qemu-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] c1c1f6: block/rbd: fix memory leak in qemu_rb

From: Peter Maydell
Subject: [Qemu-commits] [qemu/qemu] c1c1f6: block/rbd: fix memory leak in qemu_rbd_connect()
Date: Sat, 10 Apr 2021 08:58:57 -0700 
  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: c1c1f6cf511496b985cb9a1c536d59c9be7b9317
      
https://github.com/qemu/qemu/commit/c1c1f6cf511496b985cb9a1c536d59c9be7b9317
  Author: Stefano Garzarella <sgarzare@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M block/rbd.c

  Log Message:
  -----------
  block/rbd: fix memory leak in qemu_rbd_connect()

In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host()
using g_strjoinv(), but it's only freed in the error path, leaking
memory in the success path as reported by valgrind:

  80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516
     at 0x4839809: malloc (vg_replace_malloc.c:307)
     by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
     by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8)
     by 0x87D07E: qemu_rbd_mon_host (rbd.c:538)
     by 0x87D07E: qemu_rbd_connect (rbd.c:562)
     by 0x87E1CE: qemu_rbd_open (rbd.c:740)
     by 0x840EB1: bdrv_open_driver (block.c:1528)
     by 0x8453A9: bdrv_open_common (block.c:1802)
     by 0x8453A9: bdrv_open_inherit (block.c:3444)
     by 0x8464C2: bdrv_open (block.c:3537)
     by 0x8108CD: qmp_blockdev_add (blockdev.c:3569)
     by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086)
     by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131)
     by 0x907EA4: aio_bh_poll (async.c:164)

Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly.

Fixes: 0a55679b4a5061f4d74bdb1a0e81611ba3390b00
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20210329150129.121182-2-sgarzare@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: b084b420d9d6347dede328fbcf18c8e4c695f7e8
      
https://github.com/qemu/qemu/commit/b084b420d9d6347dede328fbcf18c8e4c695f7e8
  Author: Stefano Garzarella <sgarzare@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M block/rbd.c

  Log Message:
  -----------
  block/rbd: fix memory leak in qemu_rbd_co_create_opts()

When we allocate 'q_namespace', we forgot to set 'has_q_namespace'
to true. This can cause several issues, including a memory leak,
since qapi_free_BlockdevCreateOptions() does not deallocate that
memory, as reported by valgrind:

  13 bytes in 1 blocks are definitely lost in loss record 7 of 96
     at 0x4839809: malloc (vg_replace_malloc.c:307)
     by 0x48CEBB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
     by 0x48E3FE3: g_strdup (in /usr/lib64/libglib-2.0.so.0.6600.8)
     by 0x180010: qemu_rbd_co_create_opts (rbd.c:446)
     by 0x1AE72C: bdrv_create_co_entry (block.c:492)
     by 0x241902: coroutine_trampoline (coroutine-ucontext.c:173)
     by 0x57530AF: ??? (in /usr/lib64/libc-2.32.so)
     by 0x1FFEFFFA6F: ???

Fix setting 'has_q_namespace' to true when we allocate 'q_namespace'.

Fixes: 19ae9ae014 ("block/rbd: Add support for ceph namespaces")
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20210329150129.121182-3-sgarzare@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: 66f18320f751f9649e0f230e814dd556e38bc1fe
      
https://github.com/qemu/qemu/commit/66f18320f751f9649e0f230e814dd556e38bc1fe
  Author: Max Reitz <mreitz@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M tests/qemu-iotests/tests/qsd-jobs
    M tests/qemu-iotests/tests/qsd-jobs.out

  Log Message:
  -----------
  iotests/qsd-jobs: Filter events in the first test

The job may or may not be ready before the 'quit' is issued.  Whether it
is is irrelevant; for the purpose of the test, it only needs to still be
there.  Filter the job status change and READY events from the output so
it becomes reliable.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Suggested-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210401132839.139939-1-mreitz@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: 030262a6e4f48b4566778a51d14eb471b2fd2b84
      
https://github.com/qemu/qemu/commit/030262a6e4f48b4566778a51d14eb471b2fd2b84
  Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    A tests/qemu-iotests/tests/remove-bitmap-from-backing
    A tests/qemu-iotests/tests/remove-bitmap-from-backing.out

  Log Message:
  -----------
  iotests: add test for removing persistent bitmap from backing file

Just demonstrate one of x-blockdev-reopen usecases. We can't simply
remove persistent bitmap from RO node (for example from backing file),
as we need to remove it from the image too. So, we should reopen the
node first.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210401161522.8001-1-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: f940b0ac6fa67deb9d0b671cf83070f0286c67e1
      
https://github.com/qemu/qemu/commit/f940b0ac6fa67deb9d0b671cf83070f0286c67e1
  Author: Max Reitz <mreitz@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    A tests/qemu-iotests/tests/mirror-top-perms
    A tests/qemu-iotests/tests/mirror-top-perms.out

  Log Message:
  -----------
  iotests: Test mirror-top filter permissions

Add a test accompanying commit 53431b9086b2832ca1aeff0c55e186e9ed79bd11
("block/mirror: Fix mirror_top's permissions").

