Re: [PATCH 03/32] irq: add per-IRQ observer to fix qemu_irq_intercept_in leak

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Fabiano Rosas <farosas@suse.de>
To: "Marc-André Lureau" <marcandre.lureau@redhat.com>, qemu-devel@nongnu.org
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
	"Daniel P. Berrangé" <berrange@redhat.com>,
	"Philippe Mathieu-Daudé" <philmd@mailo.com>,
	"Pierrick Bouvier" <pierrick.bouvier@oss.qualcomm.com>,
	"Laurent Vivier" <lvivier@redhat.com>,
	"Alex Williamson" <alex@shazbot.org>,
	"Cédric Le Goater" <clg@redhat.com>,
	"Peter Maydell" <peter.maydell@linaro.org>,
	"Akihiko Odaki" <odaki@rsg.ci.i.u-tokyo.ac.jp>,
	"Marc-André Lureau" <marcandre.lureau@redhat.com>
Subject: Re: [PATCH 03/32] irq: add per-IRQ observer to fix qemu_irq_intercept_in leak
Date: Fri, 29 May 2026 10:27:01 -0300	[thread overview]
Message-ID: <87ik86tkgq.fsf@suse.de> (raw)
In-Reply-To: <20260529-b4-ui-v1-3-8db3068421ef@redhat.com>

Marc-André Lureau <marcandre.lureau@redhat.com> writes:

> qemu_irq_intercept_in() saves original IRQ handlers by allocating
> new QOM objects, which are never freed. On a PC machine, this leaks
> IRQ objects (one per IOAPIC pin) on every qtest run.
>
> Rather than tracking allocations to free later, avoid them: add an
> "observer" field to IRQState, called by qemu_set_irq() after the
> real handler. Interception sets the observer instead of rewriting
> handlers, so there's nothing to save and nothing to leak.
>
> Fix qemu_notirq() to route through qemu_set_irq() so inverted IRQs
> trigger observers too. Drop the LSan suppression.
>
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
>  include/hw/core/irq.h         |  1 +
>  hw/core/irq.c                 | 10 +++++-----
>  system/qtest.c                |  3 ---
>  scripts/lsan_suppressions.txt |  8 --------
>  4 files changed, 6 insertions(+), 16 deletions(-)
>
> diff --git a/include/hw/core/irq.h b/include/hw/core/irq.h
> index 291fdd67df4..93d5710a73e 100644
> --- a/include/hw/core/irq.h
> +++ b/include/hw/core/irq.h
> @@ -14,6 +14,7 @@ struct IRQState {
>      qemu_irq_handler handler;
>      void *opaque;
>      int n;
> +    qemu_irq_handler observer;
>  };
>  
>  void qemu_set_irq(qemu_irq irq, int level);
> diff --git a/hw/core/irq.c b/hw/core/irq.c
> index 106805e2417..fa11e9bc0aa 100644
> --- a/hw/core/irq.c
> +++ b/hw/core/irq.c
> @@ -32,6 +32,9 @@ void qemu_set_irq(qemu_irq irq, int level)
>          return;
>  
>      irq->handler(irq->opaque, irq->n, level);
> +    if (unlikely(irq->observer)) {
> +        irq->observer(irq->opaque, irq->n, level);
> +    }
>  }
>  
>  static void init_irq_fields(IRQState *irq, qemu_irq_handler handler,
> @@ -111,7 +114,7 @@ static void qemu_notirq(void *opaque, int line, int level)
>  {
>      IRQState *irq = opaque;
>  
> -    irq->handler(irq->opaque, irq->n, !level);
> +    qemu_set_irq(irq, !level);
>  }
>  
>  qemu_irq qemu_irq_invert(qemu_irq irq)
> @@ -124,11 +127,8 @@ qemu_irq qemu_irq_invert(qemu_irq irq)
>  void qemu_irq_intercept_in(qemu_irq *gpio_in, qemu_irq_handler handler, int n)
>  {
>      int i;
> -    qemu_irq *old_irqs = qemu_allocate_irqs(NULL, NULL, n);
>      for (i = 0; i < n; i++) {
> -        *old_irqs[i] = *gpio_in[i];
> -        gpio_in[i]->handler = handler;
> -        gpio_in[i]->opaque = &old_irqs[i];
> +        gpio_in[i]->observer = handler;
>      }
>  }
>  
> diff --git a/system/qtest.c b/system/qtest.c
> index a79d10d1361..b359a3e1c84 100644
> --- a/system/qtest.c
> +++ b/system/qtest.c
> @@ -324,9 +324,6 @@ void qtest_sendf(CharFrontend *chr, const char *fmt, ...)
>  
>  static void qtest_irq_handler(void *opaque, int n, int level)
>  {
> -    qemu_irq old_irq = *(qemu_irq *)opaque;
> -    qemu_set_irq(old_irq, level);
> -
>      if (irq_levels[n] != level) {
>          CharFrontend *chr = &qtest->qtest_chr;
>          irq_levels[n] = level;
> diff --git a/scripts/lsan_suppressions.txt b/scripts/lsan_suppressions.txt
> index f88bbab18b8..30256bc6d01 100644
> --- a/scripts/lsan_suppressions.txt
> +++ b/scripts/lsan_suppressions.txt
> @@ -16,11 +16,3 @@ leak:/lib64/libxkbcommon.so.0
>  # https://github.com/GNOME/glib/blob/main/tools/glib.supp
>  # This avoids false positive leak reports for the qga-ssh-test.
>  leak:g_set_user_dirs
> -
> -# qemu_irq_intercept_in is only used by the qtest harness, and
> -# its API inherently involves a leak.
> -# While we could keep track of the old IRQ data structure
> -# in order to free it, it doesn't seem very important to fix
> -# since it is only used by the qtest test harness.
> -# Just ignore the leak, at least for the moment.
> -leak:qemu_irq_intercept_in

