* [PATCH] s390x: Fix leak in machine_set_loadparm
@ 2025-05-09 17:49 Fabiano Rosas
2025-05-09 18:00 ` Thomas Huth
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Fabiano Rosas @ 2025-05-09 17:49 UTC (permalink / raw)
To: qemu-devel
Cc: Thomas Huth, Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich
ASAN spotted a leaking string in machine_set_loadparm():
Direct leak of 9 byte(s) in 1 object(s) allocated from:
#0 0x560ffb5bb379 in malloc ../projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
#1 0x7f1aca926518 in g_malloc ../glib/gmem.c:106
#2 0x7f1aca94113e in g_strdup ../glib/gstrfuncs.c:364
#3 0x560ffc8afbf9 in qobject_input_type_str ../qapi/qobject-input-visitor.c:542:12
#4 0x560ffc8a80ff in visit_type_str ../qapi/qapi-visit-core.c:349:10
#5 0x560ffbe6053a in machine_set_loadparm ../hw/s390x/s390-virtio-ccw.c:802:10
#6 0x560ffc0c5e52 in object_property_set ../qom/object.c:1450:5
#7 0x560ffc0d4175 in object_property_set_qobject ../qom/qom-qobject.c:28:10
#8 0x560ffc0c6004 in object_property_set_str ../qom/object.c:1458:15
#9 0x560ffbe2ae60 in update_machine_ipl_properties ../hw/s390x/ipl.c:569:9
#10 0x560ffbe2aa65 in s390_ipl_update_diag308 ../hw/s390x/ipl.c:594:5
#11 0x560ffbdee132 in handle_diag_308 ../target/s390x/diag.c:147:9
#12 0x560ffbebb956 in helper_diag ../target/s390x/tcg/misc_helper.c:137:9
#13 0x7f1a3c51c730 (/memfd:tcg-jit (deleted)+0x39730)
Signed-off-by: Fabiano Rosas <farosas@suse.de>
---
hw/s390x/s390-virtio-ccw.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index d5658afed9..744e901db8 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -804,6 +804,7 @@ static void machine_set_loadparm(Object *obj, Visitor *v,
}
s390_ipl_fmt_loadparm(ms->loadparm, val, errp);
+ g_free(val);
}
static void ccw_machine_class_init(ObjectClass *oc, const void *data)
--
2.35.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-05-09 17:49 [PATCH] s390x: Fix leak in machine_set_loadparm Fabiano Rosas
@ 2025-05-09 18:00 ` Thomas Huth
2025-05-12 14:07 ` Philippe Mathieu-Daudé
2025-05-15 12:51 ` Halil Pasic
2 siblings, 0 replies; 9+ messages in thread
From: Thomas Huth @ 2025-05-09 18:00 UTC (permalink / raw)
To: Fabiano Rosas, qemu-devel
Cc: Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich
On 09/05/2025 19.49, Fabiano Rosas wrote:
> ASAN spotted a leaking string in machine_set_loadparm():
>
> Direct leak of 9 byte(s) in 1 object(s) allocated from:
> #0 0x560ffb5bb379 in malloc ../projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
> #1 0x7f1aca926518 in g_malloc ../glib/gmem.c:106
> #2 0x7f1aca94113e in g_strdup ../glib/gstrfuncs.c:364
> #3 0x560ffc8afbf9 in qobject_input_type_str ../qapi/qobject-input-visitor.c:542:12
> #4 0x560ffc8a80ff in visit_type_str ../qapi/qapi-visit-core.c:349:10
> #5 0x560ffbe6053a in machine_set_loadparm ../hw/s390x/s390-virtio-ccw.c:802:10
> #6 0x560ffc0c5e52 in object_property_set ../qom/object.c:1450:5
> #7 0x560ffc0d4175 in object_property_set_qobject ../qom/qom-qobject.c:28:10
> #8 0x560ffc0c6004 in object_property_set_str ../qom/object.c:1458:15
> #9 0x560ffbe2ae60 in update_machine_ipl_properties ../hw/s390x/ipl.c:569:9
> #10 0x560ffbe2aa65 in s390_ipl_update_diag308 ../hw/s390x/ipl.c:594:5
> #11 0x560ffbdee132 in handle_diag_308 ../target/s390x/diag.c:147:9
> #12 0x560ffbebb956 in helper_diag ../target/s390x/tcg/misc_helper.c:137:9
> #13 0x7f1a3c51c730 (/memfd:tcg-jit (deleted)+0x39730)
>
> Signed-off-by: Fabiano Rosas <farosas@suse.de>
> ---
> hw/s390x/s390-virtio-ccw.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
> index d5658afed9..744e901db8 100644
> --- a/hw/s390x/s390-virtio-ccw.c
> +++ b/hw/s390x/s390-virtio-ccw.c
> @@ -804,6 +804,7 @@ static void machine_set_loadparm(Object *obj, Visitor *v,
> }
>
> s390_ipl_fmt_loadparm(ms->loadparm, val, errp);
> + g_free(val);
> }
>
> static void ccw_machine_class_init(ObjectClass *oc, const void *data)
Reviewed-by: Thomas Huth <thuth@redhat.com>
and queued it!
