From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5AB57A046B for ; Tue, 20 Aug 2019 15:22:27 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 229631BECA; Tue, 20 Aug 2019 15:22:26 +0200 (CEST) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by dpdk.org (Postfix) with ESMTP id C4A5B1BEBD for ; Tue, 20 Aug 2019 15:22:24 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Aug 2019 06:22:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,408,1559545200"; d="scan'208";a="185911923" Received: from aburakov-mobl1.ger.corp.intel.com (HELO [10.237.220.108]) ([10.237.220.108]) by FMSMGA003.fm.intel.com with ESMTP; 20 Aug 2019 06:22:22 -0700 To: "Harris, James R" Cc: "dev@dpdk.org" References: <156595762238.18723.10089009448135563310.stgit@jrharri1-skx> From: "Burakov, Anatoly" Message-ID: <43486a1b-6ffa-a766-3b2a-a65fd8da2a24@intel.com> Date: Tue, 20 Aug 2019 14:22:21 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH] vfio: free mp_reply msgs in failure cases X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 20-Aug-19 2:16 PM, Harris, James R wrote: > > >> On Aug 20, 2019, at 6:13 AM, Burakov, Anatoly wrote: >> >>> On 16-Aug-19 1:13 PM, Jim Harris wrote: >>> The code checks both rte_mp_request_sync() return >>> code and that the number of messages in the reply >>> equals 1. If rte_mp_request_sync() succeeds but >>> there was more than one message, those messages >>> would get leaked. >>> Found via code review by Anatoly Burakov of patches >>> that used the vhost code as a template for using >>> rte_mp_request_sync(). >>> Signed-off-by: Jim Harris >>> --- >>> lib/librte_eal/linux/eal/eal_vfio.c | 16 ++++++++-------- >>> 1 file changed, 8 insertions(+), 8 deletions(-) >>> diff --git a/lib/librte_eal/linux/eal/eal_vfio.c b/lib/librte_eal/linux/eal/eal_vfio.c >>> index 501c74f23..d9541b122 100644 >>> --- a/lib/librte_eal/linux/eal/eal_vfio.c >>> +++ b/lib/librte_eal/linux/eal/eal_vfio.c >>> @@ -264,7 +264,7 @@ vfio_open_group_fd(int iommu_group_num) >>> int vfio_group_fd; >>> char filename[PATH_MAX]; >>> struct rte_mp_msg mp_req, *mp_rep; >>> - struct rte_mp_reply mp_reply; >>> + struct rte_mp_reply mp_reply = {0}; >>> struct timespec ts = {.tv_sec = 5, .tv_nsec = 0}; >>> struct vfio_mp_param *p = (struct vfio_mp_param *)mp_req.param; >>> @@ -320,9 +320,9 @@ vfio_open_group_fd(int iommu_group_num) >>> RTE_LOG(ERR, EAL, " bad VFIO group fd\n"); >>> vfio_group_fd = 0; >>> } >>> - free(mp_reply.msgs); >>> } >>> + free(mp_reply.msgs); >> >> That's not quite correct. This fixes the problem of missing free() when nb_received mismatches, but this /adds/ a problem of doing an unnecessary free() when rte_mp_request_sync() returns -1. Same for other places, i believe. > > This would just resolve to free(NULL) in the -1 case. > Ah, you're right! We did fix that bug :) With that in mind, Acked-by: Anatoly Burakov -- Thanks, Anatoly