Reviewed-by: Fabiano Rosas <farosas@suse.de>

next prev parent reply	other threads:[~2026-05-29 13:28 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-29 11:16 [PATCH 00/32] ui: better console hotplug support Marc-André Lureau
2026-05-29 11:16 ` [PATCH 01/32] ui/gtk: fix bad widget realize on non-GFX VC Marc-André Lureau
2026-05-29 11:16 ` [PATCH 02/32] build-sys: build with -fno-omit-frame-pointer with ASAN Marc-André Lureau
2026-05-29 11:16 ` [PATCH 03/32] irq: add per-IRQ observer to fix qemu_irq_intercept_in leak Marc-André Lureau
2026-05-29 13:27   ` Fabiano Rosas [this message]
2026-05-29 13:44   ` Peter Maydell
2026-05-31  5:31     ` Marc-André Lureau
2026-05-29 11:16 ` [PATCH 04/32] scripts/lsan_suppressions: suppress fontconfig leaks Marc-André Lureau
2026-05-29 11:16 ` [PATCH 05/32] vfio/pci: close display console during unrealize, not finalize Marc-André Lureau
2026-05-29 11:16 ` [PATCH 06/32] glib-compat: add fallback for g_clear_fd/g_autofd Marc-André Lureau
2026-05-29 11:16 ` [PATCH 07/32] ui/dbus: remove mouse handler on dispose Marc-André Lureau
2026-05-29 11:16 ` [PATCH 08/32] ui/qmp: keep a reference of console across yield Marc-André Lureau
2026-05-29 11:16 ` [PATCH 09/32] ui: stop ui timer when closing Marc-André Lureau
2026-05-29 11:16 ` [PATCH 10/32] ui/console: init gl_unblock_timer in qemu_console_init Marc-André Lureau
2026-05-29 11:16 ` [PATCH 11/32] ui/spice: remove dead spice_displays Marc-André Lureau
2026-05-29 11:16 ` [PATCH 12/32] ui/spice: add cleanup on shutdown Marc-André Lureau
2026-05-29 11:16 ` [PATCH 13/32] ui: add display cleanup infrastructure Marc-André Lureau
2026-05-29 11:16 ` [PATCH 14/32] ui/curses: implement display cleanup Marc-André Lureau
2026-05-29 11:16 ` [PATCH 15/32] ui/sdl2: " Marc-André Lureau
2026-05-29 11:16 ` [PATCH 16/32] ui/spice-app: " Marc-André Lureau
2026-05-29 11:16 ` [PATCH 17/32] ui/egl: implement display and EGL cleanup Marc-André Lureau
2026-05-29 11:16 ` [PATCH 18/32] ui/cocoa: implement display cleanup Marc-André Lureau
2026-05-29 11:16 ` [PATCH 19/32] ui/dbus: " Marc-André Lureau
2026-05-29 12:17   ` Akihiko Odaki
2026-05-29 11:16 ` [PATCH 20/32] ui/gtk: " Marc-André Lureau
2026-05-29 11:16 ` [PATCH 21/32] ui/console: add console event notifier infrastructure Marc-André Lureau
2026-05-29 11:16 ` [PATCH 22/32] ui/console: fire console ADDED/REMOVED notifications Marc-André Lureau
2026-05-29 11:16 ` [PATCH 23/32] ui/console-vc: fire " Marc-André Lureau
2026-05-29 11:16 ` [PATCH 24/32] ui/gtk: convert VirtualConsole storage from fixed array to GPtrArray Marc-André Lureau
2026-05-29 12:21   ` Akihiko Odaki
2026-05-29 11:16 ` [PATCH 25/32] ui/gtk: move global display settings out of per-console init Marc-André Lureau
2026-05-29 11:16 ` [PATCH 26/32] ui/gtk: fix tab re-insertion order on window close Marc-André Lureau
2026-05-29 11:16 ` [PATCH 27/32] ui/gtk: centralize console menu and shortcut management Marc-André Lureau
2026-05-29 11:16 ` [PATCH 28/32] ui/gtk: handle console hotplug/unplug events Marc-André Lureau
2026-05-29 11:16 ` [PATCH 29/32] ui/console: register console in QOM tree dynamically Marc-André Lureau
2026-05-29 11:16 ` [PATCH 30/32] ui/console: unregister console from QOM tree on close Marc-André Lureau
2026-05-29 11:16 ` [PATCH 31/32] ui/dbus: handle console hotplug/unplug events Marc-André Lureau
2026-05-29 11:16 ` [PATCH 32/32] tests/qtest: add D-Bus display hotplug test Marc-André Lureau
2026-05-29 13:34   ` Fabiano Rosas

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ik86tkgq.fsf@suse.de \
    --to=farosas@suse.de \
    --cc=alex@shazbot.org \
    --cc=berrange@redhat.com \
    --cc=clg@redhat.com \
    --cc=lvivier@redhat.com \
    --cc=marcandre.lureau@redhat.com \
    --cc=odaki@rsg.ci.i.u-tokyo.ac.jp \
    --cc=pbonzini@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=philmd@mailo.com \
    --cc=pierrick.bouvier@oss.qualcomm.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.