New subject: [PATCH v2] remote/stream-event: Fix a memory leak in?? remoteStreamCallbackFree()

25 Jun 2025

From: Liu Song <liu.song13@zte.com.cn>

The ff callback is never called in remoteStreamCallbackFree() because
cbdata->cb can not be NULL. This causes a leak of 'cbdata->opaque'.

The leak can be reproduced by attaching and detaching to the console of
an VM using `virsh console`.

ASAN reports the leak stack as:
Direct leak of 288 byte(s) in 1 object(s) allocated from:
    #0 0x7f6edf6ba0c7 in calloc (/lib64/libasan.so.8+0xba0c7)
    #1 0x7f6edf5175b0 in g_malloc0 (/lib64/libglib-2.0.so.0+0x615b0)
    #2 0x7f6ede6d0be3 in g_type_create_instance (/lib64/libgobject-2.0.so.0+0x3cbe3)
    #3 0x7f6ede6b82cf in g_object_new_internal (/lib64/libgobject-2.0.so.0+0x242cf)
    #4 0x7f6ede6b9877 in g_object_new_with_properties (/lib64/libgobject-2.0.so.0+0x25877)
    #5 0x7f6ede6ba620 in g_object_new (/lib64/libgobject-2.0.so.0+0x26620)
    #6 0x7f6edeb78138 in virObjectNew ../src/util/virobject.c:252
    #7 0x7f6edeb7a78b in virObjectLockableNew ../src/util/virobject.c:274
    #8 0x558251e427e1 in virConsoleNew ../tools/virsh-console.c:369
    #9 0x558251e427e1 in virshRunConsole ../tools/virsh-console.c:427

Signed-off-by: Liu Song <liu.song13@zte.com.cn>
---
Changes in v2:
- Fixed email formatting to ensure patch applies correctly

 src/remote/remote_daemon_stream.c | 2 +-
 src/remote/remote_driver.c        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/remote/remote_daemon_stream.c b/src/remote/remote_daemon_stream.c
index 453728a66b..a5032f9a43 100644
--- a/src/remote/remote_daemon_stream.c
+++ b/src/remote/remote_daemon_stream.c
@@ -437,13 +437,13 @@ int daemonAddClientStream(virNetServerClient *client,
         return -1;
     }

+    virObjectRef(client);
     if (virStreamEventAddCallback(stream->st, 0,
                                   daemonStreamEvent, client,
                                   virObjectUnref) < 0)
         return -1;

     virObjectRef(client);
-
     if ((stream->filterID = virNetServerClientAddFilter(client,
                                                         daemonStreamFilter,
                                                         stream)) < 0) {
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 2690c05267..9ac13469e9 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -5336,7 +5336,7 @@ static void remoteStreamCallbackFree(void *opaque)
 {
     struct remoteStreamCallbackData *cbdata = opaque;

-    if (!cbdata->cb && cbdata->ff)
+    if (cbdata->ff)
         (cbdata->ff)(cbdata->opaque);

     virObjectUnref(cbdata->st);
-- 
2.27.0

    

[PATCH v2] remote/stream-event: Fix a memory leak in remoteStreamCallbackFree()

liu.xuemei1＠zte.com.cn

Peter Krempa

liu.song13＠zte.com.cn

Peter Krempa

liu.song13＠zte.com.cn

tags

participants (3)