[Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots
@ 2013-08-14 12:13 Stefan Hajnoczi
  2013-09-25  0:28 ` Michael Roth
  0 siblings, 1 reply; 4+ messages in thread
From: Stefan Hajnoczi @ 2013-08-14 12:13 UTC (permalink / raw)
  To: qemu-devel; +Cc: Kevin Wolf, Josh Durgin, qemu-stable, Stefan Hajnoczi

When there are no snapshots qemu_rbd_snap_list() returns 0 and the
snapshot table pointer is NULL.  Don't forget to free the snaps buffer
we allocated for librbd rbd_snap_list().

Cc: qemu-stable@nongnu.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/rbd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/block/rbd.c b/block/rbd.c
index cb71751..4e26fea 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -934,7 +934,7 @@ static int qemu_rbd_snap_list(BlockDriverState *bs,
     do {
         snaps = g_malloc(sizeof(*snaps) * max_snaps);
         snap_count = rbd_snap_list(s->image, snaps, &max_snaps);
-        if (snap_count < 0) {
+        if (snap_count <= 0) {
             g_free(snaps);
         }
     } while (snap_count == -ERANGE);
-- 
1.8.3.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots
  2013-08-14 12:13 [Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots Stefan Hajnoczi
@ 2013-09-25  0:28 ` Michael Roth
  2013-09-25  8:06   ` Kevin Wolf
  0 siblings, 1 reply; 4+ messages in thread
From: Michael Roth @ 2013-09-25  0:28 UTC (permalink / raw)
  To: Stefan Hajnoczi, qemu-devel; +Cc: Kevin Wolf, Josh Durgin, qemu-stable

Quoting Stefan Hajnoczi (2013-08-14 07:13:52)
> When there are no snapshots qemu_rbd_snap_list() returns 0 and the
> snapshot table pointer is NULL.  Don't forget to free the snaps buffer
> we allocated for librbd rbd_snap_list().
> 
> Cc: qemu-stable@nongnu.org
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Ping for 1.6.1

> ---
>  block/rbd.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/block/rbd.c b/block/rbd.c
> index cb71751..4e26fea 100644
> --- a/block/rbd.c
> +++ b/block/rbd.c
> @@ -934,7 +934,7 @@ static int qemu_rbd_snap_list(BlockDriverState *bs,
>      do {
>          snaps = g_malloc(sizeof(*snaps) * max_snaps);
>          snap_count = rbd_snap_list(s->image, snaps, &max_snaps);
> -        if (snap_count < 0) {
> +        if (snap_count <= 0) {
>              g_free(snaps);
>          }
>      } while (snap_count == -ERANGE);
> -- 
> 1.8.3.1

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots
  2013-09-25  0:28 ` Michael Roth
@ 2013-09-25  8:06   ` Kevin Wolf
  2013-09-25 13:58     ` Stefan Hajnoczi
  0 siblings, 1 reply; 4+ messages in thread
From: Kevin Wolf @ 2013-09-25  8:06 UTC (permalink / raw)
  To: Michael Roth; +Cc: Josh Durgin, qemu-devel, Stefan Hajnoczi, qemu-stable

Am 25.09.2013 um 02:28 hat Michael Roth geschrieben:
> Quoting Stefan Hajnoczi (2013-08-14 07:13:52)
> > When there are no snapshots qemu_rbd_snap_list() returns 0 and the
> > snapshot table pointer is NULL.  Don't forget to free the snaps buffer
> > we allocated for librbd rbd_snap_list().
> > 
> > Cc: qemu-stable@nongnu.org
> > Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> 
> Ping for 1.6.1

Applied it to the block branch for now, but...

> > ---
> >  block/rbd.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/block/rbd.c b/block/rbd.c
> > index cb71751..4e26fea 100644
> > --- a/block/rbd.c
> > +++ b/block/rbd.c
> > @@ -934,7 +934,7 @@ static int qemu_rbd_snap_list(BlockDriverState *bs,
> >      do {
> >          snaps = g_malloc(sizeof(*snaps) * max_snaps);
> >          snap_count = rbd_snap_list(s->image, snaps, &max_snaps);
> > -        if (snap_count < 0) {
> > +        if (snap_count <= 0) {
> >              g_free(snaps);
> >          }
> >      } while (snap_count == -ERANGE);

...I think this isn't a complete fix. In the successful case we still
leak snaps. The g_free() should probably be moved to after the done:
label in a v2 of the patch.

Kevin

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots
  2013-09-25  8:06   ` Kevin Wolf
@ 2013-09-25 13:58     ` Stefan Hajnoczi
  0 siblings, 0 replies; 4+ messages in thread
From: Stefan Hajnoczi @ 2013-09-25 13:58 UTC (permalink / raw)
  To: Kevin Wolf; +Cc: Josh Durgin, qemu-stable, Michael Roth, qemu-devel

On Wed, Sep 25, 2013 at 10:06:11AM +0200, Kevin Wolf wrote:
> Am 25.09.2013 um 02:28 hat Michael Roth geschrieben:
> > Quoting Stefan Hajnoczi (2013-08-14 07:13:52)
> > > When there are no snapshots qemu_rbd_snap_list() returns 0 and the
> > > snapshot table pointer is NULL.  Don't forget to free the snaps buffer
> > > we allocated for librbd rbd_snap_list().
> > > 
> > > Cc: qemu-stable@nongnu.org
> > > Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> > 
> > Ping for 1.6.1
> 
> Applied it to the block branch for now, but...
> 
> > > ---
> > >  block/rbd.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/block/rbd.c b/block/rbd.c
> > > index cb71751..4e26fea 100644
> > > --- a/block/rbd.c
> > > +++ b/block/rbd.c
> > > @@ -934,7 +934,7 @@ static int qemu_rbd_snap_list(BlockDriverState *bs,
> > >      do {
> > >          snaps = g_malloc(sizeof(*snaps) * max_snaps);
> > >          snap_count = rbd_snap_list(s->image, snaps, &max_snaps);
> > > -        if (snap_count < 0) {
> > > +        if (snap_count <= 0) {
> > >              g_free(snaps);
> > >          }
> > >      } while (snap_count == -ERANGE);
> 
> ...I think this isn't a complete fix. In the successful case we still
> leak snaps. The g_free() should probably be moved to after the done:
> label in a v2 of the patch.

You are right.  I'm sending a v2.  rbd_snap_list_end() does not free
snaps itself, only the strings that snaps[i].name points to.  Therefore
we need to free snaps.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2013-09-25 13:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-08-14 12:13 [Qemu-devel] [PATCH] rbd: avoid qemu_rbd_snap_list() memory leak when no snapshots Stefan Hajnoczi
2013-09-25  0:28 ` Michael Roth
2013-09-25  8:06   ` Kevin Wolf
2013-09-25 13:58     ` Stefan Hajnoczi

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.