5:30 a.m.
The parameter of virBitmapFree function is just a pointer, not a pointer of pointer.
The second VIR_FREE on virBitmapFree only assign NULL to the formal parameter.
After calling the virBitmapFree function, the actual parameter are still not NULL.
There are many code segment don't assign NULL to the formal parameter after calling
the virBitmapFree function. This will bring potential risks.
A problem scenario:
1) The XML of VM contain the below segment:
<numatune>
<memory mode='preferred' placement='auto'
nodeset='0'/>
</numatune>
2)virsh create the VM
3)In the virDomainDefParseXML funtion:
/* Ignore 'nodeset' if 'placement' is 'auto'
finally */
if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
virBitmapFree(def->numatune.memory.nodemask);
def->numatune.memory.nodemask = NULL;
}
4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
virBitmapFree function to free the nodemask:
virBitmapFree(def->numatune.memory.nodemask);
But after this call, the value of def->numatune.memory.nodemask is still not NULL.
This will generate an exception.
From d2b69b130bca89df85005d395c6d45d8df0b74f1 Mon Sep 17 00:00:00 2001
From: "Liuji (Jeremy)" <jeremy.liu(a)huawei.com>
Date: Fri, 6 Sep 2013 04:49:30 -0400
Subject: [PATCH] virBitmapFree: Change the function to a macro
The parameter of virBitmapFree function is just a pointer, not a pointer of pointer.
The second VIR_FREE on virBitmapFree only assign NULL to the formal parameter.
After calling the virBitmapFree function, the actual parameter are still not NULL.
There are many code segment don't assign NULL to the formal parameter after calling
the virBitmapFree function. This will bring potential risks.
Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
---
src/util/virbitmap.c | 21 ---------------------
src/util/virbitmap.h | 21 ++++++++++++++++-----
2 files changed, 16 insertions(+), 26 deletions(-)
diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
index 7e1cd02..cde502f 100644
--- a/src/util/virbitmap.c
+++ b/src/util/virbitmap.c
@@ -40,13 +40,6 @@
#define VIR_FROM_THIS VIR_FROM_NONE
-struct _virBitmap {
- size_t max_bit;
- size_t map_len;
- unsigned long *map;
-};
-
-
#define VIR_BITMAP_BITS_PER_UNIT ((int) sizeof(unsigned long) * CHAR_BIT)
#define VIR_BITMAP_UNIT_OFFSET(b) ((b) / VIR_BITMAP_BITS_PER_UNIT)
#define VIR_BITMAP_BIT_OFFSET(b) ((b) % VIR_BITMAP_BITS_PER_UNIT)
@@ -88,20 +81,6 @@ virBitmapPtr virBitmapNew(size_t size)
return bitmap;
}
-/**
- * virBitmapFree:
- * @bitmap: previously allocated bitmap
- *
- * Free @bitmap previously allocated by virBitmapNew.
- */
-void virBitmapFree(virBitmapPtr bitmap)
-{
- if (bitmap) {
- VIR_FREE(bitmap->map);
- VIR_FREE(bitmap);
- }
-}
-
int virBitmapCopy(virBitmapPtr dst, virBitmapPtr src)
{
diff --git a/src/util/virbitmap.h b/src/util/virbitmap.h
index b682523..9b93b88 100644
--- a/src/util/virbitmap.h
+++ b/src/util/virbitmap.h
@@ -28,6 +28,22 @@
# include <sys/types.h>
+struct _virBitmap {
+ size_t max_bit;
+ size_t map_len;
+ unsigned long *map;
+};
+
+/*
+ * Free previously allocated bitmap
+ */
+#define virBitmapFree(bitmap) \
+ do { \
+ if (bitmap) { \
+ VIR_FREE((bitmap)->map); \
+ VIR_FREE(bitmap); \
+ } \
+ } while (0);
typedef struct _virBitmap virBitmap;
typedef virBitmap *virBitmapPtr;
@@ -38,11 +54,6 @@ typedef virBitmap *virBitmapPtr;
virBitmapPtr virBitmapNew(size_t size) ATTRIBUTE_RETURN_CHECK;
/*
- * Free previously allocated bitmap
- */
-void virBitmapFree(virBitmapPtr bitmap);
-
-/*
* Copy all bits from @src to @dst. The bitmap sizes
* must be the same
*/
--
1.8.1.4
5:36 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On Fri, Sep 06, 2013 at 10:30:56AM +0000, Liuji (Jeremy) wrote:
The parameter of virBitmapFree function is just a pointer, not a
pointer of pointer.
The second VIR_FREE on virBitmapFree only assign NULL to the formal parameter.
