Re: [RESEND PATCH] virtio-pci: fix vector_irqfd leak in virtio_pci_set

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RESEND PATCH] virtio-pci: fix vector_irqfd leak in virtio_pci_set_g

From:	Michael S. Tsirkin
Subject:	Re: [RESEND PATCH] virtio-pci: fix vector_irqfd leak in virtio_pci_set_guest_notifiers
Date:	Tue, 20 Dec 2022 09:42:26 -0500

On Wed, Nov 30, 2022 at 01:56:11PM +0800, leixiang wrote:
> proxy->vector_irqfd did not free when set guest notifier failed.

Can you pls add a Fixes tag so people know where to backport this?

> Signed-off-by: Lei Xiang <leixiang@kylinos.cn>
> Tested-by: Zeng Chi <zengchi@kylinos.cn>
> Suggested-by: Xie Ming <xieming@kylinos.cn>

Looking at the code I see this:

    /* Must set vector notifier after guest notifier has been assigned */
    if ((with_irqfd ||
         (vdev->use_guest_notifier_mask && k->guest_notifier_mask)) &&
        assign) {
        if (with_irqfd) {
            proxy->vector_irqfd =
                g_malloc0(sizeof(*proxy->vector_irqfd) *
                          msix_nr_vectors_allocated(&proxy->pci_dev));
            r = kvm_virtio_pci_vector_vq_use(proxy, nvqs);
            if (r < 0) {
                goto config_assign_error;
            }
            r = kvm_virtio_pci_vector_config_use(proxy);
            if (r < 0) {
                goto config_error;
            }
        }

        r = msix_set_vector_notifiers(&proxy->pci_dev, virtio_pci_vector_unmask,
                                      virtio_pci_vector_mask,
                                      virtio_pci_vector_poll);
        if (r < 0) {
            goto notifiers_error;
        }
    }


doesn't this mean g_free belongs at the label config_assign_error?


> ---
>  hw/virtio/virtio-pci.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> index c6b47a9c..4862f83b 100644
> --- a/hw/virtio/virtio-pci.c
> +++ b/hw/virtio/virtio-pci.c
> @@ -1038,6 +1038,12 @@ assign_error:
>      while (--n >= 0) {
>          virtio_pci_set_guest_notifier(d, n, !assign, with_irqfd);
>      }
> +
> +   g_free(proxy->vector_irqfd);
> +   proxy->vector_irqfd = NULL;
> +
>      return r;
>  }
>  
> -- 
> 
> 
> No virus found
>               Checked by Hillstone Network AntiVirus


The patch is corrupted. Line counts are wrong, and your antivirus added
trash at the end.

-- 
MST

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [RESEND PATCH] virtio-pci: fix vector_irqfd leak in virtio_pci_set_guest_notifiers, Michael S. Tsirkin <=
- [RESEND PATCH] virtio-pci: fix proxy->vector_irqfd leak in virtio_pci_set_guest_notifiers, leixiang, 2022/12/27

Prev by Date: [PATCH 2/2] linux-user/signal: Silent -Winitializer-overrides warnings
Next by Date: Re: [PATCH 0/3] accel: Silent few -Wmissing-field-initializers warning
Previous by thread: [PATCH 0/2] linux-user: Fix a pair of -Wextra warnings
Next by thread: [RESEND PATCH] virtio-pci: fix proxy->vector_irqfd leak in virtio_pci_set_guest_notifiers
Index(es):
- Date
- Thread