* [PATCH 0/2] block: Fix Transaction leaks
@ 2021-05-03 11:05 Kevin Wolf
2021-05-03 11:05 ` [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child() Kevin Wolf
` (2 more replies)
0 siblings, 3 replies; 17+ messages in thread
From: Kevin Wolf @ 2021-05-03 11:05 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, vsementsov, qemu-devel, mreitz
These are two follow-up fixes for Vladimir's "block: update graph
permissions update". The bugs were reported by Coverity.
Kevin Wolf (2):
block: Fix Transaction leak in bdrv_root_attach_child()
block: Fix Transaction leak in bdrv_reopen_multiple()
block.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 11:05 [PATCH 0/2] block: Fix Transaction leaks Kevin Wolf
@ 2021-05-03 11:05 ` Kevin Wolf
2021-05-03 11:43 ` Vladimir Sementsov-Ogievskiy
2021-05-03 11:49 ` Max Reitz
2021-05-03 11:05 ` [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple() Kevin Wolf
2021-05-04 6:56 ` [PATCH 0/2] block: Fix Transaction leaks Vladimir Sementsov-Ogievskiy
2 siblings, 2 replies; 17+ messages in thread
From: Kevin Wolf @ 2021-05-03 11:05 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, vsementsov, qemu-devel, mreitz
The error path needs to call tran_finalize(), too.
Fixes: CID 1452773
Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/block.c b/block.c
index 874c22c43e..5c0ced6238 100644
--- a/block.c
+++ b/block.c
@@ -2918,13 +2918,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
child_role, perm, shared_perm, opaque,
&child, tran, errp);
if (ret < 0) {
- bdrv_unref(child_bs);
- return NULL;
+ assert(child == NULL);
+ goto out;
}
ret = bdrv_refresh_perms(child_bs, errp);
- tran_finalize(tran, ret);
+out:
+ tran_finalize(tran, ret);
bdrv_unref(child_bs);
return child;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 11:05 [PATCH 0/2] block: Fix Transaction leaks Kevin Wolf
2021-05-03 11:05 ` [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child() Kevin Wolf
@ 2021-05-03 11:05 ` Kevin Wolf
2021-05-03 11:40 ` Vladimir Sementsov-Ogievskiy
2021-05-04 6:51 ` Vladimir Sementsov-Ogievskiy
2021-05-04 6:56 ` [PATCH 0/2] block: Fix Transaction leaks Vladimir Sementsov-Ogievskiy
2 siblings, 2 replies; 17+ messages in thread
From: Kevin Wolf @ 2021-05-03 11:05 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, vsementsov, qemu-devel, mreitz
Like other error paths, this one needs to call tran_finalize() and clean
up the BlockReopenQueue, too.
Fixes: CID 1452772
Fixes: 72373e40fbc7e4218061a8211384db362d3e7348
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block.c b/block.c
index 5c0ced6238..69615fabd1 100644
--- a/block.c
+++ b/block.c
@@ -4052,7 +4052,7 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
ret = bdrv_flush(bs_entry->state.bs);
if (ret < 0) {
error_setg_errno(errp, -ret, "Error flushing drive");
- goto cleanup;
+ goto abort;
}
}
--
2.30.2
^ permalink raw reply related [flat|nested] 17+ messages in thread
* Re: [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 11:05 ` [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple() Kevin Wolf
@ 2021-05-03 11:40 ` Vladimir Sementsov-Ogievskiy
2021-05-03 12:41 ` Kevin Wolf
2021-05-04 6:51 ` Vladimir Sementsov-Ogievskiy
1 sibling, 1 reply; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-03 11:40 UTC (permalink / raw)
To: Kevin Wolf, qemu-block; +Cc: mreitz, qemu-devel
03.05.2021 14:05, Kevin Wolf wrote:
> Like other error paths, this one needs to call tran_finalize() and clean
> up the BlockReopenQueue, too.
We don't need the "abort" loop on that path. And clean-up of BlockReopenQueue is at "cleanup:" label.
