From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
To: Gregory Price <gourry.memverge@gmail.com>
Cc: <qemu-devel@nongnu.org>, <linux-cxl@vger.kernel.org>,
<alison.schofield@intel.com>, <dave@stgolabs.net>,
<a.manzanares@samsung.com>, <bwidawsk@kernel.org>,
<gregory.price@memverge.com>, <mst@redhat.com>,
<hchkuo@avery-design.com.tw>, <cbrowy@avery-design.com>,
<ira.weiny@intel.com>
Subject: Re: [PATCH 4/5] hw/mem/cxl_type3: Change the CDAT allocation/free strategy
Date: Thu, 13 Oct 2022 11:45:40 +0100 [thread overview]
Message-ID: <20221013114540.00006027@huawei.com> (raw)
In-Reply-To: <20221012182120.174142-5-gregory.price@memverge.com>
On Wed, 12 Oct 2022 14:21:19 -0400
Gregory Price <gourry.memverge@gmail.com> wrote:
> The existing code allocates a subtable for SLBIS entries, uses a
> local variable to avoid a g_autofree footgun, and the cleanup code
> causes heap corruption.
Ah good point (particularly given I moaned about how you were handling
the frees and still failed to notice the current code was broken!)
>
> Rather than allocate a table, explicitly allocate each individual entry
> and make the sub-table size static.
>
> Signed-off-by: Gregory Price <gregory.price@memverge.com>
I'll integrate a change in the spirit of what you have here, but
without aggregating the error handling paths.
> ---
> hw/mem/cxl_type3.c | 49 ++++++++++++++++++++++++----------------------
> 1 file changed, 26 insertions(+), 23 deletions(-)
>
> diff --git a/hw/mem/cxl_type3.c b/hw/mem/cxl_type3.c
> index 0e0ea70387..220b9f09a9 100644
> --- a/hw/mem/cxl_type3.c
> +++ b/hw/mem/cxl_type3.c
> @@ -23,13 +23,14 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> void *priv)
> {
> g_autofree CDATDsmas *dsmas_nonvolatile = NULL;
> - g_autofree CDATDslbis *dslbis_nonvolatile = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile1 = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile2 = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile3 = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile4 = NULL;
> g_autofree CDATDsemts *dsemts_nonvolatile = NULL;
> CXLType3Dev *ct3d = priv;
> - int i = 0;
> int next_dsmad_handle = 0;
> int nonvolatile_dsmad = -1;
> - int dslbis_nonvolatile_num = 4;
> MemoryRegion *mr;
>
> if (!ct3d->hostmem) {
> @@ -48,10 +49,15 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
>
> /* Non volatile aspects */
> dsmas_nonvolatile = g_malloc(sizeof(*dsmas_nonvolatile));
> - dslbis_nonvolatile =
> - g_malloc(sizeof(*dslbis_nonvolatile) * dslbis_nonvolatile_num);
> + dslbis_nonvolatile1 = g_malloc(sizeof(*dslbis_nonvolatile1));
> + dslbis_nonvolatile2 = g_malloc(sizeof(*dslbis_nonvolatile2));
> + dslbis_nonvolatile3 = g_malloc(sizeof(*dslbis_nonvolatile3));
> + dslbis_nonvolatile4 = g_malloc(sizeof(*dslbis_nonvolatile4));
> dsemts_nonvolatile = g_malloc(sizeof(*dsemts_nonvolatile));
> - if (!dsmas_nonvolatile || !dslbis_nonvolatile || !dsemts_nonvolatile) {
> +
> + if (!dsmas_nonvolatile || !dsemts_nonvolatile ||
> + !dslbis_nonvolatile1 || !dslbis_nonvolatile2 ||
> + !dslbis_nonvolatile3 || !dslbis_nonvolatile4) {
> g_free(*cdat_table);
> *cdat_table = NULL;
> return -ENOMEM;
> @@ -70,10 +76,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> };
>
> /* For now, no memory side cache, plausiblish numbers */
> - dslbis_nonvolatile[0] = (CDATDslbis) {
> + *dslbis_nonvolatile1 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile1),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -82,10 +88,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> .entry[0] = 15, /* 150ns */
> };
>
> - dslbis_nonvolatile[1] = (CDATDslbis) {
> + *dslbis_nonvolatile2 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile2),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -94,10 +100,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> .entry[0] = 25, /* 250ns */
> };
>
> - dslbis_nonvolatile[2] = (CDATDslbis) {
> + *dslbis_nonvolatile3 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile3),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -106,10 +112,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> .entry[0] = 16,
> };
>
> - dslbis_nonvolatile[3] = (CDATDslbis) {
> + *dslbis_nonvolatile4 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile4),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -131,15 +137,12 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> };
>
> /* Header always at start of structure */
> - (*cdat_table)[i++] = g_steal_pointer(&dsmas_nonvolatile);
> -
> - CDATDslbis *dslbis = g_steal_pointer(&dslbis_nonvolatile);
> - int j;
> - for (j = 0; j < dslbis_nonvolatile_num; j++) {
> - (*cdat_table)[i++] = (CDATSubHeader *)&dslbis[j];
> - }
> -
> - (*cdat_table)[i++] = g_steal_pointer(&dsemts_nonvolatile);
> + (*cdat_table)[0] = g_steal_pointer(&dsmas_nonvolatile);
> + (*cdat_table)[1] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile1);
> + (*cdat_table)[2] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile2);
> + (*cdat_table)[3] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile3);
> + (*cdat_table)[4] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile4);
> + (*cdat_table)[5] = g_steal_pointer(&dsemts_nonvolatile);
Moving to simple indexing makes sense now they are all in one place (making
introducing a bug much less likely!)
