* [PATCH] qom-qmp-cmds: remove unnecessary alloc in qmp_object_add to fix memleak
@ 2020-03-13 7:58 Pan Nengyuan
2020-03-17 10:49 ` Markus Armbruster
0 siblings, 1 reply; 4+ messages in thread
From: Pan Nengyuan @ 2020-03-13 7:58 UTC (permalink / raw)
To: pbonzini, berrange, ehabkost
Cc: Kevin Wolf, zhang.zhanghailiang, Pan Nengyuan, qemu-devel, euler.robot
In qmp_object_add(), user_creatable_add_type() may set errp with some error message and
return NULL. In this case, qmp_object_add() still alloc memory to *ret_data which return
to the caller and causes a memory leak.
This patch do this alloc() action only if obj is not NULL to fix it. And initialize ret_data
in xen-block to avoid a possible uninitialized error.
The Leak stack:
Direct leak of 4120 byte(s) in 1 object(s) allocated from:
#0 0x7f6106ce5970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
#1 0x7f6105e6a49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
#2 0x55d2c58c17fd in qdict_new /mnt/sdb/qemu-new/qemu_test/qemu/qobject/qdict.c:29
#3 0x55d2c53a0051 in qmp_object_add /mnt/sdb/qemu-new/qemu_test/qemu/qom/qom-qmp-cmds.c:291
#4 0x55d2c57b47da in do_qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/qapi/qmp-dispatch.c:132
#5 0x55d2c57b47da in qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/qapi/qmp-dispatch.c:175
#6 0x55d2c52f1430 in monitor_qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/monitor/qmp.c:145
#7 0x55d2c52f3087 in monitor_qmp_bh_dispatcher /mnt/sdb/qemu-new/qemu_test/qemu/monitor/qmp.c:234
#8 0x55d2c58e6153 in aio_bh_call /mnt/sdb/qemu-new/qemu_test/qemu/util/async.c:136
Fixes: 5f07c4d60d091320186e7b0edaf9ed2cc16b2d1e
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
---
Cc: Kevin Wolf <kwolf@redhat.com>
---
hw/block/xen-block.c | 2 +-
qom/qom-qmp-cmds.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/block/xen-block.c b/hw/block/xen-block.c
index 3885464513..041866b846 100644
--- a/hw/block/xen-block.c
+++ b/hw/block/xen-block.c
@@ -860,7 +860,7 @@ static XenBlockIOThread *xen_block_iothread_create(const char *id,
XenBlockIOThread *iothread = g_new(XenBlockIOThread, 1);
Error *local_err = NULL;
QDict *opts;
- QObject *ret_data;
+ QObject *ret_data = NULL;
iothread->id = g_strdup(id);
diff --git a/qom/qom-qmp-cmds.c b/qom/qom-qmp-cmds.c
index 435193b036..6bd137ccbf 100644
--- a/qom/qom-qmp-cmds.c
+++ b/qom/qom-qmp-cmds.c
@@ -287,8 +287,8 @@ void qmp_object_add(QDict *qdict, QObject **ret_data, Error **errp)
visit_free(v);
if (obj) {
object_unref(obj);
+ *ret_data = QOBJECT(qdict_new());
}
- *ret_data = QOBJECT(qdict_new());
}
void qmp_object_del(const char *id, Error **errp)
--
2.18.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] qom-qmp-cmds: remove unnecessary alloc in qmp_object_add to fix memleak
2020-03-13 7:58 [PATCH] qom-qmp-cmds: remove unnecessary alloc in qmp_object_add to fix memleak Pan Nengyuan
@ 2020-03-17 10:49 ` Markus Armbruster
2020-04-06 6:34 ` Markus Armbruster
0 siblings, 1 reply; 4+ messages in thread
From: Markus Armbruster @ 2020-03-17 10:49 UTC (permalink / raw)
To: Pan Nengyuan
Cc: Kevin Wolf, berrange, ehabkost, qemu-devel, euler.robot,
pbonzini, zhang.zhanghailiang
Pan Nengyuan <pannengyuan@huawei.com> writes:
> In qmp_object_add(), user_creatable_add_type() may set errp with some error message and
> return NULL. In this case, qmp_object_add() still alloc memory to *ret_data which return
> to the caller and causes a memory leak.
>
> This patch do this alloc() action only if obj is not NULL to fix it. And initialize ret_data
> in xen-block to avoid a possible uninitialized error.