So I'd prefer Peter's suggestion (my "[PATCH 2/6] block: bdrv_reopen_multiple(): fix leak of tran object")
>
> Fixes: CID 1452772
> Fixes: 72373e40fbc7e4218061a8211384db362d3e7348
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
> block.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/block.c b/block.c
> index 5c0ced6238..69615fabd1 100644
> --- a/block.c
> +++ b/block.c
> @@ -4052,7 +4052,7 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
> ret = bdrv_flush(bs_entry->state.bs);
> if (ret < 0) {
> error_setg_errno(errp, -ret, "Error flushing drive");
> - goto cleanup;
> + goto abort;
> }
> }
>
>
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 11:05 ` [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child() Kevin Wolf
@ 2021-05-03 11:43 ` Vladimir Sementsov-Ogievskiy
2021-05-03 11:49 ` Max Reitz
1 sibling, 0 replies; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-03 11:43 UTC (permalink / raw)
To: Kevin Wolf, qemu-block; +Cc: mreitz, qemu-devel
03.05.2021 14:05, Kevin Wolf wrote:
> The error path needs to call tran_finalize(), too.
>
> Fixes: CID 1452773
> Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
> block.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/block.c b/block.c
> index 874c22c43e..5c0ced6238 100644
> --- a/block.c
> +++ b/block.c
> @@ -2918,13 +2918,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
> child_role, perm, shared_perm, opaque,
> &child, tran, errp);
> if (ret < 0) {
> - bdrv_unref(child_bs);
> - return NULL;
> + assert(child == NULL);
> + goto out;
> }
>
> ret = bdrv_refresh_perms(child_bs, errp);
> - tran_finalize(tran, ret);
>
> +out:
> + tran_finalize(tran, ret);
> bdrv_unref(child_bs);
> return child;
> }
>
I like my additional comment and assertion in "[PATCH 1/6] block: fix leak of tran in bdrv_root_attach_child", still this is OK too:
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 11:05 ` [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child() Kevin Wolf
2021-05-03 11:43 ` Vladimir Sementsov-Ogievskiy
@ 2021-05-03 11:49 ` Max Reitz
2021-05-03 11:51 ` Vladimir Sementsov-Ogievskiy
1 sibling, 1 reply; 17+ messages in thread
From: Max Reitz @ 2021-05-03 11:49 UTC (permalink / raw)
To: Kevin Wolf, qemu-block; +Cc: vsementsov, qemu-devel
On 03.05.21 13:05, Kevin Wolf wrote:
> The error path needs to call tran_finalize(), too.
>
> Fixes: CID 1452773
> Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
> block.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/block.c b/block.c
> index 874c22c43e..5c0ced6238 100644
> --- a/block.c
> +++ b/block.c
> @@ -2918,13 +2918,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
> child_role, perm, shared_perm, opaque,
> &child, tran, errp);
> if (ret < 0) {
> - bdrv_unref(child_bs);
> - return NULL;
> + assert(child == NULL);
> + goto out;
> }
>
> ret = bdrv_refresh_perms(child_bs, errp);
> - tran_finalize(tran, ret);
>
> +out:
> + tran_finalize(tran, ret);
> bdrv_unref(child_bs);
> return child;
Looks OK, so:
Reviewed-by: Max Reitz <mreitz@redhat.com>
However, the function’s description says that it will return NULL on
error. But if bdrv_refresh_perms() fails, it will still return a
non-NULL child. Is that right?
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 11:49 ` Max Reitz
@ 2021-05-03 11:51 ` Vladimir Sementsov-Ogievskiy
2021-05-03 11:53 ` Max Reitz
0 siblings, 1 reply; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-03 11:51 UTC (permalink / raw)
To: Max Reitz, Kevin Wolf, qemu-block; +Cc: qemu-devel
03.05.2021 14:49, Max Reitz wrote:
> On 03.05.21 13:05, Kevin Wolf wrote:
>> The error path needs to call tran_finalize(), too.