After calling the virBitmapFree function, the actual parameter are still not NULL.
There are many code segment don't assign NULL to the formal parameter after calling
the virBitmapFree function. This will bring potential risks.
A problem scenario:
1) The XML of VM contain the below segment:
<numatune>
<memory mode='preferred' placement='auto'
nodeset='0'/>
</numatune>
2)virsh create the VM
3)In the virDomainDefParseXML funtion:
/* Ignore 'nodeset' if 'placement' is 'auto'
finally */
if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
virBitmapFree(def->numatune.memory.nodemask);
def->numatune.memory.nodemask = NULL;
}
4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
virBitmapFree function to free the nodemask:
virBitmapFree(def->numatune.memory.nodemask);
But after this call, the value of def->numatune.memory.nodemask is still not NULL.
This will generate an exception.
Have you got an actual crash happening today, or is this just a theoretical
problem you're trying to address ?
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
8:39 p.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
-----Original Message-----
From: Daniel P. Berrange [mailto:berrange@redhat.com]
Sent: Friday, September 06, 2013 6:37 PM
To: Liuji (Jeremy)
Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On Fri, Sep 06, 2013 at 10:30:56AM +0000, Liuji (Jeremy) wrote:
> The parameter of virBitmapFree function is just a pointer, not a pointer of
pointer.
> The second VIR_FREE on virBitmapFree only assign NULL to the formal
parameter.
> After calling the virBitmapFree function, the actual parameter are still not
NULL.
> There are many code segment don't assign NULL to the formal parameter
after calling
> the virBitmapFree function. This will bring potential risks.
>
> A problem scenario:
> 1) The XML of VM contain the below segment:
> <numatune>
> <memory mode='preferred' placement='auto'
nodeset='0'/>
> </numatune>
> 2)virsh create the VM
> 3)In the virDomainDefParseXML funtion:
> /* Ignore 'nodeset' if 'placement' is
'auto' finally */
> if (placement_mode ==
VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
>
virBitmapFree(def->numatune.memory.nodemask);
> def->numatune.memory.nodemask = NULL;
> }
> 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
> virBitmapFree function to free the nodemask:
> virBitmapFree(def->numatune.memory.nodemask);
> But after this call, the value of def->numatune.memory.nodemask is still not
NULL.
> This will generate an exception.
Have you got an actual crash happening today, or is this just a theoretical
problem you're trying to address ?
Yes,it's an actual crash problem. I found the problem in the above problem scenario in
my first mail.
But, my first mail has a mistake:
The description of step 3 and 4 of "A problem scenario:" should be like this:
3)In the virDomainDefParseXML funtion:
/* Ignore 'nodeset' if 'placement' is 'auto'
finally */
if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO)
virBitmapFree(def->numatune.memory.nodemask);
4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
virBitmapFree funtion to free the nodemask:
virBitmapFree(def->numatune.memory.nodemask);
But before this call, the value of def->numatune.memory.nodemask is still not NULL,
and the address which is pointed by the pointer has been freed.
The VIR_FREE on virBitmapFree function will free the address again.
6:25 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On Mon, Sep 09, 2013 at 01:39:42AM +0000, Liuji (Jeremy) wrote:
> -----Original Message-----
> From: Daniel P. Berrange [mailto:berrange@redhat.com]
> Sent: Friday, September 06, 2013 6:37 PM
> To: Liuji (Jeremy)
> Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
> Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
>
> On Fri, Sep 06, 2013 at 10:30:56AM +0000, Liuji (Jeremy) wrote:
> > The parameter of virBitmapFree function is just a pointer, not a pointer of
> pointer.
> > The second VIR_FREE on virBitmapFree only assign NULL to the formal
> parameter.
> > After calling the virBitmapFree function, the actual parameter are still not
> NULL.
> > There are many code segment don't assign NULL to the formal parameter
> after calling
> > the virBitmapFree function. This will bring potential risks.
> >
> > A problem scenario:
> > 1) The XML of VM contain the below segment:
> > <numatune>
> > <memory mode='preferred' placement='auto'
nodeset='0'/>
> > </numatune>
> > 2)virsh create the VM
> > 3)In the virDomainDefParseXML funtion:
> > /* Ignore 'nodeset' if 'placement' is
'auto' finally */
> > if (placement_mode ==
> VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
> >
> virBitmapFree(def->numatune.memory.nodemask);
> > def->numatune.memory.nodemask = NULL;
> > }
> > 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call
the
> > virBitmapFree function to free the nodemask:
> > virBitmapFree(def->numatune.memory.nodemask);
> > But after this call, the value of def->numatune.memory.nodemask is still
not
> NULL.
> > This will generate an exception.
