[PATCH v2 0/2] block: Fix leak in send_qmp_error

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH v2 0/2] block: Fix leak in send_qmp_error_event
@ 2024-11-11 17:03 Philippe Mathieu-Daudé
  2024-11-11 17:03 ` [PATCH v2 1/2] block: Improve blk_get_attached_dev_id() docstring Philippe Mathieu-Daudé
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-11-11 17:03 UTC (permalink / raw)
  To: Fabiano Rosas, qemu-devel
  Cc: Kevin Wolf, Hanna Reitz, qemu-block, Philippe Mathieu-Daudé

Respin of Fabiano patch using g_autofree,
and clarifying method docstrings.

Fabiano Rosas (1):
  block: Fix leak in send_qmp_error_event

Philippe Mathieu-Daudé (1):
  block: Improve blk_get_attached_dev_id() docstring

 include/sysemu/block-backend-io.h |  7 +++++++
 block/block-backend.c             | 16 ++++++++++------
 2 files changed, 17 insertions(+), 6 deletions(-)

-- 
2.45.2



^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH v2 1/2] block: Improve blk_get_attached_dev_id() docstring
  2024-11-11 17:03 [PATCH v2 0/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
@ 2024-11-11 17:03 ` Philippe Mathieu-Daudé
  2024-11-11 17:03 ` [PATCH v2 2/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-11-11 17:03 UTC (permalink / raw)
  To: Fabiano Rosas, qemu-devel
  Cc: Kevin Wolf, Hanna Reitz, qemu-block, Philippe Mathieu-Daudé

Expose the method docstring in the header, and mention
returned value must be free'd by caller.

Reported-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 include/sysemu/block-backend-io.h |  7 +++++++
 block/block-backend.c             | 12 ++++++++----
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/include/sysemu/block-backend-io.h b/include/sysemu/block-backend-io.h
index d174275a5c..ba8dfcc7d0 100644
--- a/include/sysemu/block-backend-io.h
+++ b/include/sysemu/block-backend-io.h
@@ -32,6 +32,13 @@ void blk_set_allow_aio_context_change(BlockBackend *blk, bool allow);
 void blk_set_disable_request_queuing(BlockBackend *blk, bool disable);
 bool blk_iostatus_is_enabled(const BlockBackend *blk);
 
+/*
+ * Return the qdev ID, or if no ID is assigned the QOM path,
+ * of the block device attached to the BlockBackend.
+ *
+ * The caller is responsible for releasing the value returned
+ * with g_free() after use.
+ */
 char *blk_get_attached_dev_id(BlockBackend *blk);
 
 BlockAIOCB *blk_aio_pwrite_zeroes(BlockBackend *blk, int64_t offset,
diff --git a/block/block-backend.c b/block/block-backend.c
index 85bcdedcef..7b329ff194 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -1019,6 +1019,10 @@ DeviceState *blk_get_attached_dev(BlockBackend *blk)
     return blk->dev;
 }
 
+/*
+ * The caller is responsible for releasing the value returned
+ * with g_free() after use.
+ */
 static char *blk_get_attached_dev_id_or_path(BlockBackend *blk, bool want_id)
 {
     DeviceState *dev = blk->dev;
@@ -1033,15 +1037,15 @@ static char *blk_get_attached_dev_id_or_path(BlockBackend *blk, bool want_id)
     return object_get_canonical_path(OBJECT(dev)) ?: g_strdup("");
 }
 
-/*
- * Return the qdev ID, or if no ID is assigned the QOM path, of the block
- * device attached to the BlockBackend.
- */
 char *blk_get_attached_dev_id(BlockBackend *blk)
 {
     return blk_get_attached_dev_id_or_path(blk, true);
 }
 
+/*
+ * The caller is responsible for releasing the value returned
+ * with g_free() after use.
+ */
 static char *blk_get_attached_dev_path(BlockBackend *blk)
 {
     return blk_get_attached_dev_id_or_path(blk, false);
-- 
2.45.2



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* [PATCH v2 2/2] block: Fix leak in send_qmp_error_event
  2024-11-11 17:03 [PATCH v2 0/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
  2024-11-11 17:03 ` [PATCH v2 1/2] block: Improve blk_get_attached_dev_id() docstring Philippe Mathieu-Daudé
@ 2024-11-11 17:03 ` Philippe Mathieu-Daudé
  2025-01-13 14:57 ` [PATCH v2 0/2] " Fabiano Rosas
  2025-01-16 14:13 ` Kevin Wolf
  3 siblings, 0 replies; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-11-11 17:03 UTC (permalink / raw)
  To: Fabiano Rosas, qemu-devel
  Cc: Kevin Wolf, Hanna Reitz, qemu-block, Philippe Mathieu-Daudé

From: Fabiano Rosas <farosas@suse.de>

ASAN detected a leak when running the ahci-test
/ahci/io/dma/lba28/retry:

Direct leak of 35 byte(s) in 1 object(s) allocated from:
    #0 in malloc
    #1 in __vasprintf_internal
    #2 in vasprintf
    #3 in g_vasprintf
    #4 in g_strdup_vprintf
    #5 in g_strdup_printf
    #6 in object_get_canonical_path ../qom/object.c:2096:19
    #7 in blk_get_attached_dev_id_or_path ../block/block-backend.c:1033:12
    #8 in blk_get_attached_dev_path ../block/block-backend.c:1047:12
    #9 in send_qmp_error_event ../block/block-backend.c:2140:36
    #10 in blk_error_action ../block/block-backend.c:2172:9
    #11 in ide_handle_rw_error ../hw/ide/core.c:875:5
    #12 in ide_dma_cb ../hw/ide/core.c:894:13
    #13 in dma_complete ../system/dma-helpers.c:107:9
    #14 in dma_blk_cb ../system/dma-helpers.c:129:9
    #15 in blk_aio_complete ../block/block-backend.c:1552:9
    #16 in blk_aio_write_entry ../block/block-backend.c:1619:5
    #17 in coroutine_trampoline ../util/coroutine-ucontext.c:175:9

Plug the leak by freeing the device path string.

Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241111145214.8261-1-farosas@suse.de>
[PMD: Use g_autofree]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 block/block-backend.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/block/block-backend.c b/block/block-backend.c
index 7b329ff194..6128012953 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -2138,10 +2138,10 @@ static void send_qmp_error_event(BlockBackend *blk,
 {
     IoOperationType optype;
     BlockDriverState *bs = blk_bs(blk);
+    g_autofree char *path = blk_get_attached_dev_path(blk);
 
     optype = is_read ? IO_OPERATION_TYPE_READ : IO_OPERATION_TYPE_WRITE;
-    qapi_event_send_block_io_error(blk_name(blk),
-                                   blk_get_attached_dev_path(blk),
+    qapi_event_send_block_io_error(blk_name(blk), path,
                                    bs ? bdrv_get_node_name(bs) : NULL, optype,
                                    action, blk_iostatus_is_enabled(blk),
                                    error == ENOSPC, strerror(error));
-- 
2.45.2



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH v2 0/2] block: Fix leak in send_qmp_error_event
  2024-11-11 17:03 [PATCH v2 0/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
  2024-11-11 17:03 ` [PATCH v2 1/2] block: Improve blk_get_attached_dev_id() docstring Philippe Mathieu-Daudé
  2024-11-11 17:03 ` [PATCH v2 2/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
@ 2025-01-13 14:57 ` Fabiano Rosas
  2025-01-16 14:13 ` Kevin Wolf
  3 siblings, 0 replies; 5+ messages in thread
From: Fabiano Rosas @ 2025-01-13 14:57 UTC (permalink / raw)
  To: Philippe Mathieu-Daudé, qemu-devel
  Cc: Kevin Wolf, Hanna Reitz, qemu-block, Philippe Mathieu-Daudé

Philippe Mathieu-Daudé <philmd@linaro.org> writes:

> Respin of Fabiano patch using g_autofree,
> and clarifying method docstrings.
>
> Fabiano Rosas (1):
>   block: Fix leak in send_qmp_error_event
>
> Philippe Mathieu-Daudé (1):
>   block: Improve blk_get_attached_dev_id() docstring
>
>  include/sysemu/block-backend-io.h |  7 +++++++
>  block/block-backend.c             | 16 ++++++++++------
>  2 files changed, 17 insertions(+), 6 deletions(-)

Ping


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v2 0/2] block: Fix leak in send_qmp_error_event
  2024-11-11 17:03 [PATCH v2 0/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
                   ` (2 preceding siblings ...)
  2025-01-13 14:57 ` [PATCH v2 0/2] " Fabiano Rosas
@ 2025-01-16 14:13 ` Kevin Wolf
  3 siblings, 0 replies; 5+ messages in thread
From: Kevin Wolf @ 2025-01-16 14:13 UTC (permalink / raw)
  To: Philippe Mathieu-Daudé
  Cc: Fabiano Rosas, qemu-devel, Hanna Reitz, qemu-block

Am 11.11.2024 um 18:03 hat Philippe Mathieu-Daudé geschrieben:
> Respin of Fabiano patch using g_autofree,
> and clarifying method docstrings.
> 
> Fabiano Rosas (1):
>   block: Fix leak in send_qmp_error_event
> 
> Philippe Mathieu-Daudé (1):
>   block: Improve blk_get_attached_dev_id() docstring
> 
>  include/sysemu/block-backend-io.h |  7 +++++++
>  block/block-backend.c             | 16 ++++++++++------
>  2 files changed, 17 insertions(+), 6 deletions(-)

Thanks, applied to the block branch.

Kevin



^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2025-01-16 14:15 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-11-11 17:03 [PATCH v2 0/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
2024-11-11 17:03 ` [PATCH v2 1/2] block: Improve blk_get_attached_dev_id() docstring Philippe Mathieu-Daudé
2024-11-11 17:03 ` [PATCH v2 2/2] block: Fix leak in send_qmp_error_event Philippe Mathieu-Daudé
2025-01-13 14:57 ` [PATCH v2 0/2] " Fabiano Rosas
2025-01-16 14:13 ` Kevin Wolf

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.