>>
>> Fixes: CID 1452773
>> Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
>> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>> ---
>> block.c | 7 ++++---
>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>
>> diff --git a/block.c b/block.c
>> index 874c22c43e..5c0ced6238 100644
>> --- a/block.c
>> +++ b/block.c
>> @@ -2918,13 +2918,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
>> child_role, perm, shared_perm, opaque,
>> &child, tran, errp);
>> if (ret < 0) {
>> - bdrv_unref(child_bs);
>> - return NULL;
>> + assert(child == NULL);
>> + goto out;
>> }
>> ret = bdrv_refresh_perms(child_bs, errp);
>> - tran_finalize(tran, ret);
>> +out:
>> + tran_finalize(tran, ret);
>> bdrv_unref(child_bs);
>> return child;
>
> Looks OK, so:
>
> Reviewed-by: Max Reitz <mreitz@redhat.com>
>
> However, the function’s description says that it will return NULL on error. But if bdrv_refresh_perms() fails, it will still return a non-NULL child. Is that right?
>
No, it's reset to NULL on transaction abort, so code is correct. It's not obvious, and I've added a comment and assertion in my version of this fix "[PATCH 1/6] block: fix leak of tran in bdrv_root_attach_child"
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 11:51 ` Vladimir Sementsov-Ogievskiy
@ 2021-05-03 11:53 ` Max Reitz
2021-05-03 12:14 ` Vladimir Sementsov-Ogievskiy
0 siblings, 1 reply; 17+ messages in thread
From: Max Reitz @ 2021-05-03 11:53 UTC (permalink / raw)
To: Vladimir Sementsov-Ogievskiy, Kevin Wolf, qemu-block; +Cc: qemu-devel
On 03.05.21 13:51, Vladimir Sementsov-Ogievskiy wrote:
> 03.05.2021 14:49, Max Reitz wrote:
>> On 03.05.21 13:05, Kevin Wolf wrote:
>>> The error path needs to call tran_finalize(), too.
>>>
>>> Fixes: CID 1452773
>>> Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
>>> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>>> ---
>>> block.c | 7 ++++---
>>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/block.c b/block.c
>>> index 874c22c43e..5c0ced6238 100644
>>> --- a/block.c
>>> +++ b/block.c
>>> @@ -2918,13 +2918,14 @@ BdrvChild
>>> *bdrv_root_attach_child(BlockDriverState *child_bs,
>>> child_role, perm, shared_perm,
>>> opaque,
>>> &child, tran, errp);
>>> if (ret < 0) {
>>> - bdrv_unref(child_bs);
>>> - return NULL;
>>> + assert(child == NULL);
>>> + goto out;
>>> }
>>> ret = bdrv_refresh_perms(child_bs, errp);
>>> - tran_finalize(tran, ret);
>>> +out:
>>> + tran_finalize(tran, ret);
>>> bdrv_unref(child_bs);
>>> return child;
>>
>> Looks OK, so:
>>
>> Reviewed-by: Max Reitz <mreitz@redhat.com>
>>
>> However, the function’s description says that it will return NULL on
>> error. But if bdrv_refresh_perms() fails, it will still return a
>> non-NULL child. Is that right?
>>
>
> No, it's reset to NULL on transaction abort, so code is correct. It's
> not obvious, and I've added a comment and assertion in my version of
> this fix "[PATCH 1/6] block: fix leak of tran in bdrv_root_attach_child"
The fact that the transaction keeps the pointer to this local variable
around is a bit horrifying, but well.
Max
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 11:53 ` Max Reitz
@ 2021-05-03 12:14 ` Vladimir Sementsov-Ogievskiy
2021-05-03 12:31 ` Vladimir Sementsov-Ogievskiy
0 siblings, 1 reply; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-03 12:14 UTC (permalink / raw)
To: Max Reitz, Kevin Wolf, qemu-block; +Cc: qemu-devel
03.05.2021 14:53, Max Reitz wrote:
> On 03.05.21 13:51, Vladimir Sementsov-Ogievskiy wrote:
>> 03.05.2021 14:49, Max Reitz wrote:
>>> On 03.05.21 13:05, Kevin Wolf wrote:
>>>> The error path needs to call tran_finalize(), too.
