On Wed, Nov 30, 2022 at 01:56:11PM +0800, leixiang wrote:
> proxy->vector_irqfd did not free when set guest notifier failed.
Can you pls add a Fixes tag so people know where to backport this?
> Signed-off-by: Lei Xiang
> Tested-by: Zeng Chi
> Suggested-by: Xie Ming
Looking at the code I see this:
/* Must set vector notifier after guest notifier has been assigned */
if ((with_irqfd ||
(vdev->use_guest_notifier_mask && k->guest_notifier_mask)) &&
assign) {
if (with_irqfd) {
proxy->vector_irqfd =
g_malloc0(sizeof(*proxy->vector_irqfd) *
msix_nr_vectors_allocated(&proxy->pci_dev));
r = kvm_virtio_pci_vector_vq_use(proxy, nvqs);
if (r goto config_assign_error;
}
r = kvm_virtio_pci_vector_config_use(proxy);
if (r goto config_error;
}
}
r = msix_set_vector_notifiers(&proxy->pci_dev, virtio_pci_vector_unmask,
virtio_pci_vector_mask,
virtio_pci_vector_poll);
if (r goto notifiers_error;
}
}
doesn't this mean g_free belongs at the label config_assign_error?
> ---
> hw/virtio/virtio-pci.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> index c6b47a9c..4862f83b 100644
> --- a/hw/virtio/virtio-pci.c
> +++ b/hw/virtio/virtio-pci.c
> @@ -1038,6 +1038,12 @@ assign_error:
> while (--n >= 0) {
> virtio_pci_set_guest_notifier(d, n, !assign, with_irqfd);
> }
> +
> + g_free(proxy->vector_irqfd);
> + proxy->vector_irqfd = NULL;
> +
> return r;
> }
>
> --
>
>
> No virus found
> Checked by Hillstone Network AntiVirus
The patch is corrupted. Line counts are wrong, and your antivirus added
trash at the end.
--
MST
> proxy->vector_irqfd did not free when set guest notifier failed.
Can you pls add a Fixes tag so people know where to backport this?
> Signed-off-by: Lei Xiang
> Tested-by: Zeng Chi
> Suggested-by: Xie Ming
Looking at the code I see this:
/* Must set vector notifier after guest notifier has been assigned */
if ((with_irqfd ||
(vdev->use_guest_notifier_mask && k->guest_notifier_mask)) &&
assign) {
if (with_irqfd) {
proxy->vector_irqfd =
g_malloc0(sizeof(*proxy->vector_irqfd) *
msix_nr_vectors_allocated(&proxy->pci_dev));
r = kvm_virtio_pci_vector_vq_use(proxy, nvqs);
if (r goto config_assign_error;
}
r = kvm_virtio_pci_vector_config_use(proxy);
if (r goto config_error;
}
}
r = msix_set_vector_notifiers(&proxy->pci_dev, virtio_pci_vector_unmask,
virtio_pci_vector_mask,
virtio_pci_vector_poll);
if (r goto notifiers_error;
}
}
doesn't this mean g_free belongs at the label config_assign_error?
> ---
> hw/virtio/virtio-pci.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> index c6b47a9c..4862f83b 100644
> --- a/hw/virtio/virtio-pci.c
> +++ b/hw/virtio/virtio-pci.c
> @@ -1038,6 +1038,12 @@ assign_error:
> while (--n >= 0) {
> virtio_pci_set_guest_notifier(d, n, !assign, with_irqfd);
> }
> +
> + g_free(proxy->vector_irqfd);
> + proxy->vector_irqfd = NULL;
> +
> return r;
> }
>
> --
>
>
> No virus found
> Checked by Hillstone Network AntiVirus
The patch is corrupted. Line counts are wrong, and your antivirus added
trash at the end.
--
MST