[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an e
|
From: |
Yuval Shaia |
|
Subject: |
Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error |
|
Date: |
Tue, 11 Dec 2018 19:22:45 +0200 |
|
User-agent: |
Mutt/1.10.1 (2018-07-13) |
On Tue, Dec 11, 2018 at 06:47:43PM +0200, Yuval Shaia wrote:
> On Tue, Dec 11, 2018 at 06:56:41PM +0530, P J P wrote:
> > From: Prasad J Pandit <address@hidden>
> >
> > create_cq and create_qp routines allocate ring object, but it's
> > not released in case of an error, leading to memory leakage.
> >
> > Reported-by: Li Qiang <address@hidden>
> > Signed-off-by: Prasad J Pandit <address@hidden>
> > ---
> > hw/rdma/vmw/pvrdma_cmd.c | 8 +++++++-
> > 1 file changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c
> > index ee2888259c..e8d99f29fa 100644
> > --- a/hw/rdma/vmw/pvrdma_cmd.c
> > +++ b/hw/rdma/vmw/pvrdma_cmd.c
> > @@ -337,7 +337,9 @@ static int create_cq(PVRDMADev *dev, union
> > pvrdma_cmd_req *req,
> >
> > resp->hdr.err = rdma_rm_alloc_cq(&dev->rdma_dev_res, &dev->backend_dev,
> > cmd->cqe, &resp->cq_handle, ring);
> > - resp->cqe = cmd->cqe;
> > + if (resp->hdr.err) {
> > + g_free(ring);
>
> This is not enough since all ring's resources (ring state and ring's pages)
> left mapped.
>
> The steps needed are the steps detailed in destroy_cq.
>
> > + }
> >
> > out:
> > pr_dbg("ret=%d\n", resp->hdr.err);
> > @@ -490,6 +492,10 @@ static int create_qp(PVRDMADev *dev, union
> > pvrdma_cmd_req *req,
> > cmd->max_send_sge,
> > cmd->send_cq_handle,
> > cmd->max_recv_wr, cmd->max_recv_sge,
> > cmd->recv_cq_handle, rings,
> > &resp->qpn);
> > + if (resp->hdr.err) {
> > + g_free(rings);
>
> Ditto, here send rind and recv rings stays mapped.
> Look at how QP's ring is destroyed in destroy_qp.
>
> For both case suggesting to define a new static function that destroy rings
> and call it from both error flow of create_* and from destroy_*
>
> > + goto out;
> > + }
> >
> > resp->max_send_wr = cmd->max_send_wr;
> > resp->max_recv_wr = cmd->max_recv_wr;
Also, can you rebase this patch on top of the patchset i posted last week:
https://patchwork.kernel.org/patch/10705439/
Thanks,
> > --
> > 2.19.2
> >
- [Qemu-devel] [PATCH 0/5] rdma: various issues in rdma/pvrdma backend, P J P, 2018/12/11
- [Qemu-devel] [PATCH 1/5] rdma: check that num_sge does not exceed MAX_SGE, P J P, 2018/12/11
- [Qemu-devel] [PATCH 2/5] pvrdma: add uar_read routine, P J P, 2018/12/11
- [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, P J P, 2018/12/11
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, Yuval Shaia, 2018/12/11
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error,
Yuval Shaia <=
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, P J P, 2018/12/11
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, P J P, 2018/12/12
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, Yuval Shaia, 2018/12/12
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, Yuval Shaia, 2018/12/12
- Re: [Qemu-devel] [PATCH 4/5] pvrdma: release ring object in case of an error, P J P, 2018/12/12
[Qemu-devel] [PATCH 3/5] pvrdma: check number of pages when creating rings, P J P, 2018/12/11
[Qemu-devel] [PATCH 5/5] pvrdma: check return value from pvrdma_idx_ring_has_ routines, P J P, 2018/12/11