>>>>
>>>> Fixes: CID 1452773
>>>> Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
>>>> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>>>> ---
>>>> block.c | 7 ++++---
>>>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/block.c b/block.c
>>>> index 874c22c43e..5c0ced6238 100644
>>>> --- a/block.c
>>>> +++ b/block.c
>>>> @@ -2918,13 +2918,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
>>>> child_role, perm, shared_perm, opaque,
>>>> &child, tran, errp);
>>>> if (ret < 0) {
>>>> - bdrv_unref(child_bs);
>>>> - return NULL;
>>>> + assert(child == NULL);
>>>> + goto out;
>>>> }
>>>> ret = bdrv_refresh_perms(child_bs, errp);
>>>> - tran_finalize(tran, ret);
>>>> +out:
>>>> + tran_finalize(tran, ret);
>>>> bdrv_unref(child_bs);
>>>> return child;
>>>
>>> Looks OK, so:
>>>
>>> Reviewed-by: Max Reitz <mreitz@redhat.com>
>>>
>>> However, the function’s description says that it will return NULL on error. But if bdrv_refresh_perms() fails, it will still return a non-NULL child. Is that right?
>>>
>>
>> No, it's reset to NULL on transaction abort, so code is correct. It's not obvious, and I've added a comment and assertion in my version of this fix "[PATCH 1/6] block: fix leak of tran in bdrv_root_attach_child"
>
> The fact that the transaction keeps the pointer to this local variable around is a bit horrifying, but well.
>
Yes this looks overcomplicated here. But it's useful for bdrv_set_backing_noperm where we would have to add a separate entry to @tran to rollback bs->backing change. Probably, it's better to refactor this thing. Or at least document that out-pointer argument goes into transaction, and should be valid up to transaction finalization.
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child()
2021-05-03 12:14 ` Vladimir Sementsov-Ogievskiy
@ 2021-05-03 12:31 ` Vladimir Sementsov-Ogievskiy
0 siblings, 0 replies; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-03 12:31 UTC (permalink / raw)
To: Max Reitz, Kevin Wolf, qemu-block; +Cc: qemu-devel
03.05.2021 15:14, Vladimir Sementsov-Ogievskiy wrote:
> 03.05.2021 14:53, Max Reitz wrote:
>> On 03.05.21 13:51, Vladimir Sementsov-Ogievskiy wrote:
>>> 03.05.2021 14:49, Max Reitz wrote:
>>>> On 03.05.21 13:05, Kevin Wolf wrote:
>>>>> The error path needs to call tran_finalize(), too.
>>>>>
>>>>> Fixes: CID 1452773
>>>>> Fixes: 548a74c0dbc858edd1a7ee3045b5f2fe710bd8b1
>>>>> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>>>>> ---
>>>>> block.c | 7 ++++---
>>>>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>>>>
>>>>> diff --git a/block.c b/block.c
>>>>> index 874c22c43e..5c0ced6238 100644
>>>>> --- a/block.c
>>>>> +++ b/block.c
>>>>> @@ -2918,13 +2918,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
>>>>> child_role, perm, shared_perm, opaque,
>>>>> &child, tran, errp);
>>>>> if (ret < 0) {
>>>>> - bdrv_unref(child_bs);
>>>>> - return NULL;
>>>>> + assert(child == NULL);
>>>>> + goto out;
>>>>> }
>>>>> ret = bdrv_refresh_perms(child_bs, errp);
>>>>> - tran_finalize(tran, ret);
>>>>> +out:
>>>>> + tran_finalize(tran, ret);
>>>>> bdrv_unref(child_bs);
>>>>> return child;
>>>>
>>>> Looks OK, so:
>>>>
>>>> Reviewed-by: Max Reitz <mreitz@redhat.com>
>>>>
>>>> However, the function’s description says that it will return NULL on error. But if bdrv_refresh_perms() fails, it will still return a non-NULL child. Is that right?
>>>>
>>>
>>> No, it's reset to NULL on transaction abort, so code is correct. It's not obvious, and I've added a comment and assertion in my version of this fix "[PATCH 1/6] block: fix leak of tran in bdrv_root_attach_child"
>>
>> The fact that the transaction keeps the pointer to this local variable around is a bit horrifying, but well.
>>
>
> Yes this looks overcomplicated here. But it's useful for bdrv_set_backing_noperm where we would have to add a separate entry to @tran to rollback bs->backing change. Probably, it's better to refactor this thing. Or at least document that out-pointer argument goes into transaction, and should be valid up to transaction finalization.