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210331122815.51491-1-mreitz@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: da64789d3a16b2c5b5f1be9c75b00c2b8ae393a0
      
https://github.com/qemu/qemu/commit/da64789d3a16b2c5b5f1be9c75b00c2b8ae393a0
  Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M hw/block/fdc.c

  Log Message:
  -----------
  hw/block/fdc: Fix 'fallback' property on sysbus floppy disk controllers

Setting the 'fallback' property corrupts the QOM instance state
(FDCtrlSysBus) because it accesses an incorrect offset (it uses
the offset of the FDCtrlISABus state).

Cc: qemu-stable@nongnu.org
Fixes: a73275dd6fc ("fdc: Add fallback option")
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210407133742.1680424-1-f4bug@amsat.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: c41f5b96ee73925c165036d59c4efa761826e800
      
https://github.com/qemu/qemu/commit/c41f5b96ee73925c165036d59c4efa761826e800
  Author: Max Reitz <mreitz@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M block/mirror.c

  Log Message:
  -----------
  mirror: Move open_backing_file to exit_common

This is a graph change and therefore should be done in job-finalize
(which is what invokes mirror_exit_common()).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210409120422.144040-2-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: 00769414cd1044b823b65e66586e93bb79494441
      
https://github.com/qemu/qemu/commit/00769414cd1044b823b65e66586e93bb79494441
  Author: Max Reitz <mreitz@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M block/mirror.c

  Log Message:
  -----------
  mirror: Do not enter a paused job on completion

Currently, it is impossible to complete jobs on standby (i.e. paused
ready jobs), but actually the only thing in mirror_complete() that does
not work quite well with a paused job is the job_enter() at the end.

If we make it conditional, this function works just fine even if the
mirror job is paused.

So technically this is a no-op, but obviously the intention is to accept
block-job-complete even for jobs on standby, which we need this patch
for first.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210409120422.144040-3-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: 53ddb9c892f048bd031568178da52e4964d7d30a
      
https://github.com/qemu/qemu/commit/53ddb9c892f048bd031568178da52e4964d7d30a
  Author: Max Reitz <mreitz@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M job.c

  Log Message:
  -----------
  job: Allow complete for jobs on standby

The only job that implements .complete is the mirror job, and it can
handle completion requests just fine while the job is paused.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1945635
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210409120422.144040-4-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: c2c731a4d35062295cd3260e66b3754588a2fad4
      
https://github.com/qemu/qemu/commit/c2c731a4d35062295cd3260e66b3754588a2fad4
  Author: Max Reitz <mreitz@redhat.com>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M tests/unit/test-blockjob.c

  Log Message:
  -----------
  test-blockjob: Test job_wait_unpaused()

Create a job that remains on STANDBY after a drained section, and see
that invoking job_wait_unpaused() will get it unstuck.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20210409120422.144040-5-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>


  Commit: 836b36af9340c42d5a6642070d99944329e388bc
      
https://github.com/qemu/qemu/commit/836b36af9340c42d5a6642070d99944329e388bc
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2021-04-09 (Fri, 09 Apr 2021)

  Changed paths:
    M block/mirror.c
    M block/rbd.c
    M hw/block/fdc.c
    M job.c
    A tests/qemu-iotests/tests/mirror-top-perms
    A tests/qemu-iotests/tests/mirror-top-perms.out
    M tests/qemu-iotests/tests/qsd-jobs
    M tests/qemu-iotests/tests/qsd-jobs.out
    A tests/qemu-iotests/tests/remove-bitmap-from-backing
    A tests/qemu-iotests/tests/remove-bitmap-from-backing.out
    M tests/unit/test-blockjob.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer fixes

- mirror: Fix job-complete race condition causing unexpected errors
- fdc: Fix 'fallback' property on sysbus floppy disk controllers
- rbd: Fix memory leaks
- iotest improvements

# gpg: Signature made Fri 09 Apr 2021 17:13:11 BST
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  test-blockjob: Test job_wait_unpaused()
  job: Allow complete for jobs on standby
  mirror: Do not enter a paused job on completion
  mirror: Move open_backing_file to exit_common
  hw/block/fdc: Fix 'fallback' property on sysbus floppy disk controllers
  iotests: Test mirror-top filter permissions
  iotests: add test for removing persistent bitmap from backing file
  iotests/qsd-jobs: Filter events in the first test
  block/rbd: fix memory leak in qemu_rbd_co_create_opts()
  block/rbd: fix memory leak in qemu_rbd_connect()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Compare: https://github.com/qemu/qemu/compare/471387aa1446...836b36af9340
reply via email to
[Prev in Thread] Current Thread [Next in Thread]