>
> The Leak stack:
> Direct leak of 4120 byte(s) in 1 object(s) allocated from:
> #0 0x7f6106ce5970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
> #1 0x7f6105e6a49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
> #2 0x55d2c58c17fd in qdict_new /mnt/sdb/qemu-new/qemu_test/qemu/qobject/qdict.c:29
> #3 0x55d2c53a0051 in qmp_object_add /mnt/sdb/qemu-new/qemu_test/qemu/qom/qom-qmp-cmds.c:291
> #4 0x55d2c57b47da in do_qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/qapi/qmp-dispatch.c:132
> #5 0x55d2c57b47da in qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/qapi/qmp-dispatch.c:175
> #6 0x55d2c52f1430 in monitor_qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/monitor/qmp.c:145
> #7 0x55d2c52f3087 in monitor_qmp_bh_dispatcher /mnt/sdb/qemu-new/qemu_test/qemu/monitor/qmp.c:234
> #8 0x55d2c58e6153 in aio_bh_call /mnt/sdb/qemu-new/qemu_test/qemu/util/async.c:136
>
> Fixes: 5f07c4d60d091320186e7b0edaf9ed2cc16b2d1e
> Reported-by: Euler Robot <euler.robot@huawei.com>
> Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] qom-qmp-cmds: remove unnecessary alloc in qmp_object_add to fix memleak
2020-03-17 10:49 ` Markus Armbruster
@ 2020-04-06 6:34 ` Markus Armbruster
2020-04-06 9:46 ` Paolo Bonzini
0 siblings, 1 reply; 4+ messages in thread
From: Markus Armbruster @ 2020-04-06 6:34 UTC (permalink / raw)
To: pbonzini
Cc: Kevin Wolf, berrange, ehabkost, Pan Nengyuan, qemu-devel,
euler.robot, zhang.zhanghailiang
Paolo, looks like this has fallen through the cracks. If you'd prefer
me to take it, let me know.
Markus Armbruster <armbru@redhat.com> writes:
> Pan Nengyuan <pannengyuan@huawei.com> writes:
>
>> In qmp_object_add(), user_creatable_add_type() may set errp with some error message and
>> return NULL. In this case, qmp_object_add() still alloc memory to *ret_data which return
>> to the caller and causes a memory leak.
>>
>> This patch do this alloc() action only if obj is not NULL to fix it. And initialize ret_data
>> in xen-block to avoid a possible uninitialized error.
>>
>> The Leak stack:
>> Direct leak of 4120 byte(s) in 1 object(s) allocated from:
>> #0 0x7f6106ce5970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
>> #1 0x7f6105e6a49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
>> #2 0x55d2c58c17fd in qdict_new /mnt/sdb/qemu-new/qemu_test/qemu/qobject/qdict.c:29
>> #3 0x55d2c53a0051 in qmp_object_add /mnt/sdb/qemu-new/qemu_test/qemu/qom/qom-qmp-cmds.c:291
>> #4 0x55d2c57b47da in do_qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/qapi/qmp-dispatch.c:132
>> #5 0x55d2c57b47da in qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/qapi/qmp-dispatch.c:175
>> #6 0x55d2c52f1430 in monitor_qmp_dispatch /mnt/sdb/qemu-new/qemu_test/qemu/monitor/qmp.c:145
>> #7 0x55d2c52f3087 in monitor_qmp_bh_dispatcher /mnt/sdb/qemu-new/qemu_test/qemu/monitor/qmp.c:234
>> #8 0x55d2c58e6153 in aio_bh_call /mnt/sdb/qemu-new/qemu_test/qemu/util/async.c:136
>>
>> Fixes: 5f07c4d60d091320186e7b0edaf9ed2cc16b2d1e
>> Reported-by: Euler Robot <euler.robot@huawei.com>
>> Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
>
> Reviewed-by: Markus Armbruster <armbru@redhat.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] qom-qmp-cmds: remove unnecessary alloc in qmp_object_add to fix memleak
2020-04-06 6:34 ` Markus Armbruster
@ 2020-04-06 9:46 ` Paolo Bonzini
0 siblings, 0 replies; 4+ messages in thread
From: Paolo Bonzini @ 2020-04-06 9:46 UTC (permalink / raw)
To: Markus Armbruster
Cc: Kevin Wolf, berrange, ehabkost, Pan Nengyuan, qemu-devel,
euler.robot, zhang.zhanghailiang
On 06/04/20 08:34, Markus Armbruster wrote:
> Paolo, looks like this has fallen through the cracks. If you'd prefer
> me to take it, let me know.
>
> Markus Armbruster <armbru@redhat.com> writes:
Actually it was in my latest pull request, but between this version,
Marc-André and mine you might have missed it:
commit 7f5d9b206d1e86425faa5b84b551068bf044b823
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Thu Mar 26 10:41:21 2020 +0100
object-add: don't create return value if failed
No need to return an empty value from object-add (it would also leak
if the command failed). While at it, remove the "if" around object_unref
since object_unref handles NULL arguments just fine.
Reported-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20200325184723.2029630-4-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thanks,
Paolo
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-04-06 10:02 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-13 7:58 [PATCH] qom-qmp-cmds: remove unnecessary alloc in qmp_object_add to fix memleak Pan Nengyuan
2020-03-17 10:49 ` Markus Armbruster
2020-04-06 6:34 ` Markus Armbruster
2020-04-06 9:46 ` Paolo Bonzini
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).