[PATCH] ppc: free 'fdt' after reset the machine

pannengyuan@huawei.com posted 1 patch 32 weeks ago
Test docker-quick@centos7 passed
Test FreeBSD passed
Test docker-mingw@fedora passed
Test checkpatch passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20200214033206.4395-1-pannengyuan@huawei.com
Maintainers: "Cédric Le Goater" <clg@kaod.org>, David Gibson <david@gibson.dropbear.id.au>
hw/ppc/e500.c | 1 +
hw/ppc/pnv.c  | 2 ++
2 files changed, 3 insertions(+)

[PATCH] ppc: free 'fdt' after reset the machine

Posted by pannengyuan@huawei.com 32 weeks ago
From: Pan Nengyuan <pannengyuan@huawei.com>

'fdt' forgot to clean both e500 and pnv when we call 'system_reset' on ppc,
this patch fix it. The leak stacks are as follow:

Direct leak of 4194304 byte(s) in 4 object(s) allocated from:
    #0 0x7fafe37dd970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
    #1 0x7fafe2e3149d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
    #2 0x561876f7f80d in create_device_tree /mnt/sdb/qemu-new/qemu/device_tree.c:40
    #3 0x561876b7ac29 in ppce500_load_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:364
    #4 0x561876b7f437 in ppce500_reset_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:617
    #5 0x56187718b1ae in qemu_devices_reset /mnt/sdb/qemu-new/qemu/hw/core/reset.c:69
    #6 0x561876f6938d in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1412
    #7 0x561876f6a25b in main_loop_should_exit /mnt/sdb/qemu-new/qemu/vl.c:1645
    #8 0x561876f6a398 in main_loop /mnt/sdb/qemu-new/qemu/vl.c:1679
    #9 0x561876f7da8e in main /mnt/sdb/qemu-new/qemu/vl.c:4438
    #10 0x7fafde16b812 in __libc_start_main ../csu/libc-start.c:308
    #11 0x5618765c055d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)

Direct leak of 1048576 byte(s) in 1 object(s) allocated from:
    #0 0x7fc0a6f1b970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
    #1 0x7fc0a656f49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
    #2 0x55eb05acd2ca in pnv_dt_create /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:507
    #3 0x55eb05ace5bf in pnv_reset /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:578
    #4 0x55eb05f2f395 in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1410
    #5 0x55eb05f43850 in main /mnt/sdb/qemu-new/qemu/vl.c:4403
    #6 0x7fc0a18a9812 in __libc_start_main ../csu/libc-start.c:308
    #7 0x55eb0558655d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)

Reported-by: Euler Robot <pannengyuan@huawei.com>
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
---
 hw/ppc/e500.c | 1 +
 hw/ppc/pnv.c  | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 886442e54f..af537bba2b 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -594,6 +594,7 @@ done:
         cpu_physical_memory_write(addr, fdt, fdt_size);
     }
     ret = fdt_size;
+    g_free(fdt);
 
 out:
     g_free(pci_map);
diff --git a/hw/ppc/pnv.c b/hw/ppc/pnv.c
index 139c857b1e..e98038b809 100644
--- a/hw/ppc/pnv.c
+++ b/hw/ppc/pnv.c
@@ -582,6 +582,8 @@ static void pnv_reset(MachineState *machine)
 
     qemu_fdt_dumpdtb(fdt, fdt_totalsize(fdt));
     cpu_physical_memory_write(PNV_FDT_ADDR, fdt, fdt_totalsize(fdt));
+
+    g_free(fdt);
 }
 
 static ISABus *pnv_chip_power8_isa_create(PnvChip *chip, Error **errp)
-- 
2.18.2


Re: [PATCH] ppc: free 'fdt' after reset the machine

Posted by Greg Kurz 32 weeks ago
On Fri, 14 Feb 2020 11:32:06 +0800
<pannengyuan@huawei.com> wrote:

> From: Pan Nengyuan <pannengyuan@huawei.com>
> 
> 'fdt' forgot to clean both e500 and pnv when we call 'system_reset' on ppc,
> this patch fix it. The leak stacks are as follow:
> 
> Direct leak of 4194304 byte(s) in 4 object(s) allocated from:
>     #0 0x7fafe37dd970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
>     #1 0x7fafe2e3149d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
>     #2 0x561876f7f80d in create_device_tree /mnt/sdb/qemu-new/qemu/device_tree.c:40
>     #3 0x561876b7ac29 in ppce500_load_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:364
>     #4 0x561876b7f437 in ppce500_reset_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:617
>     #5 0x56187718b1ae in qemu_devices_reset /mnt/sdb/qemu-new/qemu/hw/core/reset.c:69
>     #6 0x561876f6938d in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1412
>     #7 0x561876f6a25b in main_loop_should_exit /mnt/sdb/qemu-new/qemu/vl.c:1645
>     #8 0x561876f6a398 in main_loop /mnt/sdb/qemu-new/qemu/vl.c:1679
>     #9 0x561876f7da8e in main /mnt/sdb/qemu-new/qemu/vl.c:4438
>     #10 0x7fafde16b812 in __libc_start_main ../csu/libc-start.c:308
>     #11 0x5618765c055d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)
> 
> Direct leak of 1048576 byte(s) in 1 object(s) allocated from:
>     #0 0x7fc0a6f1b970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
>     #1 0x7fc0a656f49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
>     #2 0x55eb05acd2ca in pnv_dt_create /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:507
>     #3 0x55eb05ace5bf in pnv_reset /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:578
>     #4 0x55eb05f2f395 in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1410
>     #5 0x55eb05f43850 in main /mnt/sdb/qemu-new/qemu/vl.c:4403
>     #6 0x7fc0a18a9812 in __libc_start_main ../csu/libc-start.c:308
>     #7 0x55eb0558655d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)
> 
> Reported-by: Euler Robot <pannengyuan@huawei.com>

