All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
	Stefano Garzarella <sgarzare@redhat.com>,
	Pan Nengyuan <pannengyuan@huawei.com>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	Euler Robot <euler.robot@huawei.com>
Subject: [PULL v2 14/17] vhost-vsock: delete vqs in vhost_vsock_unrealize to avoid memleaks
Date: Wed, 22 Jan 2020 01:50:29 -0500	[thread overview]
Message-ID: <20200122064907.512501-15-mst@redhat.com> (raw)
In-Reply-To: <20200122064907.512501-1-mst@redhat.com>

From: Pan Nengyuan <pannengyuan@huawei.com>

Receive/transmit/event vqs forgot to cleanup in vhost_vsock_unrealize. This
patch save receive/transmit vq pointer in realize() and cleanup vqs
through those vq pointers in unrealize(). The leak stack is as follow:

Direct leak of 21504 byte(s) in 3 object(s) allocated from:
  #0 0x7f86a1356970 (/lib64/libasan.so.5+0xef970)  ??:?
  #1 0x7f86a09aa49d (/lib64/libglib-2.0.so.0+0x5249d)  ??:?
  #2 0x5604852f85ca (./x86_64-softmmu/qemu-system-x86_64+0x2c3e5ca)  /mnt/sdb/qemu/hw/virtio/virtio.c:2333
  #3 0x560485356208 (./x86_64-softmmu/qemu-system-x86_64+0x2c9c208)  /mnt/sdb/qemu/hw/virtio/vhost-vsock.c:339
  #4 0x560485305a17 (./x86_64-softmmu/qemu-system-x86_64+0x2c4ba17)  /mnt/sdb/qemu/hw/virtio/virtio.c:3531
  #5 0x5604858e6b65 (./x86_64-softmmu/qemu-system-x86_64+0x322cb65)  /mnt/sdb/qemu/hw/core/qdev.c:865
  #6 0x5604861e6c41 (./x86_64-softmmu/qemu-system-x86_64+0x3b2cc41)  /mnt/sdb/qemu/qom/object.c:2102

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
Message-Id: <20200115062535.50644-1-pannengyuan@huawei.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
 include/hw/virtio/vhost-vsock.h |  2 ++
 hw/virtio/vhost-vsock.c         | 12 ++++++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/include/hw/virtio/vhost-vsock.h b/include/hw/virtio/vhost-vsock.h
index d509d67c4a..bc5a988ee5 100644
--- a/include/hw/virtio/vhost-vsock.h
+++ b/include/hw/virtio/vhost-vsock.h
@@ -33,6 +33,8 @@ typedef struct {
     struct vhost_virtqueue vhost_vqs[2];
     struct vhost_dev vhost_dev;
     VirtQueue *event_vq;
+    VirtQueue *recv_vq;
+    VirtQueue *trans_vq;
     QEMUTimer *post_load_timer;
 
     /*< public >*/
diff --git a/hw/virtio/vhost-vsock.c b/hw/virtio/vhost-vsock.c
index f5744363a8..b6cee479bb 100644
--- a/hw/virtio/vhost-vsock.c
+++ b/hw/virtio/vhost-vsock.c
@@ -335,8 +335,10 @@ static void vhost_vsock_device_realize(DeviceState *dev, Error **errp)
                 sizeof(struct virtio_vsock_config));
 
     /* Receive and transmit queues belong to vhost */
-    virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE, vhost_vsock_handle_output);
-    virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE, vhost_vsock_handle_output);
+    vsock->recv_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
+                                      vhost_vsock_handle_output);
+    vsock->trans_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
+                                       vhost_vsock_handle_output);
 
     /* The event queue belongs to QEMU */
     vsock->event_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
@@ -363,6 +365,9 @@ static void vhost_vsock_device_realize(DeviceState *dev, Error **errp)
 err_vhost_dev:
     vhost_dev_cleanup(&vsock->vhost_dev);
 err_virtio:
+    virtio_delete_queue(vsock->recv_vq);
+    virtio_delete_queue(vsock->trans_vq);
+    virtio_delete_queue(vsock->event_vq);
     virtio_cleanup(vdev);
     close(vhostfd);
     return;
@@ -379,6 +384,9 @@ static void vhost_vsock_device_unrealize(DeviceState *dev, Error **errp)
     vhost_vsock_set_status(vdev, 0);
 
     vhost_dev_cleanup(&vsock->vhost_dev);
+    virtio_delete_queue(vsock->recv_vq);
+    virtio_delete_queue(vsock->trans_vq);
+    virtio_delete_queue(vsock->event_vq);
     virtio_cleanup(vdev);
 }
 
-- 
MST



  parent reply	other threads:[~2020-01-22  6:59 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-22  6:49 [PULL v2 00/17] virtio, pc: fixes, features Michael S. Tsirkin
2020-01-22  6:49 ` [PULL v2 01/17] q35: implement 128K SMRAM at default SMBASE address Michael S. Tsirkin
2020-01-22  6:49 ` [PULL v2 02/17] tests: q35: MCH: add default SMBASE SMRAM lock test Michael S. Tsirkin
2020-01-22  6:49 ` [PULL v2 03/17] acpi: cpuhp: spec: clarify 'CPU selector' register usage and endianness Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 04/17] acpi: cpuhp: spec: fix 'Command data' description Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 05/17] acpi: cpuhp: spec: clarify store into 'Command data' when 'Command field' == 0 Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 06/17] acpi: cpuhp: introduce 'Command data 2' field Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 07/17] acpi: cpuhp: spec: add typical usecases Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 08/17] acpi: cpuhp: add CPHP_GET_CPU_ID_CMD command Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 09/17] bios-tables-test: document expected file update Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 10/17] virtio-9p-device: fix memleak in virtio_9p_device_unrealize Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 11/17] virtio-9p-device: convert to new virtio_delete_queue Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 12/17] virtio-scsi: delete vqs in unrealize to avoid memleaks Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 13/17] virtio-scsi: convert to new virtio_delete_queue Michael S. Tsirkin
2020-01-22  6:50 ` Michael S. Tsirkin [this message]
2020-01-22  6:50 ` [PULL v2 15/17] vhost: Add names to section rounded warning Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 16/17] vhost: Only align sections for vhost-user Michael S. Tsirkin
2020-01-22  6:50 ` [PULL v2 17/17] i386:acpi: Remove _HID from the SMBus ACPI entry Michael S. Tsirkin
2020-01-22  7:10 ` [PULL v2 00/17] virtio, pc: fixes, features no-reply
2020-01-22  8:07   ` Michael S. Tsirkin
2020-01-23 14:30 ` Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200122064907.512501-15-mst@redhat.com \
    --to=mst@redhat.com \
    --cc=euler.robot@huawei.com \
    --cc=pannengyuan@huawei.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=sgarzare@redhat.com \
    --cc=stefanha@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.