From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 33E91A046B for ; Tue, 20 Aug 2019 15:13:14 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 0ECEA1BEC2; Tue, 20 Aug 2019 15:13:14 +0200 (CEST) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by dpdk.org (Postfix) with ESMTP id 59E8F1BEB8 for ; Tue, 20 Aug 2019 15:13:12 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Aug 2019 06:13:11 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,408,1559545200"; d="scan'208";a="185909471" Received: from aburakov-mobl1.ger.corp.intel.com (HELO [10.237.220.108]) ([10.237.220.108]) by FMSMGA003.fm.intel.com with ESMTP; 20 Aug 2019 06:13:10 -0700 To: Jim Harris , dev@dpdk.org References: <156595762238.18723.10089009448135563310.stgit@jrharri1-skx> From: "Burakov, Anatoly" Message-ID: Date: Tue, 20 Aug 2019 14:13:10 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <156595762238.18723.10089009448135563310.stgit@jrharri1-skx> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH] vfio: free mp_reply msgs in failure cases X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 16-Aug-19 1:13 PM, Jim Harris wrote: > The code checks both rte_mp_request_sync() return > code and that the number of messages in the reply > equals 1. If rte_mp_request_sync() succeeds but > there was more than one message, those messages > would get leaked. > > Found via code review by Anatoly Burakov of patches > that used the vhost code as a template for using > rte_mp_request_sync(). > > Signed-off-by: Jim Harris > --- > lib/librte_eal/linux/eal/eal_vfio.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/lib/librte_eal/linux/eal/eal_vfio.c b/lib/librte_eal/linux/eal/eal_vfio.c > index 501c74f23..d9541b122 100644 > --- a/lib/librte_eal/linux/eal/eal_vfio.c > +++ b/lib/librte_eal/linux/eal/eal_vfio.c > @@ -264,7 +264,7 @@ vfio_open_group_fd(int iommu_group_num) > int vfio_group_fd; > char filename[PATH_MAX]; > struct rte_mp_msg mp_req, *mp_rep; > - struct rte_mp_reply mp_reply; > + struct rte_mp_reply mp_reply = {0}; > struct timespec ts = {.tv_sec = 5, .tv_nsec = 0}; > struct vfio_mp_param *p = (struct vfio_mp_param *)mp_req.param; > > @@ -320,9 +320,9 @@ vfio_open_group_fd(int iommu_group_num) > RTE_LOG(ERR, EAL, " bad VFIO group fd\n"); > vfio_group_fd = 0; > } > - free(mp_reply.msgs); > } > > + free(mp_reply.msgs); That's not quite correct. This fixes the problem of missing free() when nb_received mismatches, but this /adds/ a problem of doing an unnecessary free() when rte_mp_request_sync() returns -1. Same for other places, i believe. -- Thanks, Anatoly