* [PATCH 1/2] block/rbd: fix memory leak in qemu_rbd_connect()
2021-03-29 15:01 [PATCH 0/2] block/rbd: fix memory leaks Stefano Garzarella
@ 2021-03-29 15:01 ` Stefano Garzarella
2021-04-06 8:22 ` Markus Armbruster
2021-03-29 15:01 ` [PATCH 2/2] block/rbd: fix memory leak in qemu_rbd_co_create_opts() Stefano Garzarella
` (2 subsequent siblings)
3 siblings, 1 reply; 10+ messages in thread
From: Stefano Garzarella @ 2021-03-29 15:01 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, qemu-block, Peter Lieven, Max Reitz,
Florian Florensa, Jason Dillaman
In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host()
using g_strjoinv(), but it's only freed in the error path, leaking
memory in the success path as reported by valgrind:
80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516
at 0x4839809: malloc (vg_replace_malloc.c:307)
by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x87D07E: qemu_rbd_mon_host (rbd.c:538)
by 0x87D07E: qemu_rbd_connect (rbd.c:562)
by 0x87E1CE: qemu_rbd_open (rbd.c:740)
by 0x840EB1: bdrv_open_driver (block.c:1528)
by 0x8453A9: bdrv_open_common (block.c:1802)
by 0x8453A9: bdrv_open_inherit (block.c:3444)
by 0x8464C2: bdrv_open (block.c:3537)
by 0x8108CD: qmp_blockdev_add (blockdev.c:3569)
by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086)
by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131)
by 0x907EA4: aio_bh_poll (async.c:164)
Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
---
block/rbd.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/block/rbd.c b/block/rbd.c
index 9071a00e3f..24cefcd0dc 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -563,13 +563,13 @@ static int qemu_rbd_connect(rados_t *cluster, rados_ioctx_t *io_ctx,
if (local_err) {
error_propagate(errp, local_err);
r = -EINVAL;
- goto failed_opts;
+ goto out;
}
r = rados_create(cluster, opts->user);
if (r < 0) {
error_setg_errno(errp, -r, "error initializing");
- goto failed_opts;
+ goto out;
}
/* try default location when conf=NULL, but ignore failure */
@@ -626,11 +626,12 @@ static int qemu_rbd_connect(rados_t *cluster, rados_ioctx_t *io_ctx,
*/
rados_ioctx_set_namespace(*io_ctx, opts->q_namespace);
- return 0;
+ r = 0;
+ goto out;
failed_shutdown:
rados_shutdown(*cluster);
-failed_opts:
+out:
g_free(mon_host);
return r;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH 1/2] block/rbd: fix memory leak in qemu_rbd_connect()
2021-03-29 15:01 ` [PATCH 1/2] block/rbd: fix memory leak in qemu_rbd_connect() Stefano Garzarella
@ 2021-04-06 8:22 ` Markus Armbruster
2021-04-08 7:49 ` Stefano Garzarella
0 siblings, 1 reply; 10+ messages in thread
From: Markus Armbruster @ 2021-04-06 8:22 UTC (permalink / raw)
To: Stefano Garzarella
Cc: Kevin Wolf, qemu-block, Peter Lieven, qemu-devel, Max Reitz,
Florian Florensa, Jason Dillaman
Stefano Garzarella <sgarzare@redhat.com> writes:
> In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host()
> using g_strjoinv(), but it's only freed in the error path, leaking
> memory in the success path as reported by valgrind:
>
> 80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516
> at 0x4839809: malloc (vg_replace_malloc.c:307)
> by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
> by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8)
> by 0x87D07E: qemu_rbd_mon_host (rbd.c:538)
> by 0x87D07E: qemu_rbd_connect (rbd.c:562)
> by 0x87E1CE: qemu_rbd_open (rbd.c:740)
> by 0x840EB1: bdrv_open_driver (block.c:1528)
> by 0x8453A9: bdrv_open_common (block.c:1802)
> by 0x8453A9: bdrv_open_inherit (block.c:3444)
> by 0x8464C2: bdrv_open (block.c:3537)
> by 0x8108CD: qmp_blockdev_add (blockdev.c:3569)
> by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086)
> by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131)
> by 0x907EA4: aio_bh_poll (async.c:164)
>
> Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly.
