Re: [Libguestfs] [nbdkit PATCH] nbd: Fix memory leak

On Sat, Dec 02, 2017 at 11:52:31AM -0600, Eric Blake wrote: > When converting from a single transaction to a linked list, I > forgot to free the storage for each member of the list. > > Reported-by: Richard W.M. Jones <rjones(a)redhat.com&gt; > Fixes: 7f5bb9bf13f041ea7702bda557d9dd668bc3423a > Signed-off-by: Eric Blake <eblake(a)redhat.com&gt; > --- > > I'm still not sure why 'make check' passes while 'make check-valgrind' > fails for TESTS=test-nbd, but this at least avoids the memory leak.

> > *fd = trans->u.fds[1]; > + free (trans); > switch (be32toh (rep.error)) { > case NBD_SUCCESS: > if (trans->buf && read_full (h->fd, trans->buf, trans->count) < 0)

Can this be right? valgrind seems to be saying that there are double-free errors when I add this patch (see below).

==18076== Thread 3: ==18076== Invalid read of size 8 ==18076== at 0x77EBB08: nbd_reply_raw (nbd.c:340) ==18076== by 0x77EBB08: nbd_reader (nbd.c:373) ==18076== by 0x55DC55A: start_thread (in /usr/lib64/libpthread-2.26.9000.so) ==18076== by 0x58E85AE: clone (in /usr/lib64/libc-2.26.9000.so) ==18076== Address 0x7452fc8 is 8 bytes inside a block of size 32 free'd ==18076== at 0x4C2ED18: free (vg_replace_malloc.c:530) ==18076== by 0x77EB996: nbd_reply_raw (nbd.c:337) ==18076== by 0x77EB996: nbd_reader (nbd.c:373) ==18076== by 0x55DC55A: start_thread (in /usr/lib64/libpthread-2.26.9000.so) ==18076== by 0x58E85AE: clone (in /usr/lib64/libc-2.26.9000.so) ==18076== Block was alloc'd at ==18076== at 0x4C2FA1E: calloc (vg_replace_malloc.c:711) ==18076== by 0x77EBBAF: nbd_request_full (nbd.c:264) ==18076== by 0x77EBD98: nbd_pread (nbd.c:602) ==18076== by 0x405986: handle_request (connections.c:884) ==18076== by 0x405986: recv_request_send_reply (connections.c:1061) ==18076== by 0x405AE7: connection_worker (connections.c:200) ==18076== by 0x55DC55A: start_thread (in /usr/lib64/libpthread-2.26.9000.so) ==18076== by 0x58E85AE: clone (in /usr/lib64/libc-2.26.9000.so)