The recipient list and 'git log' seem to agree on the fact that 'Euler Robot'
has its own email address, that is not yours ;-)

Reported-by: Euler Robot <euler.robot@huawei.com>

I guess David can fix this when applying the patch. No need to repost
unless explicitly asked to do so.

> Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
> ---

Reviewed-by: Greg Kurz <groug@kaod.org>

>  hw/ppc/e500.c | 1 +
>  hw/ppc/pnv.c  | 2 ++
>  2 files changed, 3 insertions(+)
> 
> diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
> index 886442e54f..af537bba2b 100644
> --- a/hw/ppc/e500.c
> +++ b/hw/ppc/e500.c
> @@ -594,6 +594,7 @@ done:
>          cpu_physical_memory_write(addr, fdt, fdt_size);
>      }
>      ret = fdt_size;
> +    g_free(fdt);
>  
>  out:
>      g_free(pci_map);
> diff --git a/hw/ppc/pnv.c b/hw/ppc/pnv.c
> index 139c857b1e..e98038b809 100644
> --- a/hw/ppc/pnv.c
> +++ b/hw/ppc/pnv.c
> @@ -582,6 +582,8 @@ static void pnv_reset(MachineState *machine)
>  
>      qemu_fdt_dumpdtb(fdt, fdt_totalsize(fdt));
>      cpu_physical_memory_write(PNV_FDT_ADDR, fdt, fdt_totalsize(fdt));
> +
> +    g_free(fdt);
>  }
>  
>  static ISABus *pnv_chip_power8_isa_create(PnvChip *chip, Error **errp)


Re: [PATCH] ppc: free 'fdt' after reset the machine

Posted by Pan Nengyuan 32 weeks ago

On 2/14/2020 11:48 PM, Greg Kurz wrote:
> On Fri, 14 Feb 2020 11:32:06 +0800
> <pannengyuan@huawei.com> wrote:
> 
>> From: Pan Nengyuan <pannengyuan@huawei.com>
>>
>> 'fdt' forgot to clean both e500 and pnv when we call 'system_reset' on ppc,
>> this patch fix it. The leak stacks are as follow:
>>
>> Direct leak of 4194304 byte(s) in 4 object(s) allocated from:
>>     #0 0x7fafe37dd970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
>>     #1 0x7fafe2e3149d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
>>     #2 0x561876f7f80d in create_device_tree /mnt/sdb/qemu-new/qemu/device_tree.c:40
>>     #3 0x561876b7ac29 in ppce500_load_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:364
>>     #4 0x561876b7f437 in ppce500_reset_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:617
>>     #5 0x56187718b1ae in qemu_devices_reset /mnt/sdb/qemu-new/qemu/hw/core/reset.c:69
>>     #6 0x561876f6938d in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1412
>>     #7 0x561876f6a25b in main_loop_should_exit /mnt/sdb/qemu-new/qemu/vl.c:1645
>>     #8 0x561876f6a398 in main_loop /mnt/sdb/qemu-new/qemu/vl.c:1679
>>     #9 0x561876f7da8e in main /mnt/sdb/qemu-new/qemu/vl.c:4438
>>     #10 0x7fafde16b812 in __libc_start_main ../csu/libc-start.c:308
>>     #11 0x5618765c055d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)
>>
>> Direct leak of 1048576 byte(s) in 1 object(s) allocated from:
>>     #0 0x7fc0a6f1b970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
>>     #1 0x7fc0a656f49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
>>     #2 0x55eb05acd2ca in pnv_dt_create /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:507
>>     #3 0x55eb05ace5bf in pnv_reset /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:578
>>     #4 0x55eb05f2f395 in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1410
>>     #5 0x55eb05f43850 in main /mnt/sdb/qemu-new/qemu/vl.c:4403
>>     #6 0x7fc0a18a9812 in __libc_start_main ../csu/libc-start.c:308
>>     #7 0x55eb0558655d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)
>>
>> Reported-by: Euler Robot <pannengyuan@huawei.com>
> 
> The recipient list and 'git log' seem to agree on the fact that 'Euler Robot'
> has its own email address, that is not yours ;-)
> 
> Reported-by: Euler Robot <euler.robot@huawei.com>
> 
> I guess David can fix this when applying the patch. No need to repost
> unless explicitly asked to do so.