>
> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
I believe this
Fixes: 0a55679b4a5061f4d74bdb1a0e81611ba3390b00
Reviewed-by: Markus Armbruster <armbru@redhat.com>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 1/2] block/rbd: fix memory leak in qemu_rbd_connect()
2021-04-06 8:22 ` Markus Armbruster
@ 2021-04-08 7:49 ` Stefano Garzarella
0 siblings, 0 replies; 10+ messages in thread
From: Stefano Garzarella @ 2021-04-08 7:49 UTC (permalink / raw)
To: Markus Armbruster
Cc: Kevin Wolf, qemu-block, Peter Lieven, qemu-devel, Max Reitz,
Florian Florensa, Jason Dillaman
On Tue, Apr 06, 2021 at 10:22:30AM +0200, Markus Armbruster wrote:
>Stefano Garzarella <sgarzare@redhat.com> writes:
>
>> In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host()
>> using g_strjoinv(), but it's only freed in the error path, leaking
>> memory in the success path as reported by valgrind:
>>
>> 80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516
>> at 0x4839809: malloc (vg_replace_malloc.c:307)
>> by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
>> by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8)
>> by 0x87D07E: qemu_rbd_mon_host (rbd.c:538)
>> by 0x87D07E: qemu_rbd_connect (rbd.c:562)
>> by 0x87E1CE: qemu_rbd_open (rbd.c:740)
>> by 0x840EB1: bdrv_open_driver (block.c:1528)
>> by 0x8453A9: bdrv_open_common (block.c:1802)
>> by 0x8453A9: bdrv_open_inherit (block.c:3444)
>> by 0x8464C2: bdrv_open (block.c:3537)
>> by 0x8108CD: qmp_blockdev_add (blockdev.c:3569)
>> by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086)
>> by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131)
>> by 0x907EA4: aio_bh_poll (async.c:164)
>>
>> Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly.
>>
>> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
>
>I believe this
>Fixes: 0a55679b4a5061f4d74bdb1a0e81611ba3390b00
Yep :-)
>
>Reviewed-by: Markus Armbruster <armbru@redhat.com>
>
Thanks,
Stefano
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 2/2] block/rbd: fix memory leak in qemu_rbd_co_create_opts()
2021-03-29 15:01 [PATCH 0/2] block/rbd: fix memory leaks Stefano Garzarella
2021-03-29 15:01 ` [PATCH 1/2] block/rbd: fix memory leak in qemu_rbd_connect() Stefano Garzarella
@ 2021-03-29 15:01 ` Stefano Garzarella
2021-04-06 8:23 ` Markus Armbruster
2021-04-06 17:06 ` [PATCH 0/2] block/rbd: fix memory leaks Max Reitz
2021-04-07 13:31 ` Kevin Wolf
3 siblings, 1 reply; 10+ messages in thread
From: Stefano Garzarella @ 2021-03-29 15:01 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, qemu-block, Peter Lieven, Max Reitz,
Florian Florensa, Jason Dillaman
When we allocate 'q_namespace', we forgot to set 'has_q_namespace'
to true. This can cause several issues, including a memory leak,
since qapi_free_BlockdevCreateOptions() does not deallocate that
memory, as reported by valgrind:
13 bytes in 1 blocks are definitely lost in loss record 7 of 96
at 0x4839809: malloc (vg_replace_malloc.c:307)
by 0x48CEBB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x48E3FE3: g_strdup (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x180010: qemu_rbd_co_create_opts (rbd.c:446)
by 0x1AE72C: bdrv_create_co_entry (block.c:492)
by 0x241902: coroutine_trampoline (coroutine-ucontext.c:173)
by 0x57530AF: ??? (in /usr/lib64/libc-2.32.so)
by 0x1FFEFFFA6F: ???
Fix setting 'has_q_namespace' to true when we allocate 'q_namespace'.
Fixes: 19ae9ae014 ("block/rbd: Add support for ceph namespaces")
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
---
block/rbd.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/rbd.c b/block/rbd.c
index 24cefcd0dc..f098a89c7b 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -444,6 +444,7 @@ static int coroutine_fn qemu_rbd_co_create_opts(BlockDriver *drv,
loc->user = g_strdup(qdict_get_try_str(options, "user"));
loc->has_user = !!loc->user;
loc->q_namespace = g_strdup(qdict_get_try_str(options, "namespace"));
+ loc->has_q_namespace = !!loc->q_namespace;
loc->image = g_strdup(qdict_get_try_str(options, "image"));
keypairs = qdict_get_try_str(options, "=keyvalue-pairs");
--
2.30.2
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH 2/2] block/rbd: fix memory leak in qemu_rbd_co_create_opts()
2021-03-29 15:01 ` [PATCH 2/2] block/rbd: fix memory leak in qemu_rbd_co_create_opts() Stefano Garzarella
@ 2021-04-06 8:23 ` Markus Armbruster
0 siblings, 0 replies; 10+ messages in thread
From: Markus Armbruster @ 2021-04-06 8:23 UTC (permalink / raw)
To: Stefano Garzarella
Cc: Kevin Wolf, qemu-block, Peter Lieven, qemu-devel, Max Reitz,
Florian Florensa, Jason Dillaman
Stefano Garzarella <sgarzare@redhat.com> writes:
> When we allocate 'q_namespace', we forgot to set 'has_q_namespace'
> to true. This can cause several issues, including a memory leak,
> since qapi_free_BlockdevCreateOptions() does not deallocate that
> memory, as reported by valgrind:
>
> 13 bytes in 1 blocks are definitely lost in loss record 7 of 96
> at 0x4839809: malloc (vg_replace_malloc.c:307)
> by 0x48CEBB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
> by 0x48E3FE3: g_strdup (in /usr/lib64/libglib-2.0.so.0.6600.8)
> by 0x180010: qemu_rbd_co_create_opts (rbd.c:446)
> by 0x1AE72C: bdrv_create_co_entry (block.c:492)
> by 0x241902: coroutine_trampoline (coroutine-ucontext.c:173)
> by 0x57530AF: ??? (in /usr/lib64/libc-2.32.so)
> by 0x1FFEFFFA6F: ???
>
> Fix setting 'has_q_namespace' to true when we allocate 'q_namespace'.
>
> Fixes: 19ae9ae014 ("block/rbd: Add support for ceph namespaces")
> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
> ---
> block/rbd.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/block/rbd.c b/block/rbd.c
> index 24cefcd0dc..f098a89c7b 100644
> --- a/block/rbd.c
> +++ b/block/rbd.c
> @@ -444,6 +444,7 @@ static int coroutine_fn qemu_rbd_co_create_opts(BlockDriver *drv,
> loc->user = g_strdup(qdict_get_try_str(options, "user"));
> loc->has_user = !!loc->user;
> loc->q_namespace = g_strdup(qdict_get_try_str(options, "namespace"));
> + loc->has_q_namespace = !!loc->q_namespace;
> loc->image = g_strdup(qdict_get_try_str(options, "image"));
> keypairs = qdict_get_try_str(options, "=keyvalue-pairs");
Reviewed-by: Markus Armbruster <armbru@redhat.com>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 0/2] block/rbd: fix memory leaks
2021-03-29 15:01 [PATCH 0/2] block/rbd: fix memory leaks Stefano Garzarella
2021-03-29 15:01 ` [PATCH 1/2] block/rbd: fix memory leak in qemu_rbd_connect() Stefano Garzarella
2021-03-29 15:01 ` [PATCH 2/2] block/rbd: fix memory leak in qemu_rbd_co_create_opts() Stefano Garzarella
@ 2021-04-06 17:06 ` Max Reitz
2021-04-07 9:38 ` Markus Armbruster
2021-04-07 13:31 ` Kevin Wolf
3 siblings, 1 reply; 10+ messages in thread
From: Max Reitz @ 2021-04-06 17:06 UTC (permalink / raw)
To: Stefano Garzarella, qemu-devel
Cc: Kevin Wolf, Jason Dillaman, Florian Florensa, Peter Lieven, qemu-block
On 29.03.21 17:01, Stefano Garzarella wrote:
> This series fixes two memory leaks, found through valgrind, in the
> rbd driver.
>
> Stefano Garzarella (2):
> block/rbd: fix memory leak in qemu_rbd_connect()
> block/rbd: fix memory leak in qemu_rbd_co_create_opts()
>
> block/rbd.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
Reviewed-by: Max Reitz <mreitz@redhat.com>
I’m not quite sure whether this is fit for 6.0... I think it’s too late
for rc2, so I don’t know.
Max
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 0/2] block/rbd: fix memory leaks
2021-04-06 17:06 ` [PATCH 0/2] block/rbd: fix memory leaks Max Reitz
@ 2021-04-07 9:38 ` Markus Armbruster
2021-04-08 7:54 ` Stefano Garzarella
0 siblings, 1 reply; 10+ messages in thread
From: Markus Armbruster @ 2021-04-07 9:38 UTC (permalink / raw)
To: Max Reitz
Cc: Kevin Wolf, qemu-block, Peter Lieven, qemu-devel,
Florian Florensa, Jason Dillaman, Stefano Garzarella
Max Reitz <mreitz@redhat.com> writes:
> On 29.03.21 17:01, Stefano Garzarella wrote:
>> This series fixes two memory leaks, found through valgrind, in the
>> rbd driver.
>> Stefano Garzarella (2):
>> block/rbd: fix memory leak in qemu_rbd_connect()
>> block/rbd: fix memory leak in qemu_rbd_co_create_opts()
>> block/rbd.c | 10 ++++++----
>> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> Reviewed-by: Max Reitz <mreitz@redhat.com>
>
> I’m not quite sure whether this is fit for 6.0... I think it’s too
> late for rc2, so I don’t know.
This the maintainers' call to make.
* PATCH 1:
CON: Old bug, probably 2.9, i.e. four years
PRO: The fix is straightforward
* PATCH 2:
NEUTRAL: Not recent from upstream's point of view (5.0), but
downstreams may have different ideas
PRO: The fix is trivial
I encourage you to take at least PATCH 2.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 0/2] block/rbd: fix memory leaks
2021-04-07 9:38 ` Markus Armbruster
@ 2021-04-08 7:54 ` Stefano Garzarella
0 siblings, 0 replies; 10+ messages in thread
From: Stefano Garzarella @ 2021-04-08 7:54 UTC (permalink / raw)
To: Markus Armbruster, Max Reitz
Cc: Kevin Wolf, qemu-block, Peter Lieven, qemu-devel,
Florian Florensa, Jason Dillaman
On Wed, Apr 07, 2021 at 11:38:17AM +0200, Markus Armbruster wrote:
>Max Reitz <mreitz@redhat.com> writes:
>
>> On 29.03.21 17:01, Stefano Garzarella wrote:
>>> This series fixes two memory leaks, found through valgrind, in the
>>> rbd driver.
>>> Stefano Garzarella (2):
>>> block/rbd: fix memory leak in qemu_rbd_connect()
>>> block/rbd: fix memory leak in qemu_rbd_co_create_opts()
>>> block/rbd.c | 10 ++++++----
>>> 1 file changed, 6 insertions(+), 4 deletions(-)
>>
>> Reviewed-by: Max Reitz <mreitz@redhat.com>
>>
>> I’m not quite sure whether this is fit for 6.0... I think it’s too
>> late for rc2, so I don’t know.
>
>This the maintainers' call to make.
>
>* PATCH 1:
>
> CON: Old bug, probably 2.9, i.e. four years
>
> PRO: The fix is straightforward
>
>* PATCH 2:
>
> NEUTRAL: Not recent from upstream's point of view (5.0), but
> downstreams may have different ideas
>
> PRO: The fix is trivial
>
>I encourage you to take at least PATCH 2.
>
Kevin queued them up, thank you both for the review,
Stefano
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 0/2] block/rbd: fix memory leaks
2021-03-29 15:01 [PATCH 0/2] block/rbd: fix memory leaks Stefano Garzarella
` (2 preceding siblings ...)
2021-04-06 17:06 ` [PATCH 0/2] block/rbd: fix memory leaks Max Reitz
@ 2021-04-07 13:31 ` Kevin Wolf
3 siblings, 0 replies; 10+ messages in thread
From: Kevin Wolf @ 2021-04-07 13:31 UTC (permalink / raw)
To: Stefano Garzarella
Cc: qemu-block, Peter Lieven, qemu-devel, Max Reitz,
Florian Florensa, Jason Dillaman
Am 29.03.2021 um 17:01 hat Stefano Garzarella geschrieben:
> This series fixes two memory leaks, found through valgrind, in the
> rbd driver.
Thanks, applied to the block branch.
Kevin
^ permalink raw reply [flat|nested] 10+ messages in thread