1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
user-level: 0.761
register: 0.754
performance: 0.735
semantic: 0.725
peripherals: 0.722
permissions: 0.721
device: 0.721
vnc: 0.720
debug: 0.718
graphic: 0.713
hypervisor: 0.712
risc-v: 0.705
arm: 0.703
mistranslation: 0.702
virtual: 0.702
architecture: 0.702
KVM: 0.691
PID: 0.690
VMM: 0.687
files: 0.685
i386: 0.680
TCG: 0.676
assembly: 0.667
ppc: 0.660
boot: 0.654
network: 0.648
kernel: 0.646
socket: 0.645
x86: 0.623
virtio-net: memory leak when hotplugging virtio-net
Description of problem:
When invalid option for virtio-net device is provided during hotplug, allocated string is not freed, leading to memory leak.
Steps to reproduce:
```sh
cat <<EOF | qemu-system-i386 -M q35 -nodefaults \
-chardev stdio,id=char0 -mon char0 -device pcie-pci-bridge,id=br1,bus=pcie.0
device_add virtio-net,rx_queue_size=0,bus=br1,id=dev0
quit
EOF
```
If above command is not working, let me know so that I provide more information.
Additional information:
There is LeakSanitizer log:
```sh
$ cat <<EOF | LSAN_OPTIONS=fast_unwind_on_malloc=0 qemu-system-i386 -M q35 -nodefaults \
-chardev stdio,id=char0 -mon char0 -device pcie-pci-bridge,id=br1,bus=pcie.0
device_add virtio-net,rx_queue_size=0,bus=br1,id=dev0
quit
EOF
==831633==WARNING: ASan doesn't fully support makecontext/swapcontext functions and may produce false positives in some cases!
QEMU 8.1.93 monitor - type 'help' for more information
VNC server running on 127.0.0.1:5900
(qemu) device_add virtio-net,rx_queue_size=0,bus=br1,id=dev0
Error: Invalid rx_queue_size (= 0), must be a power of 2 between 256 and 1024.
(qemu) quit
=================================================================
==831633==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 15 byte(s) in 1 object(s) allocated from:
#0 0x55c1ac66b3ce in malloc (/usr/local/bin/qemu-system-i386+0x1b5d3ce) (BuildId: c7ca543ea41d3478bc13cdf604d47805b990620e)
#1 0x7f45c1695738 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5e738) (BuildId: 224ac2a88b72bc8e2fe8566ee28fae789fc69241)
#2 0x7f45c16aa583 in g_strdup (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x73583) (BuildId: 224ac2a88b72bc8e2fe8566ee28fae789fc69241)
#3 0x55c1ad943dd4 in virtio_net_set_netclient_name /home/XXX/qemu/build/../hw/net/virtio-net.c:3445:25
#4 0x55c1adace541 in virtio_net_pci_realize /home/XXX/qemu/build/../hw/virtio/virtio-net-pci.c:62:5
#5 0x55c1ad13ec00 in virtio_pci_realize /home/XXX/qemu/build/../hw/virtio/virtio-pci.c:2228:9
#6 0x55c1acdec557 in pci_qdev_realize /home/XXX/qemu/build/../hw/pci/pci.c:2117:9
#7 0x55c1adcb9484 in device_set_realized /home/XXX/qemu/build/../hw/core/qdev.c:510:13
#8 0x55c1adcd6278 in property_set_bool /home/XXX/qemu/build/../qom/object.c:2305:5
#9 0x55c1adcd1443 in object_property_set /home/XXX/qemu/build/../qom/object.c:1435:5
#10 0x55c1adcdd15c in object_property_set_qobject /home/XXX/qemu/build/../qom/qom-qobject.c:28:10
#11 0x55c1adcd1d11 in object_property_set_bool /home/XXX/qemu/build/../qom/object.c:1504:15
#12 0x55c1ad27021a in qdev_device_add_from_qdict /home/XXX/qemu/build/../system/qdev-monitor.c:719:10
#13 0x55c1ad271364 in qdev_device_add /home/XXX/qemu/build/../system/qdev-monitor.c:738:11
#14 0x55c1ad2726eb in qmp_device_add /home/XXX/qemu/build/../system/qdev-monitor.c:860:11
#15 0x55c1ad27311d in hmp_device_add /home/XXX/qemu/build/../system/qdev-monitor.c:968:5
#16 0x55c1ad3bfef4 in handle_hmp_command_exec /home/XXX/qemu/build/../monitor/hmp.c:1106:9
#17 0x55c1ad3bdfa3 in handle_hmp_command /home/XXX/qemu/build/../monitor/hmp.c:1158:9
#18 0x55c1ad3b99ee in monitor_command_cb /home/XXX/qemu/build/../monitor/hmp.c:47:5
#19 0x55c1ae3d5c3a in readline_handle_byte /home/XXX/qemu/build/../util/readline.c:419:13
