From: Paolo Bonzini <pbonzini@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 11/39] msix: split msix_free from msix_uninit
Date: Thu, 06 Jun 2013 21:01:12 -0400 [thread overview]
Message-ID: <51B130D8.50108@redhat.com> (raw)
In-Reply-To: <20130605103214.GC31830@redhat.com>
Il 05/06/2013 06:32, Michael S. Tsirkin ha scritto:
> On Wed, Jun 05, 2013 at 09:48:19AM +0200, Paolo Bonzini wrote:
>> Il 05/06/2013 06:53, Michael S. Tsirkin ha scritto:
>>> On Wed, Jun 05, 2013 at 12:40:00AM +0200, Paolo Bonzini wrote:
>>>> Il 05/06/2013 00:03, Michael S. Tsirkin ha scritto:
>>>>>>> + if (dev->msix_table || dev->msix_pba || dev->msix_entry_used) {
>>>>>>> + msix_free(dev);
>>>>>>> + }
>>>>>>> +
>>>>>>> dev->msix_table = g_malloc0(table_size);
>>>>>>> dev->msix_pba = g_malloc0(pba_size);
>>>>>>> dev->msix_entry_used = g_malloc0(nentries * sizeof *dev->msix_entry_used);
>>>>> Wow msix_init calls msix_free, and not on error path?
>>>>> What's going on here?
>>>>
>>>> I wasn't too sure that you could get here only with NULL
>>>> msix_table/pba/entry_used and wanted to protect against leaks. I'll
>>>> change it to an assertion.
>>>
>>> I don't think we should require users allocate all memory with g_malloc0.
>>> So no assertion either.
>>
>> Assertion that is is NULL, followed by g_malloc0?
>
> No because who sets it to NULL the first time?
> msix_init just started.
When an object is created, it is all-zeroed.
>>> If there's a leak there was always a leak
>>
>> No, there wasn't because msix_uninit would have freed the memory. That is,
>>
>> msix_init
>> msix_uninit
>> msix_init
>> msix_uninit
>>
>> had no leak. Instead, now msix_free is going to be called just once,
>> right before freeing the object itself:
>>
>> msix_init
>> msix_uninit
>> msix_init ***
>> msix_uninit
>> msix_free
>>
>> and will have a leak at ***.
>
> Yes. And this looks completely sane from outside,
> so this is a bad API.
> The way to fix it is not with asserts in code, we need a good API:
> alloc/free init/uninit ...
Can't, because table_size/pba_size is not available at init time (e.g.
for VFIO not until the host BARs are processed). What about using
g_realloc + memset?
Paolo
next prev parent reply other threads:[~2013-06-07 1:01 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-04 18:51 [Qemu-devel] [PATCH 00/39] Delay destruction of memory regions to instance_finalize Paolo Bonzini
2013-06-04 18:51 ` [Qemu-devel] [PATCH 01/39] scsi: keep device alive while it has requests Paolo Bonzini
2013-06-07 7:48 ` Andreas Färber
2013-06-07 14:01 ` Anthony Liguori
2013-06-04 18:51 ` [Qemu-devel] [PATCH 02/39] dma: keep a device alive while it has SGLists Paolo Bonzini
2013-06-07 7:50 ` Andreas Färber
2013-06-07 14:04 ` Anthony Liguori
2013-06-04 18:51 ` [Qemu-devel] [PATCH 03/39] pci: split exit and finalize Paolo Bonzini
2013-06-07 14:05 ` Anthony Liguori
2013-06-04 18:51 ` [Qemu-devel] [PATCH 04/39] ac97: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 05/39] es1370: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 06/39] hda: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 07/39] serial: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 08/39] tpci200: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 09/39] pci-assign: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 10/39] ahci: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 11/39] msix: split msix_free from msix_uninit Paolo Bonzini
2013-06-04 22:03 ` Michael S. Tsirkin
2013-06-04 22:40 ` Paolo Bonzini
2013-06-05 4:53 ` Michael S. Tsirkin
2013-06-05 7:48 ` Paolo Bonzini
2013-06-05 10:32 ` Michael S. Tsirkin
2013-06-07 1:01 ` Paolo Bonzini [this message]
2013-06-04 18:52 ` [Qemu-devel] [PATCH 12/39] cmd646: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 13/39] ide/piix: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 14/39] ide/via: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 15/39] ivshmem: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 16/39] pci-testdev: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 17/39] vfio: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 18/39] e1000: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 19/39] eepro100: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 20/39] ne2000: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 21/39] pcnet: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 22/39] rtl8139: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 23/39] vmxnet3: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 24/39] shpc: split shpc_free out of shpc_cleanup Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 25/39] pci_bridge: split pci_bridge_free from pci_bridge_exitfn Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 26/39] pcie_aer: pcie_aer_exit really frees stuff Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 27/39] pci_bridge: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 28/39] ioh4320: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 29/39] xio3130-downstream: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 30/39] xio3130-upstream: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 31/39] pcie: do not recreate mmcfg I/O region, use an alias instead Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 32/39] esp: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 33/39] lsi: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 34/39] pvscsi: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 35/39] usb-uhci: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 36/39] virtio-pci: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 37/39] wdt_i6300esb: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 38/39] xen_pt: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 39/39] tpm: move add/del_subregion to realize/unrealize Paolo Bonzini
2013-06-07 8:02 ` Andreas Färber
2013-06-05 9:50 ` [Qemu-devel] [PATCH 00/39] Delay destruction of memory regions to instance_finalize Andreas Färber
2013-06-05 11:10 ` Michael S. Tsirkin
2013-06-05 11:32 ` Andreas Färber
2013-06-05 12:06 ` Michael S. Tsirkin
2013-06-05 12:23 ` Andreas Färber
2013-06-05 12:36 ` Michael S. Tsirkin
2013-06-05 12:47 ` Andreas Färber
2013-06-05 11:38 ` Peter Maydell
2013-06-05 12:02 ` Michael S. Tsirkin
2013-06-05 12:15 ` Michael S. Tsirkin
2013-06-05 12:53 ` Anthony Liguori
2013-06-05 14:27 ` Michael S. Tsirkin
2013-06-05 15:33 ` Anthony Liguori
2013-06-05 15:44 ` Michael S. Tsirkin
2013-06-05 15:48 ` Peter Maydell
2013-06-07 1:03 ` Paolo Bonzini
2013-06-07 7:45 ` Andreas Färber
2013-06-07 12:13 ` Paolo Bonzini
2013-06-07 8:41 ` Peter Crosthwaite
2013-06-07 13:25 ` Andreas Färber
2013-06-05 15:36 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51B130D8.50108@redhat.com \
--to=pbonzini@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.