Yes, your guess is right. I'm sorry for my carelessness.

Thanks.

> 
>> Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
>> ---
> 
> Reviewed-by: Greg Kurz <groug@kaod.org>
> 
>>  hw/ppc/e500.c | 1 +
>>  hw/ppc/pnv.c  | 2 ++
>>  2 files changed, 3 insertions(+)
>>
>> diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
>> index 886442e54f..af537bba2b 100644
>> --- a/hw/ppc/e500.c
>> +++ b/hw/ppc/e500.c
>> @@ -594,6 +594,7 @@ done:
>>          cpu_physical_memory_write(addr, fdt, fdt_size);
>>      }
>>      ret = fdt_size;
>> +    g_free(fdt);
>>  
>>  out:
>>      g_free(pci_map);
>> diff --git a/hw/ppc/pnv.c b/hw/ppc/pnv.c
>> index 139c857b1e..e98038b809 100644
>> --- a/hw/ppc/pnv.c
>> +++ b/hw/ppc/pnv.c
>> @@ -582,6 +582,8 @@ static void pnv_reset(MachineState *machine)
>>  
>>      qemu_fdt_dumpdtb(fdt, fdt_totalsize(fdt));
>>      cpu_physical_memory_write(PNV_FDT_ADDR, fdt, fdt_totalsize(fdt));
>> +
>> +    g_free(fdt);
>>  }
>>  
>>  static ISABus *pnv_chip_power8_isa_create(PnvChip *chip, Error **errp)
> 
> .
> 

Re: [PATCH] ppc: free 'fdt' after reset the machine

Posted by David Gibson 32 weeks ago
On Sat, Feb 15, 2020 at 09:30:56AM +0800, Pan Nengyuan wrote:
> 
> 
> On 2/14/2020 11:48 PM, Greg Kurz wrote:
> > On Fri, 14 Feb 2020 11:32:06 +0800
> > <pannengyuan@huawei.com> wrote:
> > 
> >> From: Pan Nengyuan <pannengyuan@huawei.com>
> >>
> >> 'fdt' forgot to clean both e500 and pnv when we call 'system_reset' on ppc,
> >> this patch fix it. The leak stacks are as follow:
> >>
> >> Direct leak of 4194304 byte(s) in 4 object(s) allocated from:
> >>     #0 0x7fafe37dd970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
> >>     #1 0x7fafe2e3149d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
> >>     #2 0x561876f7f80d in create_device_tree /mnt/sdb/qemu-new/qemu/device_tree.c:40
> >>     #3 0x561876b7ac29 in ppce500_load_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:364
> >>     #4 0x561876b7f437 in ppce500_reset_device_tree /mnt/sdb/qemu-new/qemu/hw/ppc/e500.c:617
> >>     #5 0x56187718b1ae in qemu_devices_reset /mnt/sdb/qemu-new/qemu/hw/core/reset.c:69
> >>     #6 0x561876f6938d in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1412
> >>     #7 0x561876f6a25b in main_loop_should_exit /mnt/sdb/qemu-new/qemu/vl.c:1645
> >>     #8 0x561876f6a398 in main_loop /mnt/sdb/qemu-new/qemu/vl.c:1679
> >>     #9 0x561876f7da8e in main /mnt/sdb/qemu-new/qemu/vl.c:4438
> >>     #10 0x7fafde16b812 in __libc_start_main ../csu/libc-start.c:308
> >>     #11 0x5618765c055d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)
> >>
> >> Direct leak of 1048576 byte(s) in 1 object(s) allocated from:
> >>     #0 0x7fc0a6f1b970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970)
> >>     #1 0x7fc0a656f49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d)
> >>     #2 0x55eb05acd2ca in pnv_dt_create /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:507
> >>     #3 0x55eb05ace5bf in pnv_reset /mnt/sdb/qemu-new/qemu/hw/ppc/pnv.c:578
> >>     #4 0x55eb05f2f395 in qemu_system_reset /mnt/sdb/qemu-new/qemu/vl.c:1410
> >>     #5 0x55eb05f43850 in main /mnt/sdb/qemu-new/qemu/vl.c:4403
> >>     #6 0x7fc0a18a9812 in __libc_start_main ../csu/libc-start.c:308
> >>     #7 0x55eb0558655d in _start (/mnt/sdb/qemu-new/qemu/build/ppc64-softmmu/qemu-system-ppc64+0x2b1555d)
> >>
> >> Reported-by: Euler Robot <pannengyuan@huawei.com>
> > 
> > The recipient list and 'git log' seem to agree on the fact that 'Euler Robot'
> > has its own email address, that is not yours ;-)
> > 
> > Reported-by: Euler Robot <euler.robot@huawei.com>
> > 
> > I guess David can fix this when applying the patch. No need to repost
> > unless explicitly asked to do so.
> 
> Yes, your guess is right. I'm sorry for my carelessness.

Corrected inline and merged, thanks.

Oddly, the original mail of this series didn't seem to appear in my
inbox, although the replies did, even though I see that you've CCed
me.

I hope that just means that it did appear and I accidentally deleted
it, not that something is wrong with my mail setup.

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson