From: Paolo Bonzini <pbonzini@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 11/39] msix: split msix_free from msix_uninit
Date: Thu, 06 Jun 2013 21:01:12 -0400 [thread overview]
Message-ID: <51B130D8.50108@redhat.com> (raw)
In-Reply-To: <20130605103214.GC31830@redhat.com>
Il 05/06/2013 06:32, Michael S. Tsirkin ha scritto:
> On Wed, Jun 05, 2013 at 09:48:19AM +0200, Paolo Bonzini wrote:
>> Il 05/06/2013 06:53, Michael S. Tsirkin ha scritto:
>>> On Wed, Jun 05, 2013 at 12:40:00AM +0200, Paolo Bonzini wrote:
>>>> Il 05/06/2013 00:03, Michael S. Tsirkin ha scritto:
>>>>>>> + if (dev->msix_table || dev->msix_pba || dev->msix_entry_used) {
>>>>>>> + msix_free(dev);
>>>>>>> + }
>>>>>>> +
>>>>>>> dev->msix_table = g_malloc0(table_size);
>>>>>>> dev->msix_pba = g_malloc0(pba_size);
>>>>>>> dev->msix_entry_used = g_malloc0(nentries * sizeof *dev->msix_entry_used);
>>>>> Wow msix_init calls msix_free, and not on error path?
>>>>> What's going on here?
>>>>
>>>> I wasn't too sure that you could get here only with NULL
>>>> msix_table/pba/entry_used and wanted to protect against leaks. I'll
>>>> change it to an assertion.
>>>
>>> I don't think we should require users allocate all memory with g_malloc0.
>>> So no assertion either.
>>
>> Assertion that is is NULL, followed by g_malloc0?
>
> No because who sets it to NULL the first time?
> msix_init just started.
When an object is created, it is all-zeroed.
>>> If there's a leak there was always a leak
>>
>> No, there wasn't because msix_uninit would have freed the memory. That is,
>>
>> msix_init
>> msix_uninit
>> msix_init
>> msix_uninit
>>
>> had no leak. Instead, now msix_free is going to be called just once,
>> right before freeing the object itself:
>>
>> msix_init
>> msix_uninit
>> msix_init ***
>> msix_uninit
>> msix_free
>>
>> and will have a leak at ***.
>
> Yes. And this looks completely sane from outside,
> so this is a bad API.
> The way to fix it is not with asserts in code, we need a good API:
> alloc/free init/uninit ...
Can't, because table_size/pba_size is not available at init time (e.g.
for VFIO not until the host BARs are processed). What about using
g_realloc + memset?
Paolo
next prev parent reply other threads:[~2013-06-07 1:01 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-04 18:51 [Qemu-devel] [PATCH 00/39] Delay destruction of memory regions to instance_finalize Paolo Bonzini
2013-06-04 18:51 ` [Qemu-devel] [PATCH 01/39] scsi: keep device alive while it has requests Paolo Bonzini
2013-06-07 7:48 ` Andreas Färber
2013-06-07 14:01 ` Anthony Liguori
2013-06-04 18:51 ` [Qemu-devel] [PATCH 02/39] dma: keep a device alive while it has SGLists Paolo Bonzini
2013-06-07 7:50 ` Andreas Färber
2013-06-07 14:04 ` Anthony Liguori
2013-06-04 18:51 ` [Qemu-devel] [PATCH 03/39] pci: split exit and finalize Paolo Bonzini
2013-06-07 14:05 ` Anthony Liguori
2013-06-04 18:51 ` [Qemu-devel] [PATCH 04/39] ac97: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 05/39] es1370: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 06/39] hda: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 07/39] serial: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 08/39] tpci200: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 09/39] pci-assign: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 10/39] ahci: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 11/39] msix: split msix_free from msix_uninit Paolo Bonzini
2013-06-04 22:03 ` Michael S. Tsirkin
2013-06-04 22:40 ` Paolo Bonzini
2013-06-05 4:53 ` Michael S. Tsirkin
2013-06-05 7:48 ` Paolo Bonzini
2013-06-05 10:32 ` Michael S. Tsirkin
2013-06-07 1:01 ` Paolo Bonzini [this message]
2013-06-04 18:52 ` [Qemu-devel] [PATCH 12/39] cmd646: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 13/39] ide/piix: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 14/39] ide/via: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 15/39] ivshmem: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 16/39] pci-testdev: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 17/39] vfio: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 18/39] e1000: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 19/39] eepro100: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 20/39] ne2000: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 21/39] pcnet: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 22/39] rtl8139: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 23/39] vmxnet3: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 24/39] shpc: split shpc_free out of shpc_cleanup Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 25/39] pci_bridge: split pci_bridge_free from pci_bridge_exitfn Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 26/39] pcie_aer: pcie_aer_exit really frees stuff Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 27/39] pci_bridge: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 28/39] ioh4320: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 29/39] xio3130-downstream: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 30/39] xio3130-upstream: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 31/39] pcie: do not recreate mmcfg I/O region, use an alias instead Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 32/39] esp: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 33/39] lsi: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 34/39] pvscsi: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 35/39] usb-uhci: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 36/39] virtio-pci: split exit and instance_finalize Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 37/39] wdt_i6300esb: use instance_finalize instead of exit Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 38/39] xen_pt: " Paolo Bonzini
2013-06-04 18:52 ` [Qemu-devel] [PATCH 39/39] tpm: move add/del_subregion to realize/unrealize Paolo Bonzini
2013-06-07 8:02 ` Andreas Färber
2013-06-05 9:50 ` [Qemu-devel] [PATCH 00/39] Delay destruction of memory regions to instance_finalize Andreas Färber
2013-06-05 11:10 ` Michael S. Tsirkin
2013-06-05 11:32 ` Andreas Färber
2013-06-05 12:06 ` Michael S. Tsirkin
2013-06-05 12:23 ` Andreas Färber
2013-06-05 12:36 ` Michael S. Tsirkin
2013-06-05 12:47 ` Andreas Färber
2013-06-05 11:38 ` Peter Maydell
2013-06-05 12:02 ` Michael S. Tsirkin
2013-06-05 12:15 ` Michael S. Tsirkin
2013-06-05 12:53 ` Anthony Liguori
2013-06-05 14:27 ` Michael S. Tsirkin
2013-06-05 15:33 ` Anthony Liguori
2013-06-05 15:44 ` Michael S. Tsirkin
2013-06-05 15:48 ` Peter Maydell
2013-06-07 1:03 ` Paolo Bonzini
2013-06-07 7:45 ` Andreas Färber
2013-06-07 12:13 ` Paolo Bonzini
2013-06-07 8:41 ` Peter Crosthwaite
2013-06-07 13:25 ` Andreas Färber
2013-06-05 15:36 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51B130D8.50108@redhat.com \
--to=pbonzini@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).