>
> Have you got an actual crash happening today, or is this just a theoretical
> problem you're trying to address ?
Yes,it's an actual crash problem. I found the problem in the above problem scenario
in my first mail.
Then can you send a patch which explicitly fixes that problem on its
own, without doing this major refactoring, which obscures what is being
fixed.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
8:29 p.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
-----Original Message-----
From: Daniel P. Berrange [mailto:berrange@redhat.com]
Sent: Monday, September 09, 2013 7:26 PM
To: Liuji (Jeremy)
Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On Mon, Sep 09, 2013 at 01:39:42AM +0000, Liuji (Jeremy) wrote:
> > -----Original Message-----
> > From: Daniel P. Berrange [mailto:berrange@redhat.com]
> > Sent: Friday, September 06, 2013 6:37 PM
> > To: Liuji (Jeremy)
> > Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
> > Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
> >
> > On Fri, Sep 06, 2013 at 10:30:56AM +0000, Liuji (Jeremy) wrote:
> > > The parameter of virBitmapFree function is just a pointer, not a pointer
of
> > pointer.
> > > The second VIR_FREE on virBitmapFree only assign NULL to the formal
> > parameter.
> > > After calling the virBitmapFree function, the actual parameter are still
not
> > NULL.
> > > There are many code segment don't assign NULL to the formal parameter
> > after calling
> > > the virBitmapFree function. This will bring potential risks.
> > >
> > > A problem scenario:
> > > 1) The XML of VM contain the below segment:
> > > <numatune>
> > > <memory mode='preferred' placement='auto'
nodeset='0'/>
> > > </numatune>
> > > 2)virsh create the VM
> > > 3)In the virDomainDefParseXML funtion:
> > > /* Ignore 'nodeset' if 'placement' is
'auto' finally
*/
> > > if (placement_mode ==
> > VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
> > >
> > virBitmapFree(def->numatune.memory.nodemask);
> > > def->numatune.memory.nodemask = NULL;
> > > }
> > > 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also
call
the
> > > virBitmapFree function to free the nodemask:
> > > virBitmapFree(def->numatune.memory.nodemask);
> > > But after this call, the value of def->numatune.memory.nodemask is
still
not
> > NULL.
> > > This will generate an exception.
> >
> > Have you got an actual crash happening today, or is this just a theoretical
> > problem you're trying to address ?
>
> Yes,it's an actual crash problem. I found the problem in the above problem
scenario in my first mail.
Then can you send a patch which explicitly fixes that problem on its
own, without doing this major refactoring, which obscures what is being
fixed.
I had sent a patch in my first mail. You can find the mail at the following links:
https://www.redhat.com/archives/libvir-list/2013-September/msg00337.html
Jeremy
2:56 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On Tue, Sep 10, 2013 at 01:29:40AM +0000, Liuji (Jeremy) wrote:
> -----Original Message-----
> From: Daniel P. Berrange [mailto:berrange@redhat.com]
> Sent: Monday, September 09, 2013 7:26 PM
> To: Liuji (Jeremy)
> Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
> Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
>
> On Mon, Sep 09, 2013 at 01:39:42AM +0000, Liuji (Jeremy) wrote:
> > > -----Original Message-----
> > > From: Daniel P. Berrange [mailto:berrange@redhat.com]
> > > Sent: Friday, September 06, 2013 6:37 PM
> > > To: Liuji (Jeremy)
> > > Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
> > > Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a
macro
> > >
> > > On Fri, Sep 06, 2013 at 10:30:56AM +0000, Liuji (Jeremy) wrote:
> > > > The parameter of virBitmapFree function is just a pointer, not a
pointer of
> > > pointer.
> > > > The second VIR_FREE on virBitmapFree only assign NULL to the formal
> > > parameter.
> > > > After calling the virBitmapFree function, the actual parameter are
still not
> > > NULL.
> > > > There are many code segment don't assign NULL to the formal
parameter
> > > after calling
> > > > the virBitmapFree function. This will bring potential risks.
> > > >
> > > > A problem scenario:
> > > > 1) The XML of VM contain the below segment:
> > > > <numatune>
> > > > <memory mode='preferred' placement='auto'
nodeset='0'/>
> > > > </numatune>
> > > > 2)virsh create the VM
> > > > 3)In the virDomainDefParseXML funtion:
> > > > /* Ignore 'nodeset' if
'placement' is 'auto' finally
> */
> > > > if (placement_mode ==
> > > VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
> > > >
> > > virBitmapFree(def->numatune.memory.nodemask);
> > > > def->numatune.memory.nodemask = NULL;
> > > > }
> > > > 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it
also call
> the
> > > > virBitmapFree function to free the nodemask:
> > > > virBitmapFree(def->numatune.memory.nodemask);
> > > > But after this call, the value of def->numatune.memory.nodemask is
still
> not
> > > NULL.
