| Message ID | 20210329150129.121182-2-sgarzare@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | block/rbd: fix memory leaks | expand |
Stefano Garzarella <sgarzare@redhat.com> writes: > In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host() > using g_strjoinv(), but it's only freed in the error path, leaking > memory in the success path as reported by valgrind: > > 80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516 > at 0x4839809: malloc (vg_replace_malloc.c:307) > by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8) > by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8) > by 0x87D07E: qemu_rbd_mon_host (rbd.c:538) > by 0x87D07E: qemu_rbd_connect (rbd.c:562) > by 0x87E1CE: qemu_rbd_open (rbd.c:740) > by 0x840EB1: bdrv_open_driver (block.c:1528) > by 0x8453A9: bdrv_open_common (block.c:1802) > by 0x8453A9: bdrv_open_inherit (block.c:3444) > by 0x8464C2: bdrv_open (block.c:3537) > by 0x8108CD: qmp_blockdev_add (blockdev.c:3569) > by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086) > by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131) > by 0x907EA4: aio_bh_poll (async.c:164) > > Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly. > > Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> I believe this Fixes: 0a55679b4a5061f4d74bdb1a0e81611ba3390b00 Reviewed-by: Markus Armbruster <armbru@redhat.com>
On Tue, Apr 06, 2021 at 10:22:30AM +0200, Markus Armbruster wrote: >Stefano Garzarella <sgarzare@redhat.com> writes: > >> In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host() >> using g_strjoinv(), but it's only freed in the error path, leaking >> memory in the success path as reported by valgrind: >> >> 80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516 >> at 0x4839809: malloc (vg_replace_malloc.c:307) >> by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8) >> by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8) >> by 0x87D07E: qemu_rbd_mon_host (rbd.c:538) >> by 0x87D07E: qemu_rbd_connect (rbd.c:562) >> by 0x87E1CE: qemu_rbd_open (rbd.c:740) >> by 0x840EB1: bdrv_open_driver (block.c:1528) >> by 0x8453A9: bdrv_open_common (block.c:1802) >> by 0x8453A9: bdrv_open_inherit (block.c:3444) >> by 0x8464C2: bdrv_open (block.c:3537) >> by 0x8108CD: qmp_blockdev_add (blockdev.c:3569) >> by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086) >> by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131) >> by 0x907EA4: aio_bh_poll (async.c:164) >> >> Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly. >> >> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> > >I believe this >Fixes: 0a55679b4a5061f4d74bdb1a0e81611ba3390b00 Yep :-) > >Reviewed-by: Markus Armbruster <armbru@redhat.com> > Thanks, Stefano
diff --git a/block/rbd.c b/block/rbd.c index 9071a00e3f..24cefcd0dc 100644 --- a/block/rbd.c +++ b/block/rbd.c @@ -563,13 +563,13 @@ static int qemu_rbd_connect(rados_t *cluster, rados_ioctx_t *io_ctx, if (local_err) { error_propagate(errp, local_err); r = -EINVAL; - goto failed_opts; + goto out; } r = rados_create(cluster, opts->user); if (r < 0) { error_setg_errno(errp, -r, "error initializing"); - goto failed_opts; + goto out; } /* try default location when conf=NULL, but ignore failure */ @@ -626,11 +626,12 @@ static int qemu_rbd_connect(rados_t *cluster, rados_ioctx_t *io_ctx, */ rados_ioctx_set_namespace(*io_ctx, opts->q_namespace); - return 0; + r = 0; + goto out; failed_shutdown: rados_shutdown(*cluster); -failed_opts: +out: g_free(mon_host); return r; }
In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host() using g_strjoinv(), but it's only freed in the error path, leaking memory in the success path as reported by valgrind: 80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516 at 0x4839809: malloc (vg_replace_malloc.c:307) by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8) by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8) by 0x87D07E: qemu_rbd_mon_host (rbd.c:538) by 0x87D07E: qemu_rbd_connect (rbd.c:562) by 0x87E1CE: qemu_rbd_open (rbd.c:740) by 0x840EB1: bdrv_open_driver (block.c:1528) by 0x8453A9: bdrv_open_common (block.c:1802) by 0x8453A9: bdrv_open_inherit (block.c:3444) by 0x8464C2: bdrv_open (block.c:3537) by 0x8108CD: qmp_blockdev_add (blockdev.c:3569) by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086) by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131) by 0x907EA4: aio_bh_poll (async.c:164) Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly. Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> --- block/rbd.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)