From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3523AFD2D9A for ; Tue, 10 Mar 2026 13:56:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vzxZ8-0004Nb-F2; Tue, 10 Mar 2026 09:56:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vzxZ7-0004Lk-B1 for qemu-devel@nongnu.org; Tue, 10 Mar 2026 09:56:05 -0400 Received: from smtp-out2.suse.de ([2a07:de40:b251:101:10:150:64:2]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1vzxZ5-0007IB-Ei for qemu-devel@nongnu.org; Tue, 10 Mar 2026 09:56:04 -0400 Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 4CA2B5BCFA; Tue, 10 Mar 2026 13:55:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1773150956; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DmfqD+CjYaWR5u8OS0WK+iVjiQ5Ccs2oRNKISuk9+Mc=; b=R4f9NgybnKMjW2ci1BzwpkJwpV8bowYmUtKzOz3h4SnTXBJTqxwPMj8Z9mdGBnAQ2eRND7 2GDSVeXpQeo+iqH6xRM+NO+fypZQNol7TfOGAPZ079ets3OsyWvGTGq2j9h8Opb4cadSBo LbE+PChZXpyDDDBRXLRD2aUblwLR9zk= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1773150956; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DmfqD+CjYaWR5u8OS0WK+iVjiQ5Ccs2oRNKISuk9+Mc=; b=6Zr0fZYT96F4VicIb90z/NgUzUBKyK2OTKDu1XnmQ4bXH8pziTQUiyoQW75qv3x26GUf5s Ze7/f8UIqJmHtbBQ== Authentication-Results: smtp-out2.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b=R4f9Ngyb; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=6Zr0fZYT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1773150956; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DmfqD+CjYaWR5u8OS0WK+iVjiQ5Ccs2oRNKISuk9+Mc=; b=R4f9NgybnKMjW2ci1BzwpkJwpV8bowYmUtKzOz3h4SnTXBJTqxwPMj8Z9mdGBnAQ2eRND7 2GDSVeXpQeo+iqH6xRM+NO+fypZQNol7TfOGAPZ079ets3OsyWvGTGq2j9h8Opb4cadSBo LbE+PChZXpyDDDBRXLRD2aUblwLR9zk= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1773150956; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DmfqD+CjYaWR5u8OS0WK+iVjiQ5Ccs2oRNKISuk9+Mc=; b=6Zr0fZYT96F4VicIb90z/NgUzUBKyK2OTKDu1XnmQ4bXH8pziTQUiyoQW75qv3x26GUf5s Ze7/f8UIqJmHtbBQ== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 8ADBC3F4B3; Tue, 10 Mar 2026 13:55:54 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id KElSFOoisGnFcQAAD6G6ig (envelope-from ); Tue, 10 Mar 2026 13:55:54 +0000 From: Fabiano Rosas To: qemu-devel@nongnu.org Cc: Peter Maydell , Peter Xu , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Subject: [PATCH 6/8] io: Fix TLS bye task leak Date: Tue, 10 Mar 2026 10:55:38 -0300 Message-ID: <20260310135540.8679-6-farosas@suse.de> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260310135540.8679-1-farosas@suse.de> References: <20260310135540.8679-1-farosas@suse.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spamd-Result: default: False [-3.01 / 50.00]; BAYES_HAM(-3.00)[99.99%]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_MISSING_CHARSET(0.50)[]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:mid,suse.de:dkim,suse.de:email,imap1.dmz-prg2.suse.org:helo,imap1.dmz-prg2.suse.org:rdns]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; FUZZY_RATELIMITED(0.00)[rspamd.com]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[suse.de:+] X-Rspamd-Action: no action X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Rspamd-Queue-Id: 4CA2B5BCFA Received-SPF: pass client-ip=2a07:de40:b251:101:10:150:64:2; envelope-from=farosas@suse.de; helo=smtp-out2.suse.de X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Recent fixes to TLS tasks memory handling have left the TLS bye task uncovered. Fix by freeing the task in the same way the handshake task is freed. Direct leak of 704 byte(s) in 4 object(s) allocated from: #1 0x7f5909b1d6a0 in g_malloc0 ../glib/gmem.c:163 #2 0x557650496d61 in qio_task_new ../io/task.c:58:12 #3 0x557650475d7f in qio_channel_tls_bye ../io/channel-tls.c:352:12 #4 0x55764f7a1bb4 in migration_tls_channel_end ../migration/tls.c:159:5 #5 0x55764f709750 in migration_ioc_shutdown_gracefully ../migration/multifd.c:462:9 #6 0x55764f6fcf53 in multifd_send_terminate_threads ../migration/multifd.c:493:13 #7 0x55764f6fcafb in multifd_send_shutdown ../migration/multifd.c:580:5 #8 0x55764f6e1b14 in migration_cleanup ../migration/migration.c:1323:9 #9 0x55764f6f5bac in migration_cleanup_bh ../migration/migration.c:1350:5 Fixes: d39d0f3acd ("io: fix cleanup for TLS I/O source data on cancellation") Signed-off-by: Fabiano Rosas --- io/channel-tls.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/io/channel-tls.c b/io/channel-tls.c index 940fc3c6d1..31ec4d236d 100644 --- a/io/channel-tls.c +++ b/io/channel-tls.c @@ -352,7 +352,9 @@ void qio_channel_tls_bye(QIOChannelTLS *ioc, Error **errp) task = qio_task_new(OBJECT(ioc), propagate_error, errp, NULL); trace_qio_channel_tls_bye_start(ioc); - qio_channel_tls_bye_task(ioc, task, NULL); + if (qio_channel_tls_bye_task(ioc, task, NULL)) { + qio_task_free(task); + } } static void qio_channel_tls_init(Object *obj G_GNUC_UNUSED) -- 2.51.0