I've introduced an enum so that we have an automatic agreement between
number of elements and these assignments.
>
> return CT3_CDAT_SUBTABLE_SIZE;
> }
WARNING: multiple messages have this Message-ID (diff)
From: Jonathan Cameron via <qemu-devel@nongnu.org>
To: Gregory Price <gourry.memverge@gmail.com>
Cc: <qemu-devel@nongnu.org>, <linux-cxl@vger.kernel.org>,
<alison.schofield@intel.com>, <dave@stgolabs.net>,
<a.manzanares@samsung.com>, <bwidawsk@kernel.org>,
<gregory.price@memverge.com>, <mst@redhat.com>,
<hchkuo@avery-design.com.tw>, <cbrowy@avery-design.com>,
<ira.weiny@intel.com>
Subject: Re: [PATCH 4/5] hw/mem/cxl_type3: Change the CDAT allocation/free strategy
Date: Thu, 13 Oct 2022 11:45:40 +0100 [thread overview]
Message-ID: <20221013114540.00006027@huawei.com> (raw)
In-Reply-To: <20221012182120.174142-5-gregory.price@memverge.com>
On Wed, 12 Oct 2022 14:21:19 -0400
Gregory Price <gourry.memverge@gmail.com> wrote:
> The existing code allocates a subtable for SLBIS entries, uses a
> local variable to avoid a g_autofree footgun, and the cleanup code
> causes heap corruption.
Ah good point (particularly given I moaned about how you were handling
the frees and still failed to notice the current code was broken!)
>
> Rather than allocate a table, explicitly allocate each individual entry
> and make the sub-table size static.
>
> Signed-off-by: Gregory Price <gregory.price@memverge.com>
I'll integrate a change in the spirit of what you have here, but
without aggregating the error handling paths.
> ---
> hw/mem/cxl_type3.c | 49 ++++++++++++++++++++++++----------------------
> 1 file changed, 26 insertions(+), 23 deletions(-)
>
> diff --git a/hw/mem/cxl_type3.c b/hw/mem/cxl_type3.c
> index 0e0ea70387..220b9f09a9 100644
> --- a/hw/mem/cxl_type3.c
> +++ b/hw/mem/cxl_type3.c
> @@ -23,13 +23,14 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> void *priv)
> {
> g_autofree CDATDsmas *dsmas_nonvolatile = NULL;
> - g_autofree CDATDslbis *dslbis_nonvolatile = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile1 = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile2 = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile3 = NULL;
> + g_autofree CDATDslbis *dslbis_nonvolatile4 = NULL;
> g_autofree CDATDsemts *dsemts_nonvolatile = NULL;
> CXLType3Dev *ct3d = priv;
> - int i = 0;
> int next_dsmad_handle = 0;
> int nonvolatile_dsmad = -1;
> - int dslbis_nonvolatile_num = 4;
> MemoryRegion *mr;
>
> if (!ct3d->hostmem) {
> @@ -48,10 +49,15 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
>
> /* Non volatile aspects */
> dsmas_nonvolatile = g_malloc(sizeof(*dsmas_nonvolatile));
> - dslbis_nonvolatile =
> - g_malloc(sizeof(*dslbis_nonvolatile) * dslbis_nonvolatile_num);
> + dslbis_nonvolatile1 = g_malloc(sizeof(*dslbis_nonvolatile1));
> + dslbis_nonvolatile2 = g_malloc(sizeof(*dslbis_nonvolatile2));