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-05-09 17:49 [PATCH] s390x: Fix leak in machine_set_loadparm Fabiano Rosas
2025-05-09 18:00 ` Thomas Huth
@ 2025-05-12 14:07 ` Philippe Mathieu-Daudé
2025-05-12 14:13 ` Philippe Mathieu-Daudé
2025-05-15 12:51 ` Halil Pasic
2 siblings, 1 reply; 9+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-05-12 14:07 UTC (permalink / raw)
To: Fabiano Rosas, qemu-devel
Cc: Thomas Huth, Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich
On 9/5/25 19:49, Fabiano Rosas wrote:
> ASAN spotted a leaking string in machine_set_loadparm():
>
> Direct leak of 9 byte(s) in 1 object(s) allocated from:
> #0 0x560ffb5bb379 in malloc ../projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
> #1 0x7f1aca926518 in g_malloc ../glib/gmem.c:106
> #2 0x7f1aca94113e in g_strdup ../glib/gstrfuncs.c:364
> #3 0x560ffc8afbf9 in qobject_input_type_str ../qapi/qobject-input-visitor.c:542:12
> #4 0x560ffc8a80ff in visit_type_str ../qapi/qapi-visit-core.c:349:10
> #5 0x560ffbe6053a in machine_set_loadparm ../hw/s390x/s390-virtio-ccw.c:802:10
> #6 0x560ffc0c5e52 in object_property_set ../qom/object.c:1450:5
> #7 0x560ffc0d4175 in object_property_set_qobject ../qom/qom-qobject.c:28:10
> #8 0x560ffc0c6004 in object_property_set_str ../qom/object.c:1458:15
> #9 0x560ffbe2ae60 in update_machine_ipl_properties ../hw/s390x/ipl.c:569:9
> #10 0x560ffbe2aa65 in s390_ipl_update_diag308 ../hw/s390x/ipl.c:594:5
> #11 0x560ffbdee132 in handle_diag_308 ../target/s390x/diag.c:147:9
> #12 0x560ffbebb956 in helper_diag ../target/s390x/tcg/misc_helper.c:137:9
> #13 0x7f1a3c51c730 (/memfd:tcg-jit (deleted)+0x39730)
>
> Signed-off-by: Fabiano Rosas <farosas@suse.de>
> ---
> hw/s390x/s390-virtio-ccw.c | 1 +
> 1 file changed, 1 insertion(+)
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-05-12 14:07 ` Philippe Mathieu-Daudé
@ 2025-05-12 14:13 ` Philippe Mathieu-Daudé
2025-05-12 15:37 ` Fabiano Rosas
0 siblings, 1 reply; 9+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-05-12 14:13 UTC (permalink / raw)
To: Fabiano Rosas, qemu-devel
Cc: Thomas Huth, Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich
On 12/5/25 16:07, Philippe Mathieu-Daudé wrote:
> On 9/5/25 19:49, Fabiano Rosas wrote:
>> ASAN spotted a leaking string in machine_set_loadparm():
What about ccw_device_set_loadparm() in hw/s390x/ccw-device.c?
