Hi all, I find a memory leak bug in QEMU 6.2.0, which is in write_boot_rom()(./hw/arm/aspeed.c).
Specifically, at line 276, a memory chunk is allocated with g_new0() and assigned to the variable 'storage'. However, if the branch takes true at line 277, there will be only an error report at line 278 but not a free operation for 'storage' before function returns. As a result, a memory leak bug is triggered. 259 BlockBackend *blk = blk_by_legacy_dinfo(dinfo); ... 276 storage = g_new0(uint8_t, rom_size); 277 if (blk_pread(blk, 0, storage, rom_size) < 0) { 278 error_setg(errp, "failed to read the initial flash content"); 279 return; 280 } I believe that the problem can be fixed by adding a g_free() before the function returns. 277 if (blk_pread(blk, 0, storage, rom_size) < 0) { 278 error_setg(errp, "failed to read the initial flash content"); +++ g_free(storage); 279 return; 280 } I'm looking forward to your confirmation. Best, Wentao
--- ./hw/arm/aspeed.c 2022-02-23 15:06:31.928708083 +0800 +++ ./hw/arm/aspeed-PATCH.c 2022-02-23 21:22:28.200802801 +0800 @@ -276,6 +276,7 @@ storage = g_new0(uint8_t, rom_size); if (blk_pread(blk, 0, storage, rom_size) < 0) { error_setg(errp, "failed to read the initial flash content"); + g_free(storage); return; }