> + dslbis_nonvolatile3 = g_malloc(sizeof(*dslbis_nonvolatile3));
> + dslbis_nonvolatile4 = g_malloc(sizeof(*dslbis_nonvolatile4));
> dsemts_nonvolatile = g_malloc(sizeof(*dsemts_nonvolatile));
> - if (!dsmas_nonvolatile || !dslbis_nonvolatile || !dsemts_nonvolatile) {
> +
> + if (!dsmas_nonvolatile || !dsemts_nonvolatile ||
> + !dslbis_nonvolatile1 || !dslbis_nonvolatile2 ||
> + !dslbis_nonvolatile3 || !dslbis_nonvolatile4) {
> g_free(*cdat_table);
> *cdat_table = NULL;
> return -ENOMEM;
> @@ -70,10 +76,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> };
>
> /* For now, no memory side cache, plausiblish numbers */
> - dslbis_nonvolatile[0] = (CDATDslbis) {
> + *dslbis_nonvolatile1 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile1),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -82,10 +88,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> .entry[0] = 15, /* 150ns */
> };
>
> - dslbis_nonvolatile[1] = (CDATDslbis) {
> + *dslbis_nonvolatile2 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile2),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -94,10 +100,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> .entry[0] = 25, /* 250ns */
> };
>
> - dslbis_nonvolatile[2] = (CDATDslbis) {
> + *dslbis_nonvolatile3 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile3),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -106,10 +112,10 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> .entry[0] = 16,
> };
>
> - dslbis_nonvolatile[3] = (CDATDslbis) {
> + *dslbis_nonvolatile4 = (CDATDslbis) {
> .header = {
> .type = CDAT_TYPE_DSLBIS,
> - .length = sizeof(*dslbis_nonvolatile),
> + .length = sizeof(*dslbis_nonvolatile4),
> },
> .handle = nonvolatile_dsmad,
> .flags = HMAT_LB_MEM_MEMORY,
> @@ -131,15 +137,12 @@ static int ct3_build_cdat_table(CDATSubHeader ***cdat_table,
> };
>
> /* Header always at start of structure */
> - (*cdat_table)[i++] = g_steal_pointer(&dsmas_nonvolatile);
> -
> - CDATDslbis *dslbis = g_steal_pointer(&dslbis_nonvolatile);
> - int j;
> - for (j = 0; j < dslbis_nonvolatile_num; j++) {
> - (*cdat_table)[i++] = (CDATSubHeader *)&dslbis[j];
> - }
> -
> - (*cdat_table)[i++] = g_steal_pointer(&dsemts_nonvolatile);
> + (*cdat_table)[0] = g_steal_pointer(&dsmas_nonvolatile);
> + (*cdat_table)[1] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile1);
> + (*cdat_table)[2] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile2);
> + (*cdat_table)[3] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile3);
> + (*cdat_table)[4] = (CDATSubHeader *)g_steal_pointer(&dslbis_nonvolatile4);
> + (*cdat_table)[5] = g_steal_pointer(&dsemts_nonvolatile);
Moving to simple indexing makes sense now they are all in one place (making
introducing a bug much less likely!)
I've introduced an enum so that we have an automatic agreement between
number of elements and these assignments.