>>
>> Direct leak of 9 byte(s) in 1 object(s) allocated from:
>> #0 0x560ffb5bb379 in malloc ../projects/compiler-rt/lib/asan/
>> asan_malloc_linux.cpp:69:3
>> #1 0x7f1aca926518 in g_malloc ../glib/gmem.c:106
>> #2 0x7f1aca94113e in g_strdup ../glib/gstrfuncs.c:364
>> #3 0x560ffc8afbf9 in qobject_input_type_str ../qapi/qobject-
>> input-visitor.c:542:12
>> #4 0x560ffc8a80ff in visit_type_str ../qapi/qapi-visit-core.c:349:10
>> #5 0x560ffbe6053a in machine_set_loadparm ../hw/s390x/s390-
>> virtio-ccw.c:802:10
>> #6 0x560ffc0c5e52 in object_property_set ../qom/object.c:1450:5
>> #7 0x560ffc0d4175 in object_property_set_qobject ../qom/qom-
>> qobject.c:28:10
>> #8 0x560ffc0c6004 in object_property_set_str ../qom/object.c:1458:15
>> #9 0x560ffbe2ae60 in update_machine_ipl_properties ../hw/s390x/
>> ipl.c:569:9
>> #10 0x560ffbe2aa65 in s390_ipl_update_diag308 ../hw/s390x/
>> ipl.c:594:5
>> #11 0x560ffbdee132 in handle_diag_308 ../target/s390x/diag.c:147:9
>> #12 0x560ffbebb956 in helper_diag ../target/s390x/tcg/
>> misc_helper.c:137:9
>> #13 0x7f1a3c51c730 (/memfd:tcg-jit (deleted)+0x39730)
>>
>> Signed-off-by: Fabiano Rosas <farosas@suse.de>
>> ---
>> hw/s390x/s390-virtio-ccw.c | 1 +
>> 1 file changed, 1 insertion(+)
>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-05-12 14:13 ` Philippe Mathieu-Daudé
@ 2025-05-12 15:37 ` Fabiano Rosas
2025-06-24 6:28 ` Thomas Huth
0 siblings, 1 reply; 9+ messages in thread
From: Fabiano Rosas @ 2025-05-12 15:37 UTC (permalink / raw)
To: Philippe Mathieu-Daudé, qemu-devel
Cc: Thomas Huth, Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich
Philippe Mathieu-Daudé <philmd@linaro.org> writes:
> On 12/5/25 16:07, Philippe Mathieu-Daudé wrote:
>> On 9/5/25 19:49, Fabiano Rosas wrote:
>>> ASAN spotted a leaking string in machine_set_loadparm():
>
> What about ccw_device_set_loadparm() in hw/s390x/ccw-device.c?
>
Yep, that one as well. I'll send a patch. Thanks
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-05-09 17:49 [PATCH] s390x: Fix leak in machine_set_loadparm Fabiano Rosas
2025-05-09 18:00 ` Thomas Huth
2025-05-12 14:07 ` Philippe Mathieu-Daudé
@ 2025-05-15 12:51 ` Halil Pasic
2 siblings, 0 replies; 9+ messages in thread
From: Halil Pasic @ 2025-05-15 12:51 UTC (permalink / raw)
To: Fabiano Rosas
Cc: qemu-devel, Thomas Huth, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich,
Halil Pasic
On Fri, 9 May 2025 14:49:38 -0300
Fabiano Rosas <farosas@suse.de> wrote:
> ASAN spotted a leaking string in machine_set_loadparm():
>
> Direct leak of 9 byte(s) in 1 object(s) allocated from:
> #0 0x560ffb5bb379 in malloc ../projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
> #1 0x7f1aca926518 in g_malloc ../glib/gmem.c:106
> #2 0x7f1aca94113e in g_strdup ../glib/gstrfuncs.c:364
> #3 0x560ffc8afbf9 in qobject_input_type_str ../qapi/qobject-input-visitor.c:542:12
> #4 0x560ffc8a80ff in visit_type_str ../qapi/qapi-visit-core.c:349:10
> #5 0x560ffbe6053a in machine_set_loadparm ../hw/s390x/s390-virtio-ccw.c:802:10
> #6 0x560ffc0c5e52 in object_property_set ../qom/object.c:1450:5
> #7 0x560ffc0d4175 in object_property_set_qobject ../qom/qom-qobject.c:28:10
> #8 0x560ffc0c6004 in object_property_set_str ../qom/object.c:1458:15
> #9 0x560ffbe2ae60 in update_machine_ipl_properties ../hw/s390x/ipl.c:569:9
> #10 0x560ffbe2aa65 in s390_ipl_update_diag308 ../hw/s390x/ipl.c:594:5
> #11 0x560ffbdee132 in handle_diag_308 ../target/s390x/diag.c:147:9
> #12 0x560ffbebb956 in helper_diag ../target/s390x/tcg/misc_helper.c:137:9
> #13 0x7f1a3c51c730 (/memfd:tcg-jit (deleted)+0x39730)
>
> Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-05-12 15:37 ` Fabiano Rosas
@ 2025-06-24 6:28 ` Thomas Huth
2025-06-24 12:34 ` Fabiano Rosas
0 siblings, 1 reply; 9+ messages in thread
From: Thomas Huth @ 2025-06-24 6:28 UTC (permalink / raw)
To: Fabiano Rosas, Philippe Mathieu-Daudé, qemu-devel
Cc: Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich,
Kevin Wolf
On 12/05/2025 17.37, Fabiano Rosas wrote:
> Philippe Mathieu-Daudé <philmd@linaro.org> writes:
>
>> On 12/5/25 16:07, Philippe Mathieu-Daudé wrote:
>>> On 9/5/25 19:49, Fabiano Rosas wrote:
>>>> ASAN spotted a leaking string in machine_set_loadparm():
>>
>> What about ccw_device_set_loadparm() in hw/s390x/ccw-device.c?
>>
>
> Yep, that one as well. I'll send a patch. Thanks
Did you ever send it?
Thomas
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-06-24 6:28 ` Thomas Huth
@ 2025-06-24 12:34 ` Fabiano Rosas
2025-06-25 9:03 ` Kevin Wolf
0 siblings, 1 reply; 9+ messages in thread
From: Fabiano Rosas @ 2025-06-24 12:34 UTC (permalink / raw)
To: Thomas Huth, Philippe Mathieu-Daudé, qemu-devel
Cc: Halil Pasic, Christian Borntraeger, Eric Farman,
Richard Henderson, David Hildenbrand, Ilya Leoshkevich,
Kevin Wolf
Thomas Huth <thuth@redhat.com> writes:
> On 12/05/2025 17.37, Fabiano Rosas wrote:
>> Philippe Mathieu-Daudé <philmd@linaro.org> writes:
>>
>>> On 12/5/25 16:07, Philippe Mathieu-Daudé wrote:
>>>> On 9/5/25 19:49, Fabiano Rosas wrote:
>>>>> ASAN spotted a leaking string in machine_set_loadparm():
>>>
>>> What about ccw_device_set_loadparm() in hw/s390x/ccw-device.c?
>>>
>>
>> Yep, that one as well. I'll send a patch. Thanks
>
> Did you ever send it?
>
Sorry, no. Got sidetracked as usual. I'll mark this email so I don't forget.
> Thomas
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] s390x: Fix leak in machine_set_loadparm
2025-06-24 12:34 ` Fabiano Rosas
@ 2025-06-25 9:03 ` Kevin Wolf
0 siblings, 0 replies; 9+ messages in thread
From: Kevin Wolf @ 2025-06-25 9:03 UTC (permalink / raw)
To: Fabiano Rosas
Cc: Thomas Huth, Philippe Mathieu-Daudé, qemu-devel, Halil Pasic,
Christian Borntraeger, Eric Farman, Richard Henderson,
David Hildenbrand, Ilya Leoshkevich
Am 24.06.2025 um 14:34 hat Fabiano Rosas geschrieben:
> Thomas Huth <thuth@redhat.com> writes:
>
> > On 12/05/2025 17.37, Fabiano Rosas wrote:
> >> Philippe Mathieu-Daudé <philmd@linaro.org> writes:
> >>
> >>> On 12/5/25 16:07, Philippe Mathieu-Daudé wrote:
> >>>> On 9/5/25 19:49, Fabiano Rosas wrote:
> >>>>> ASAN spotted a leaking string in machine_set_loadparm():
> >>>
> >>> What about ccw_device_set_loadparm() in hw/s390x/ccw-device.c?
> >>>
> >>
> >> Yep, that one as well. I'll send a patch. Thanks
> >
> > Did you ever send it?
>
> Sorry, no. Got sidetracked as usual. I'll mark this email so I don't forget.
I think Thomas asked because I posted the fix in our downstream bug
tracker. I just sent it as a proper patch.
Kevin
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2025-06-25 9:04 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-09 17:49 [PATCH] s390x: Fix leak in machine_set_loadparm Fabiano Rosas
2025-05-09 18:00 ` Thomas Huth
2025-05-12 14:07 ` Philippe Mathieu-Daudé
2025-05-12 14:13 ` Philippe Mathieu-Daudé
2025-05-12 15:37 ` Fabiano Rosas
2025-06-24 6:28 ` Thomas Huth
2025-06-24 12:34 ` Fabiano Rosas
2025-06-25 9:03 ` Kevin Wolf
2025-05-15 12:51 ` Halil Pasic
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).