[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Leaks in xc_tbuf_get_size() (Was: Re: New Defects reported by Coverity Scan for XenProject)

On Wed, Feb 3, 2016 at 10:37 AM, Ian Campbell <ian.campbell@xxxxxxxxxx> wrote:
> George,
>
> Looks like xentrace is the only maintained component which uses this. so
> tag ;-)

OK -- I think this will only be called once, so it's only leaking a
page or two of virtual address space until the process dies (which in
the case of an error will be immediate).  But certainly worth fixing.
:-)

I'll put this on a list of clean-ups; maybe we can give it to the next
OPW / GSoC candidate who shows up (if I don't get to it earlier).

 -George

>
> On Tue, 2016-02-02 at 20:23 -0800, scan-admin@xxxxxxxxxxxx wrote:
>> * CID 1351228:    (RESOURCE_LEAK)
>> /tools/libxc/xc_tbuf.c: 73 in xc_tbuf_get_size()
>> /tools/libxc/xc_tbuf.c: 77 in xc_tbuf_get_size()
>
> Coverity is reporting these as new in 41b0aa569adb..9937763265d9 although
> the file hasn't changed. However it does look correct that t_info is being
> leaked by various paths in this function.
>
>>
>>
>> _________________________________________________________________________
>> _______________________________
>> *** CID 1351228:    (RESOURCE_LEAK)
>> /tools/libxc/xc_tbuf.c: 73 in xc_tbuf_get_size()
>> 67
>> 68         t_info = xc_map_foreign_range(xch, DOMID_XEN,
>> 69                         sysctl.u.tbuf_op.size, PROT_READ | PROT_WRITE,
>> 70                         sysctl.u.tbuf_op.buffer_mfn);
>> 71
>> 72         if ( t_info == NULL || t_info->tbuf_size == 0 )
>> >>>     CID 1351228:    (RESOURCE_LEAK)
>> >>>     Variable "t_info" going out of scope leaks the storage it points
>> to.
>> 73             return -1;
>> 74
>> 75         *size = t_info->tbuf_size;
>> 76
>> 77         return 0;
>> 78     }
>> /tools/libxc/xc_tbuf.c: 77 in xc_tbuf_get_size()
>> 71
>> 72         if ( t_info == NULL || t_info->tbuf_size == 0 )
>> 73             return -1;
>> 74
>> 75         *size = t_info->tbuf_size;
>> 76
>> >>>     CID 1351228:    (RESOURCE_LEAK)
>> >>>     Variable "t_info" going out of scope leaks the storage it points
>> to.
>> 77         return 0;
>> 78     }
>> 79
>> 80     int xc_tbuf_enable(xc_interface *xch, unsigned long pages,
>> unsigned long *mfn,
>> 81                        unsigned long *size)
>> 82     {
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxx
> http://lists.xen.org/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.