Migration/Qtest patches for 2026-03-17

[PULL 02/10] io: Fix TLS bye task leak

Posted by Fabiano Rosas 2 weeks, 6 days ago

Recent fixes to TLS tasks memory handling have left the TLS bye task
uncovered. Fix by freeing the task in the same way the handshake task
is freed.

Direct leak of 704 byte(s) in 4 object(s) allocated from:
    #1 0x7f5909b1d6a0 in g_malloc0 ../glib/gmem.c:163
    #2 0x557650496d61 in qio_task_new ../io/task.c:58:12
    #3 0x557650475d7f in qio_channel_tls_bye ../io/channel-tls.c:352:12
    #4 0x55764f7a1bb4 in migration_tls_channel_end ../migration/tls.c:159:5
    #5 0x55764f709750 in migration_ioc_shutdown_gracefully ../migration/multifd.c:462:9
    #6 0x55764f6fcf53 in multifd_send_terminate_threads ../migration/multifd.c:493:13
    #7 0x55764f6fcafb in multifd_send_shutdown ../migration/multifd.c:580:5
    #8 0x55764f6e1b14 in migration_cleanup ../migration/migration.c:1323:9
    #9 0x55764f6f5bac in migration_cleanup_bh ../migration/migration.c:1350:5

Fixes: d39d0f3acd ("io: fix cleanup for TLS I/O source data on cancellation")
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Link: https://lore.kernel.org/qemu-devel/20260311213418.16951-3-farosas@suse.de
Signed-off-by: Fabiano Rosas <farosas@suse.de>
---
 io/channel-tls.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/io/channel-tls.c b/io/channel-tls.c
index 940fc3c6d1..31ec4d236d 100644
--- a/io/channel-tls.c
+++ b/io/channel-tls.c
@@ -352,7 +352,9 @@ void qio_channel_tls_bye(QIOChannelTLS *ioc, Error **errp)
     task = qio_task_new(OBJECT(ioc), propagate_error, errp, NULL);
 
     trace_qio_channel_tls_bye_start(ioc);
-    qio_channel_tls_bye_task(ioc, task, NULL);
+    if (qio_channel_tls_bye_task(ioc, task, NULL)) {
+        qio_task_free(task);
+    }
 }
 
 static void qio_channel_tls_init(Object *obj G_GNUC_UNUSED)
-- 
2.51.0

Re: [PULL 02/10] io: Fix TLS bye task leak

Posted by Michael Tokarev 2 weeks, 5 days ago

On 17.03.2026 21:23, Fabiano Rosas wrote:
> Recent fixes to TLS tasks memory handling have left the TLS bye task
> uncovered. Fix by freeing the task in the same way the handshake task
> is freed.
> 
> Direct leak of 704 byte(s) in 4 object(s) allocated from:
>      #1 0x7f5909b1d6a0 in g_malloc0 ../glib/gmem.c:163
>      #2 0x557650496d61 in qio_task_new ../io/task.c:58:12
>      #3 0x557650475d7f in qio_channel_tls_bye ../io/channel-tls.c:352:12
>      #4 0x55764f7a1bb4 in migration_tls_channel_end ../migration/tls.c:159:5
>      #5 0x55764f709750 in migration_ioc_shutdown_gracefully ../migration/multifd.c:462:9
>      #6 0x55764f6fcf53 in multifd_send_terminate_threads ../migration/multifd.c:493:13
>      #7 0x55764f6fcafb in multifd_send_shutdown ../migration/multifd.c:580:5
>      #8 0x55764f6e1b14 in migration_cleanup ../migration/migration.c:1323:9
>      #9 0x55764f6f5bac in migration_cleanup_bh ../migration/migration.c:1350:5
> 
> Fixes: d39d0f3acd ("io: fix cleanup for TLS I/O source data on cancellation")
> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> Acked-by: Daniel P. Berrangé <berrange@redhat.com>
> Link: https://lore.kernel.org/qemu-devel/20260311213418.16951-3-farosas@suse.de
> Signed-off-by: Fabiano Rosas <farosas@suse.de>

This seems like a qemu-stable material, -- since the above mentioned
commit is in currently active stable branches.

Please let me know if I shouldn't pick it up for the currently active
stable branches (10.0 & 10.2).

Thanks,

/mjt

Re: [PULL 02/10] io: Fix TLS bye task leak

Posted by Daniel P. Berrangé 2 weeks, 4 days ago

On Wed, Mar 18, 2026 at 11:36:50PM +0300, Michael Tokarev wrote:
> On 17.03.2026 21:23, Fabiano Rosas wrote:
> > Recent fixes to TLS tasks memory handling have left the TLS bye task
> > uncovered. Fix by freeing the task in the same way the handshake task
> > is freed.
> > 
> > Direct leak of 704 byte(s) in 4 object(s) allocated from:
> >      #1 0x7f5909b1d6a0 in g_malloc0 ../glib/gmem.c:163
> >      #2 0x557650496d61 in qio_task_new ../io/task.c:58:12
> >      #3 0x557650475d7f in qio_channel_tls_bye ../io/channel-tls.c:352:12
> >      #4 0x55764f7a1bb4 in migration_tls_channel_end ../migration/tls.c:159:5
> >      #5 0x55764f709750 in migration_ioc_shutdown_gracefully ../migration/multifd.c:462:9
> >      #6 0x55764f6fcf53 in multifd_send_terminate_threads ../migration/multifd.c:493:13
> >      #7 0x55764f6fcafb in multifd_send_shutdown ../migration/multifd.c:580:5
> >      #8 0x55764f6e1b14 in migration_cleanup ../migration/migration.c:1323:9
> >      #9 0x55764f6f5bac in migration_cleanup_bh ../migration/migration.c:1350:5
> > 
> > Fixes: d39d0f3acd ("io: fix cleanup for TLS I/O source data on cancellation")
> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> > Acked-by: Daniel P. Berrangé <berrange@redhat.com>
> > Link: https://lore.kernel.org/qemu-devel/20260311213418.16951-3-farosas@suse.de
> > Signed-off-by: Fabiano Rosas <farosas@suse.de>
> 
> This seems like a qemu-stable material, -- since the above mentioned
> commit is in currently active stable branches.
> 
> Please let me know if I shouldn't pick it up for the currently active
> stable branches (10.0 & 10.2).

Yes, please take to stable.

With regards,
Daniel
-- 
|: https://berrange.com       ~~        https://hachyderm.io/@berrange :|
|: https://libvirt.org          ~~          https://entangle-photo.org :|
|: https://pixelfed.art/berrange   ~~    https://fstop138.berrange.com :|