>
>
>
documentation done:
[PATCH 7/6] block: document child argument of bdrv_attach_child_common()
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 11:40 ` Vladimir Sementsov-Ogievskiy
@ 2021-05-03 12:41 ` Kevin Wolf
2021-05-03 13:09 ` Vladimir Sementsov-Ogievskiy
0 siblings, 1 reply; 17+ messages in thread
From: Kevin Wolf @ 2021-05-03 12:41 UTC (permalink / raw)
To: Vladimir Sementsov-Ogievskiy; +Cc: qemu-devel, qemu-block, mreitz
Am 03.05.2021 um 13:40 hat Vladimir Sementsov-Ogievskiy geschrieben:
> 03.05.2021 14:05, Kevin Wolf wrote:
> > Like other error paths, this one needs to call tran_finalize() and clean
> > up the BlockReopenQueue, too.
>
> We don't need the "abort" loop on that path. And clean-up of
> BlockReopenQueue is at "cleanup:" label.
The cleanup of the BlockReopenQueue itself is there, but not of all
fields in it. Specifically, these lines are needed:
qobject_unref(bs_entry->state.explicit_options);
qobject_unref(bs_entry->state.options);
The references are taken in bdrv_reopen_queue_child() and either used in
commit or released on abort. Doing nothing with them leaks them.
> So I'd prefer Peter's suggestion (my "[PATCH 2/6] block:
> bdrv_reopen_multiple(): fix leak of tran object")
I don't like it because I think every call that doesn't end in a commit,
should jump to the abort label to make sure that everything that remains
unused because of this is correctly cleaned up.
Kevin
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 12:41 ` Kevin Wolf
@ 2021-05-03 13:09 ` Vladimir Sementsov-Ogievskiy
2021-05-03 14:33 ` Kevin Wolf
0 siblings, 1 reply; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-03 13:09 UTC (permalink / raw)
To: Kevin Wolf; +Cc: qemu-block, mreitz, qemu-devel
03.05.2021 15:41, Kevin Wolf wrote:
> Am 03.05.2021 um 13:40 hat Vladimir Sementsov-Ogievskiy geschrieben:
>> 03.05.2021 14:05, Kevin Wolf wrote:
>>> Like other error paths, this one needs to call tran_finalize() and clean
>>> up the BlockReopenQueue, too.
>>
>> We don't need the "abort" loop on that path. And clean-up of
>> BlockReopenQueue is at "cleanup:" label.
>
> The cleanup of the BlockReopenQueue itself is there, but not of all
> fields in it. Specifically, these lines are needed:
>
> qobject_unref(bs_entry->state.explicit_options);
> qobject_unref(bs_entry->state.options);
>
> The references are taken in bdrv_reopen_queue_child() and either used in
> commit or released on abort. Doing nothing with them leaks them.
Oops. Somehow I decided they are set in _prepare.
>
>> So I'd prefer Peter's suggestion (my "[PATCH 2/6] block:
>> bdrv_reopen_multiple(): fix leak of tran object")
>
> I don't like it because I think every call that doesn't end in a commit,
> should jump to the abort label to make sure that everything that remains
> unused because of this is correctly cleaned up.
>
agree now..
Still, don't we miss these two qobject_unref() calls on success path?
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 13:09 ` Vladimir Sementsov-Ogievskiy
@ 2021-05-03 14:33 ` Kevin Wolf
2021-05-04 6:52 ` Vladimir Sementsov-Ogievskiy
0 siblings, 1 reply; 17+ messages in thread
From: Kevin Wolf @ 2021-05-03 14:33 UTC (permalink / raw)
To: Vladimir Sementsov-Ogievskiy; +Cc: qemu-devel, qemu-block, mreitz
Am 03.05.2021 um 15:09 hat Vladimir Sementsov-Ogievskiy geschrieben:
> 03.05.2021 15:41, Kevin Wolf wrote:
> > Am 03.05.2021 um 13:40 hat Vladimir Sementsov-Ogievskiy geschrieben:
> > > 03.05.2021 14:05, Kevin Wolf wrote:
> > > > Like other error paths, this one needs to call tran_finalize() and clean
> > > > up the BlockReopenQueue, too.
> > >
> > > We don't need the "abort" loop on that path. And clean-up of
> > > BlockReopenQueue is at "cleanup:" label.
> >
> > The cleanup of the BlockReopenQueue itself is there, but not of all
> > fields in it. Specifically, these lines are needed:
> >
> > qobject_unref(bs_entry->state.explicit_options);
> > qobject_unref(bs_entry->state.options);
> >
> > The references are taken in bdrv_reopen_queue_child() and either used in
> > commit or released on abort. Doing nothing with them leaks them.
>
> Oops. Somehow I decided they are set in _prepare.
>
> >
> > > So I'd prefer Peter's suggestion (my "[PATCH 2/6] block:
> > > bdrv_reopen_multiple(): fix leak of tran object")
> >
> > I don't like it because I think every call that doesn't end in a commit,
> > should jump to the abort label to make sure that everything that remains
> > unused because of this is correctly cleaned up.
> >
>
>
> agree now..
>
> Still, don't we miss these two qobject_unref() calls on success path?
No, they are put to use in bdrv_reopen_commit():
qobject_unref(bs->explicit_options);
qobject_unref(bs->options);
bs->explicit_options = reopen_state->explicit_options;
bs->options = reopen_state->options;
Kevin
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 11:05 ` [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple() Kevin Wolf
2021-05-03 11:40 ` Vladimir Sementsov-Ogievskiy
@ 2021-05-04 6:51 ` Vladimir Sementsov-Ogievskiy
1 sibling, 0 replies; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-04 6:51 UTC (permalink / raw)
To: Kevin Wolf, qemu-block; +Cc: mreitz, qemu-devel
03.05.2021 14:05, Kevin Wolf wrote:
> Like other error paths, this one needs to call tran_finalize() and clean
> up the BlockReopenQueue, too.
>
> Fixes: CID 1452772
> Fixes: 72373e40fbc7e4218061a8211384db362d3e7348
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
> block.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/block.c b/block.c
> index 5c0ced6238..69615fabd1 100644
> --- a/block.c
> +++ b/block.c
> @@ -4052,7 +4052,7 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
> ret = bdrv_flush(bs_entry->state.bs);
> if (ret < 0) {
> error_setg_errno(errp, -ret, "Error flushing drive");
> - goto cleanup;
> + goto abort;
> }
> }
>
>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple()
2021-05-03 14:33 ` Kevin Wolf
@ 2021-05-04 6:52 ` Vladimir Sementsov-Ogievskiy
0 siblings, 0 replies; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-04 6:52 UTC (permalink / raw)
To: Kevin Wolf; +Cc: qemu-block, mreitz, qemu-devel
03.05.2021 17:33, Kevin Wolf wrote:
> Am 03.05.2021 um 15:09 hat Vladimir Sementsov-Ogievskiy geschrieben:
>> 03.05.2021 15:41, Kevin Wolf wrote:
>>> Am 03.05.2021 um 13:40 hat Vladimir Sementsov-Ogievskiy geschrieben:
>>>> 03.05.2021 14:05, Kevin Wolf wrote:
>>>>> Like other error paths, this one needs to call tran_finalize() and clean
>>>>> up the BlockReopenQueue, too.
>>>>
>>>> We don't need the "abort" loop on that path. And clean-up of
>>>> BlockReopenQueue is at "cleanup:" label.
>>>
>>> The cleanup of the BlockReopenQueue itself is there, but not of all
>>> fields in it. Specifically, these lines are needed:
>>>
>>> qobject_unref(bs_entry->state.explicit_options);
>>> qobject_unref(bs_entry->state.options);
>>>
>>> The references are taken in bdrv_reopen_queue_child() and either used in
>>> commit or released on abort. Doing nothing with them leaks them.
>>
>> Oops. Somehow I decided they are set in _prepare.
>>
>>>
>>>> So I'd prefer Peter's suggestion (my "[PATCH 2/6] block:
>>>> bdrv_reopen_multiple(): fix leak of tran object")
>>>
>>> I don't like it because I think every call that doesn't end in a commit,
>>> should jump to the abort label to make sure that everything that remains
>>> unused because of this is correctly cleaned up.
>>>
>>
>>
>> agree now..
>>
>> Still, don't we miss these two qobject_unref() calls on success path?