>
> return CT3_CDAT_SUBTABLE_SIZE;
> }
next prev parent reply other threads:[~2022-10-13 10:45 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-07 15:21 [PATCH v7 0/5] QEMU PCIe DOE for PCIe 4.0/5.0 and CXL 2.0 Jonathan Cameron
2022-10-07 15:21 ` Jonathan Cameron via
2022-10-07 15:21 ` [PATCH v7 1/5] hw/pci: PCIe Data Object Exchange emulation Jonathan Cameron
2022-10-07 15:21 ` Jonathan Cameron via
2022-10-07 15:21 ` [PATCH v7 2/5] hw/mem/cxl-type3: Add MSIX support Jonathan Cameron
2022-10-07 15:21 ` Jonathan Cameron via
2022-10-07 15:21 ` [PATCH v7 3/5] hw/cxl/cdat: CXL CDAT Data Object Exchange implementation Jonathan Cameron
2022-10-07 15:21 ` Jonathan Cameron via
2022-10-13 11:04 ` Jonathan Cameron
2022-10-13 11:04 ` Jonathan Cameron via
2022-10-07 15:21 ` [PATCH v7 4/5] hw/mem/cxl-type3: Add CXL CDAT Data Object Exchange Jonathan Cameron
2022-10-07 15:21 ` Jonathan Cameron via
2022-10-12 16:01 ` Gregory Price
2022-10-13 10:40 ` Jonathan Cameron
2022-10-13 10:40 ` Jonathan Cameron via
2022-10-13 10:56 ` Jonathan Cameron
2022-10-13 10:56 ` Jonathan Cameron via
2022-10-12 18:21 ` Gregory Price
2022-10-12 18:21 ` [PATCH 1/5] hw/mem/cxl_type3: fix checkpatch errors Gregory Price
2022-10-12 18:21 ` [PATCH 2/5] hw/mem/cxl_type3: Pull validation checks ahead of functional code Gregory Price
2022-10-13 9:07 ` Jonathan Cameron
2022-10-13 9:07 ` Jonathan Cameron via
2022-10-13 10:42 ` Jonathan Cameron
2022-10-13 10:42 ` Jonathan Cameron via
2022-10-12 18:21 ` [PATCH 3/5] hw/mem/cxl_type3: CDAT pre-allocate and check resources prior to work Gregory Price
2022-10-13 10:44 ` Jonathan Cameron
2022-10-13 10:44 ` Jonathan Cameron via
2022-10-12 18:21 ` [PATCH 4/5] hw/mem/cxl_type3: Change the CDAT allocation/free strategy Gregory Price
2022-10-13 10:45 ` Jonathan Cameron [this message]
2022-10-13 10:45 ` Jonathan Cameron via
2022-10-12 18:21 ` [PATCH 5/5] hw/mem/cxl_type3: Refactor CDAT sub-table entry initialization into a function Gregory Price
2022-10-13 10:47 ` Jonathan Cameron
2022-10-13 10:47 ` Jonathan Cameron via
2022-10-13 19:40 ` Gregory Price
2022-10-14 15:29 ` Jonathan Cameron
2022-10-14 15:29 ` Jonathan Cameron via
2022-10-13 8:57 ` [PATCH v7 4/5] hw/mem/cxl-type3: Add CXL CDAT Data Object Exchange Jonathan Cameron
2022-10-13 8:57 ` Jonathan Cameron via
2022-10-13 11:36 ` Gregory Price
2022-10-13 11:53 ` Jonathan Cameron
2022-10-13 11:53 ` Jonathan Cameron via
2022-10-13 12:35 ` Gregory Price
2022-10-13 14:40 ` Jonathan Cameron
2022-10-13 14:40 ` Jonathan Cameron via
2022-10-07 15:21 ` [PATCH v7 5/5] hw/pci-bridge/cxl-upstream: Add a CDAT table access DOE Jonathan Cameron
2022-10-07 15:21 ` Jonathan Cameron via
2022-10-10 10:30 ` [PATCH v7 0/5] QEMU PCIe DOE for PCIe 4.0/5.0 and CXL 2.0 Jonathan Cameron
2022-10-10 10:30 ` Jonathan Cameron via
2022-10-11 9:45 ` Huai-Cheng
2022-10-11 21:19 ` [PATCH 0/5] Multi-Region and Volatile Memory support for CXL Type-3 Devices Gregory Price
2022-10-11 21:19 ` [PATCH 1/5] hw/cxl: set cxl-type3 device type to PCI_CLASS_MEMORY_CXL Gregory Price
2022-10-11 21:19 ` [PATCH 2/5] hw/cxl: Add CXL_CAPACITY_MULTIPLIER definition Gregory Price
2022-10-11 21:19 ` [PATCH 3/5] hw/mem/cxl_type: Generalize CDATDsmas initialization for Memory Regions Gregory Price
2022-10-12 14:10 ` Jonathan Cameron
2022-10-12 14:10 ` Jonathan Cameron via
2022-10-11 21:19 ` [PATCH 4/5] hw/cxl: Multi-Region CXL Type-3 Devices (Volatile and Persistent) Gregory Price
2022-10-11 21:19 ` [PATCH 5/5] cxl: update tests and documentation for new cxl properties Gregory Price
2022-10-11 22:20 ` [PATCH 0/5] Multi-Region and Volatile Memory support for CXL Type-3 Devices Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221013114540.00006027@huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=a.manzanares@samsung.com \
--cc=alison.schofield@intel.com \
--cc=bwidawsk@kernel.org \
--cc=cbrowy@avery-design.com \
--cc=dave@stgolabs.net \
--cc=gourry.memverge@gmail.com \
--cc=gregory.price@memverge.com \
--cc=hchkuo@avery-design.com.tw \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.