#20 0x55c1ad3c2261 in monitor_read /home/XXX/qemu/build/../monitor/hmp.c:1390:13
#21 0x55c1ae0ff644 in fd_chr_read /home/XXX/qemu/build/../chardev/char-fd.c:72:9
#22 0x7f45c168cc43 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x55c43) (BuildId: 224ac2a88b72bc8e2fe8566ee28fae789fc69241)
#23 0x55c1ae3786db in glib_pollfds_poll /home/XXX/qemu/build/../util/main-loop.c:290:9
#24 0x55c1ae3786db in os_host_main_loop_wait /home/XXX/qemu/build/../util/main-loop.c:313:5
#25 0x55c1ae3786db in main_loop_wait /home/XXX/qemu/build/../util/main-loop.c:592:11
#26 0x55c1ad282d06 in qemu_main_loop /home/XXX/qemu/build/../system/runstate.c:782:9
#27 0x55c1adca6115 in qemu_default_main /home/XXX/qemu/build/../system/main.c:37:14
#28 0x7f45c0bd0d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#29 0x7f45c0bd0e3f in __libc_start_main csu/../csu/libc-start.c:392:3
Direct leak of 5 byte(s) in 1 object(s) allocated from:
#0 0x55c1ac66b3ce in malloc (/usr/local/bin/qemu-system-i386+0x1b5d3ce) (BuildId: c7ca543ea41d3478bc13cdf604d47805b990620e)
#1 0x7f45c1695738 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5e738) (BuildId: 224ac2a88b72bc8e2fe8566ee28fae789fc69241)
#2 0x7f45c16aa583 in g_strdup (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x73583) (BuildId: 224ac2a88b72bc8e2fe8566ee28fae789fc69241)
#3 0x55c1ad943da2 in virtio_net_set_netclient_name /home/XXX/qemu/build/../hw/net/virtio-net.c:3444:25
#4 0x55c1adace541 in virtio_net_pci_realize /home/XXX/qemu/build/../hw/virtio/virtio-net-pci.c:62:5
#5 0x55c1ad13ec00 in virtio_pci_realize /home/XXX/qemu/build/../hw/virtio/virtio-pci.c:2228:9
#6 0x55c1acdec557 in pci_qdev_realize /home/XXX/qemu/build/../hw/pci/pci.c:2117:9
#7 0x55c1adcb9484 in device_set_realized /home/XXX/qemu/build/../hw/core/qdev.c:510:13
#8 0x55c1adcd6278 in property_set_bool /home/XXX/qemu/build/../qom/object.c:2305:5
#9 0x55c1adcd1443 in object_property_set /home/XXX/qemu/build/../qom/object.c:1435:5
#10 0x55c1adcdd15c in object_property_set_qobject /home/XXX/qemu/build/../qom/qom-qobject.c:28:10
#11 0x55c1adcd1d11 in object_property_set_bool /home/XXX/qemu/build/../qom/object.c:1504:15
#12 0x55c1ad27021a in qdev_device_add_from_qdict /home/XXX/qemu/build/../system/qdev-monitor.c:719:10
#13 0x55c1ad271364 in qdev_device_add /home/XXX/qemu/build/../system/qdev-monitor.c:738:11
#14 0x55c1ad2726eb in qmp_device_add /home/XXX/qemu/build/../system/qdev-monitor.c:860:11
#15 0x55c1ad27311d in hmp_device_add /home/XXX/qemu/build/../system/qdev-monitor.c:968:5
#16 0x55c1ad3bfef4 in handle_hmp_command_exec /home/XXX/qemu/build/../monitor/hmp.c:1106:9
#17 0x55c1ad3bdfa3 in handle_hmp_command /home/XXX/qemu/build/../monitor/hmp.c:1158:9
#18 0x55c1ad3b99ee in monitor_command_cb /home/XXX/qemu/build/../monitor/hmp.c:47:5
#19 0x55c1ae3d5c3a in readline_handle_byte /home/XXX/qemu/build/../util/readline.c:419:13
#20 0x55c1ad3c2261 in monitor_read /home/XXX/qemu/build/../monitor/hmp.c:1390:13
#21 0x55c1ae0ff644 in fd_chr_read /home/XXX/qemu/build/../chardev/char-fd.c:72:9
#22 0x7f45c168cc43 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x55c43) (BuildId: 224ac2a88b72bc8e2fe8566ee28fae789fc69241)
#23 0x55c1ae3786db in glib_pollfds_poll /home/XXX/qemu/build/../util/main-loop.c:290:9
#24 0x55c1ae3786db in os_host_main_loop_wait /home/XXX/qemu/build/../util/main-loop.c:313:5
#25 0x55c1ae3786db in main_loop_wait /home/XXX/qemu/build/../util/main-loop.c:592:11
#26 0x55c1ad282d06 in qemu_main_loop /home/XXX/qemu/build/../system/runstate.c:782:9
#27 0x55c1adca6115 in qemu_default_main /home/XXX/qemu/build/../system/main.c:37:14
#28 0x7f45c0bd0d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#29 0x7f45c0bd0e3f in __libc_start_main csu/../csu/libc-start.c:392:3
SUMMARY: AddressSanitizer: 20 byte(s) leaked in 2 allocation(s).
```
#
|