sector_num, > int nb_sectors, QEMUIOVector *qiov, > int offset) > { > - struct nbd_request request; > + struct nbd_request request = { .type = NBD_CMD_READ }; > struct nbd_reply reply; > ssize_t ret; > > - request.type = NBD_CMD_READ; > request.from = sector_num * 512; > request.len = nb_sectors * 512; > > @@ -210,11 +209,10 @@ static int nbd_co_writev_1(NbdClientSession *client, > int64_t sector_num, > int nb_sectors, QEMUIOVector *qiov, > int offset) > { > - struct nbd_request request; > + struct nbd_request request = { .type = NBD_CMD_WRITE }; > struct nbd_reply reply; > ssize_t ret; > > - request.type = NBD_CMD_WRITE; > if (!bdrv_enable_write_cache(client->bs) && > (client->nbdflags & NBD_FLAG_SEND_FUA)) { > request.type |= NBD_CMD_FLAG_FUA; > @@ -276,7 +274,7 @@ int nbd_client_session_co_writev(NbdClientSession > *client, int64_t sector_num, > > int nbd_client_session_co_flush(NbdClientSession *client) > { > - struct nbd_request request; > + struct nbd_request request = { .type = NBD_CMD_FLUSH }; > struct nbd_reply reply; > ssize_t ret; > > @@ -284,7 +282,6 @@ int nbd_client_session_co_flush(NbdClientSession *client) > return 0; > } > > - request.type = NBD_CMD_FLUSH; > if (client->nbdflags & NBD_FLAG_SEND_FUA) { > request.type |= NBD_CMD_FLAG_FUA; > } > @@ -306,14 +303,13 @@ int nbd_client_session_co_flush(NbdClientSession > *client) > int nbd_client_session_co_discard(NbdClientSession *client, int64_t > sector_num, > int nb_sectors) > { > - struct nbd_request request; > + struct nbd_request request = { .type = NBD_CMD_TRIM }; > struct nbd_reply reply; > ssize_t ret; > > if (!(client->nbdflags & NBD_FLAG_SEND_TRIM)) { > return 0; > } > - request.type = NBD_CMD_TRIM; > request.from = sector_num * 512; > request.len = nb_sectors * 512; > > @@ -331,11 +327,12 @@ int nbd_client_session_co_discard(NbdClientSession > *client, int64_t sector_num, > > static void nbd_teardown_connection(NbdClientSession *client) > { > - struct nbd_request request; > + struct nbd_request request = { > + .type = NBD_CMD_DISC, > + .from = 0, > + .len = 0 > + }; > > - request.type = NBD_CMD_DISC; > - request.from = 0; > - request.len = 0; > nbd_send_request(client->sock, &request); > > qemu_aio_set_fd_handler(client->sock, NULL, NULL, NULL); >
Reviewed-by: Paolo Bonzini <pbonz...@redhat.com>