>
> No, they are put to use in bdrv_reopen_commit():
>
> qobject_unref(bs->explicit_options);
> qobject_unref(bs->options);
>
> bs->explicit_options = reopen_state->explicit_options;
> bs->options = reopen_state->options;
>
> Kevin
>
OK then. I should have checked myself :\
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 0/2] block: Fix Transaction leaks
2021-05-03 11:05 [PATCH 0/2] block: Fix Transaction leaks Kevin Wolf
2021-05-03 11:05 ` [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child() Kevin Wolf
2021-05-03 11:05 ` [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple() Kevin Wolf
@ 2021-05-04 6:56 ` Vladimir Sementsov-Ogievskiy
2021-05-05 10:25 ` Kevin Wolf
2 siblings, 1 reply; 17+ messages in thread
From: Vladimir Sementsov-Ogievskiy @ 2021-05-04 6:56 UTC (permalink / raw)
To: Kevin Wolf, qemu-block; +Cc: mreitz, qemu-devel
03.05.2021 14:05, Kevin Wolf wrote:
> These are two follow-up fixes for Vladimir's "block: update graph
> permissions update". The bugs were reported by Coverity.
>
> Kevin Wolf (2):
> block: Fix Transaction leak in bdrv_root_attach_child()
> block: Fix Transaction leak in bdrv_reopen_multiple()
>
> block.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
I'll rebase my "[PATCH 0/6] block permission updated follow-up" on top of this.
--
Best regards,
Vladimir
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH 0/2] block: Fix Transaction leaks
2021-05-04 6:56 ` [PATCH 0/2] block: Fix Transaction leaks Vladimir Sementsov-Ogievskiy
@ 2021-05-05 10:25 ` Kevin Wolf
0 siblings, 0 replies; 17+ messages in thread
From: Kevin Wolf @ 2021-05-05 10:25 UTC (permalink / raw)
To: Vladimir Sementsov-Ogievskiy; +Cc: qemu-devel, qemu-block, mreitz
Am 04.05.2021 um 08:56 hat Vladimir Sementsov-Ogievskiy geschrieben:
> 03.05.2021 14:05, Kevin Wolf wrote:
> > These are two follow-up fixes for Vladimir's "block: update graph
> > permissions update". The bugs were reported by Coverity.
> >
> > Kevin Wolf (2):
> > block: Fix Transaction leak in bdrv_root_attach_child()
> > block: Fix Transaction leak in bdrv_reopen_multiple()
> >
> > block.c | 9 +++++----
> > 1 file changed, 5 insertions(+), 4 deletions(-)
>
> I'll rebase my "[PATCH 0/6] block permission updated follow-up" on top
> of this.
Ok, thanks. I've applied this to my block branch now.
Kevin
^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2021-05-05 10:26 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-03 11:05 [PATCH 0/2] block: Fix Transaction leaks Kevin Wolf
2021-05-03 11:05 ` [PATCH 1/2] block: Fix Transaction leak in bdrv_root_attach_child() Kevin Wolf
2021-05-03 11:43 ` Vladimir Sementsov-Ogievskiy
2021-05-03 11:49 ` Max Reitz
2021-05-03 11:51 ` Vladimir Sementsov-Ogievskiy
2021-05-03 11:53 ` Max Reitz
2021-05-03 12:14 ` Vladimir Sementsov-Ogievskiy
2021-05-03 12:31 ` Vladimir Sementsov-Ogievskiy
2021-05-03 11:05 ` [PATCH 2/2] block: Fix Transaction leak in bdrv_reopen_multiple() Kevin Wolf
2021-05-03 11:40 ` Vladimir Sementsov-Ogievskiy
2021-05-03 12:41 ` Kevin Wolf
2021-05-03 13:09 ` Vladimir Sementsov-Ogievskiy
2021-05-03 14:33 ` Kevin Wolf
2021-05-04 6:52 ` Vladimir Sementsov-Ogievskiy
2021-05-04 6:51 ` Vladimir Sementsov-Ogievskiy
2021-05-04 6:56 ` [PATCH 0/2] block: Fix Transaction leaks Vladimir Sementsov-Ogievskiy
2021-05-05 10:25 ` Kevin Wolf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.