Hi all,
I find a memory leak bug in QEMU 6.2.0, which is in
write_boot_rom()(./hw/arm/aspeed.c).
Specifically, at line 276, a memory chunk is allocated with g_new0() and
assigned to the variable 'storage'. However, if the branch takes true at line
277, there will be only an error report at line 278 but not a free operation
for 'storage' before function returns. As a result, a memory leak bug is
triggered.
259 BlockBackend *blk = blk_by_legacy_dinfo(dinfo);
...
276 storage = g_new0(uint8_t, rom_size);
277 if (blk_pread(blk, 0, storage, rom_size) < 0) {
278 error_setg(errp, "failed to read the initial flash content");
279 return;
280 }
I believe that the problem can be fixed by adding a g_free() before the
function returns.
277 if (blk_pread(blk, 0, storage, rom_size) < 0) {
278 error_setg(errp, "failed to read the initial flash content");
+++ g_free(storage);
279 return;
280 }
I'm looking forward to your confirmation.
Best,
Wentao
--- ./hw/arm/aspeed.c 2022-02-23 15:06:31.928708083 +0800
+++ ./hw/arm/aspeed-PATCH.c 2022-02-23 21:22:28.200802801 +0800
@@ -276,6 +276,7 @@
storage = g_new0(uint8_t, rom_size);
if (blk_pread(blk, 0, storage, rom_size) < 0) {
error_setg(errp, "failed to read the initial flash content");
+ g_free(storage);
return;
}
