Message ID | 20201201061349.110262-1-alex.chen@huawei.com |
---|---|
State | New |
Headers | show |
Series | qemu-nbd: Fix a memleak in nbd_client_thread() | expand |
On 12/1/20 12:13 AM, Alex Chen wrote: > When the qio_channel_socket_connect_sync() fails > we should goto 'out_socket' label to free the 'sioc' instead of > goto 'out' label. > In addition, now the 'out' label is useless, delete it. > > Reported-by: Euler Robot <euler.robot@huawei.com> > Signed-off-by: Alex Chen <alex.chen@huawei.com> > --- > qemu-nbd.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/qemu-nbd.c b/qemu-nbd.c > index 47587a709e..643b0777c0 100644 > --- a/qemu-nbd.c > +++ b/qemu-nbd.c > @@ -275,7 +275,7 @@ static void *nbd_client_thread(void *arg) > saddr, > &local_error) < 0) { > error_report_err(local_error); > - goto out; > + goto out_socket; > } > > ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), > @@ -325,7 +325,6 @@ out_fd: > close(fd); > out_socket: > object_unref(OBJECT(sioc)); > -out: > g_free(info.name); > kill(getpid(), SIGTERM); > return (void *) EXIT_FAILURE; > While the patch looks correct, we have a lot of duplication. Simpler might be a solution with only one exit label altogether: diff --git i/qemu-nbd.c w/qemu-nbd.c index a7075c5419d7..d7bdcd0011ba 100644 --- i/qemu-nbd.c +++ w/qemu-nbd.c @@ -265,8 +265,8 @@ static void *nbd_client_thread(void *arg) char *device = arg; NBDExportInfo info = { .request_sizes = false, .name = g_strdup("") }; QIOChannelSocket *sioc; - int fd; - int ret; + int fd = -1; + int ret = EXIT_FAILURE; pthread_t show_parts_thread; Error *local_error = NULL; @@ -278,26 +278,24 @@ static void *nbd_client_thread(void *arg) goto out; } - ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), - NULL, NULL, NULL, &info, &local_error); - if (ret < 0) { + if (nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), + NULL, NULL, NULL, &info, &local_error) < 0) { if (local_error) { error_report_err(local_error); } - goto out_socket; + goto out; } fd = open(device, O_RDWR); if (fd < 0) { /* Linux-only, we can use %m in printf. */ error_report("Failed to open %s: %m", device); - goto out_socket; + goto out; } - ret = nbd_init(fd, sioc, &info, &local_error); - if (ret < 0) { + if (nbd_init(fd, sioc, &info, &local_error) < 0) { error_report_err(local_error); - goto out_fd; + goto out; } /* update partition table */ @@ -311,24 +309,18 @@ static void *nbd_client_thread(void *arg) dup2(STDOUT_FILENO, STDERR_FILENO); } - ret = nbd_client(fd); - if (ret) { - goto out_fd; + if (nbd_client(fd) == 0) { + ret = EXIT_SUCCESS; } - close(fd); - object_unref(OBJECT(sioc)); - g_free(info.name); - kill(getpid(), SIGTERM); - return (void *) EXIT_SUCCESS; -out_fd: - close(fd); -out_socket: + out: + if (fd >= 0) { + close(fd); + } object_unref(OBJECT(sioc)); -out: g_free(info.name); kill(getpid(), SIGTERM); - return (void *) EXIT_FAILURE; + return (void *) (intptr_t) ret; } #endif /* HAVE_NBD_DEVICE */
On 2020/12/2 4:15, Eric Blake wrote: > On 12/1/20 12:13 AM, Alex Chen wrote: >> When the qio_channel_socket_connect_sync() fails >> we should goto 'out_socket' label to free the 'sioc' instead of >> goto 'out' label. >> In addition, now the 'out' label is useless, delete it. >> >> Reported-by: Euler Robot <euler.robot@huawei.com> >> Signed-off-by: Alex Chen <alex.chen@huawei.com> >> --- >> qemu-nbd.c | 3 +-- >> 1 file changed, 1 insertion(+), 2 deletions(-) >> >> diff --git a/qemu-nbd.c b/qemu-nbd.c >> index 47587a709e..643b0777c0 100644 >> --- a/qemu-nbd.c >> +++ b/qemu-nbd.c >> @@ -275,7 +275,7 @@ static void *nbd_client_thread(void *arg) >> saddr, >> &local_error) < 0) { >> error_report_err(local_error); >> - goto out; >> + goto out_socket; >> } >> >> ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), >> @@ -325,7 +325,6 @@ out_fd: >> close(fd); >> out_socket: >> object_unref(OBJECT(sioc)); >> -out: >> g_free(info.name); >> kill(getpid(), SIGTERM); >> return (void *) EXIT_FAILURE; >> > > While the patch looks correct, we have a lot of duplication. Simpler > might be a solution with only one exit label altogether: > Thanks for your review, I will modify the patch and send patch v2 according to your suggestion. BTW, do I need to split this patch into two patches, one to solve the memleak and the other to optimizes the redundant code? Thanks, Alex > diff --git i/qemu-nbd.c w/qemu-nbd.c > index a7075c5419d7..d7bdcd0011ba 100644 > --- i/qemu-nbd.c > +++ w/qemu-nbd.c > @@ -265,8 +265,8 @@ static void *nbd_client_thread(void *arg) > char *device = arg; > NBDExportInfo info = { .request_sizes = false, .name = g_strdup("") }; > QIOChannelSocket *sioc; > - int fd; > - int ret; > + int fd = -1; > + int ret = EXIT_FAILURE; > pthread_t show_parts_thread; > Error *local_error = NULL; > > @@ -278,26 +278,24 @@ static void *nbd_client_thread(void *arg) > goto out; > } > > - ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), > - NULL, NULL, NULL, &info, &local_error); > - if (ret < 0) { > + if (nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), > + NULL, NULL, NULL, &info, &local_error) < 0) { > if (local_error) { > error_report_err(local_error); > } > - goto out_socket; > + goto out; > } > > fd = open(device, O_RDWR); > if (fd < 0) { > /* Linux-only, we can use %m in printf. */ > error_report("Failed to open %s: %m", device); > - goto out_socket; > + goto out; > } > > - ret = nbd_init(fd, sioc, &info, &local_error); > - if (ret < 0) { > + if (nbd_init(fd, sioc, &info, &local_error) < 0) { > error_report_err(local_error); > - goto out_fd; > + goto out; > } > > /* update partition table */ > @@ -311,24 +309,18 @@ static void *nbd_client_thread(void *arg) > dup2(STDOUT_FILENO, STDERR_FILENO); > } > > - ret = nbd_client(fd); > - if (ret) { > - goto out_fd; > + if (nbd_client(fd) == 0) { > + ret = EXIT_SUCCESS; > } > - close(fd); > - object_unref(OBJECT(sioc)); > - g_free(info.name); > - kill(getpid(), SIGTERM); > - return (void *) EXIT_SUCCESS; > > -out_fd: > - close(fd); > -out_socket: > + out: > + if (fd >= 0) { > + close(fd); > + } > object_unref(OBJECT(sioc)); > -out: > g_free(info.name); > kill(getpid(), SIGTERM); > - return (void *) EXIT_FAILURE; > + return (void *) (intptr_t) ret; > } > #endif /* HAVE_NBD_DEVICE */ >
On 12/1/20 8:02 PM, Alex Chen wrote: > On 2020/12/2 4:15, Eric Blake wrote: >> While the patch looks correct, we have a lot of duplication. Simpler >> might be a solution with only one exit label altogether: >> > > Thanks for your review, I will modify the patch and send patch v2 according to your suggestion. > BTW, do I need to split this patch into two patches, one to solve the memleak and the other to optimizes the redundant code? This one seems small enough that a single patch is probably fine (that is, document that the patch is fixing a memory loop BY consolidating redundant code).
diff --git a/qemu-nbd.c b/qemu-nbd.c index 47587a709e..643b0777c0 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -275,7 +275,7 @@ static void *nbd_client_thread(void *arg) saddr, &local_error) < 0) { error_report_err(local_error); - goto out; + goto out_socket; } ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc), @@ -325,7 +325,6 @@ out_fd: close(fd); out_socket: object_unref(OBJECT(sioc)); -out: g_free(info.name); kill(getpid(), SIGTERM); return (void *) EXIT_FAILURE;
When the qio_channel_socket_connect_sync() fails we should goto 'out_socket' label to free the 'sioc' instead of goto 'out' label. In addition, now the 'out' label is useless, delete it. Reported-by: Euler Robot <euler.robot@huawei.com> Signed-off-by: Alex Chen <alex.chen@huawei.com> --- qemu-nbd.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)