> > > > This will generate an exception.
> > >
> > > Have you got an actual crash happening today, or is this just a
theoretical
> > > problem you're trying to address ?
> >
> > Yes,it's an actual crash problem. I found the problem in the above problem
> scenario in my first mail.
>
> Then can you send a patch which explicitly fixes that problem on its
> own, without doing this major refactoring, which obscures what is being
> fixed.
I had sent a patch in my first mail. You can find the mail at the following links:
https://www.redhat.com/archives/libvir-list/2013-September/msg00337.html
No, I want the root cause fixed. This change to the bitmap APIs is just
papering over any root cause bug.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
3:29 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
-----Original Message-----
From: Daniel P. Berrange [mailto:berrange@redhat.com]
Sent: Tuesday, September 10, 2013 3:57 PM
To: Liuji (Jeremy)
Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On Tue, Sep 10, 2013 at 01:29:40AM +0000, Liuji (Jeremy) wrote:
> > -----Original Message-----
> > From: Daniel P. Berrange [mailto:berrange@redhat.com]
> > Sent: Monday, September 09, 2013 7:26 PM
> > To: Liuji (Jeremy)
> > Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
> > Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
> >
> > On Mon, Sep 09, 2013 at 01:39:42AM +0000, Liuji (Jeremy) wrote:
> > > > -----Original Message-----
> > > > From: Daniel P. Berrange [mailto:berrange@redhat.com]
> > > > Sent: Friday, September 06, 2013 6:37 PM
> > > > To: Liuji (Jeremy)
> > > > Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
> > > > Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to
a
macro
> > > >
> > > > On Fri, Sep 06, 2013 at 10:30:56AM +0000, Liuji (Jeremy) wrote:
> > > > > The parameter of virBitmapFree function is just a pointer, not
a
pointer of
> > > > pointer.
> > > > > The second VIR_FREE on virBitmapFree only assign NULL to the
formal
> > > > parameter.
> > > > > After calling the virBitmapFree function, the actual parameter
are still
not
> > > > NULL.
> > > > > There are many code segment don't assign NULL to the formal
parameter
> > > > after calling
> > > > > the virBitmapFree function. This will bring potential risks.
> > > > >
> > > > > A problem scenario:
> > > > > 1) The XML of VM contain the below segment:
> > > > > <numatune>
> > > > > <memory mode='preferred'
placement='auto' nodeset='0'/>
> > > > > </numatune>
> > > > > 2)virsh create the VM
> > > > > 3)In the virDomainDefParseXML funtion:
> > > > > /* Ignore 'nodeset' if
'placement' is 'auto'
finally
> > */
> > > > > if (placement_mode ==
> > > > VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
> > > > >
> > > > virBitmapFree(def->numatune.memory.nodemask);
> > > > > def->numatune.memory.nodemask =
NULL;
> > > > > }
> > > > > 4)Then, virsh destroy the VM. In the virDomainDefFree funtion,
it also
call
> > the
> > > > > virBitmapFree function to free the nodemask:
> > > > > virBitmapFree(def->numatune.memory.nodemask);
> > > > > But after this call, the value of
def->numatune.memory.nodemask is
still
> > not
> > > > NULL.
> > > > > This will generate an exception.
> > > >
> > > > Have you got an actual crash happening today, or is this just a
theoretical
> > > > problem you're trying to address ?
> > >
> > > Yes,it's an actual crash problem. I found the problem in the above
problem
> > scenario in my first mail.
> >
> > Then can you send a patch which explicitly fixes that problem on its
> > own, without doing this major refactoring, which obscures what is being
> > fixed.
>
> I had sent a patch in my first mail. You can find the mail at the following links:
>
https://www.redhat.com/archives/libvir-list/2013-September/msg00337.html
No, I want the root cause fixed. This change to the bitmap APIs is just
papering over any root cause bug.
This is a simple problem about an address is released twice in some scenario.
I think that released twice is the root cause. I'm not sure what you mean about root
cause.
Did you mean that why the address will be released two times?
7:28 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 09/10/2013 02:29 AM, Liuji (Jeremy) wrote:
>>>> Yes,it's an actual crash problem. I found the
problem in the above
> problem
>>> scenario in my first mail.
>
> A problem scenario:
> 1) The XML of VM contain the below segment:
> <numatune>
> <memory mode='preferred' placement='auto'
nodeset='0'/>
> </numatune>
> 2)virsh create the VM
> 3)In the virDomainDefParseXML funtion:
> /* Ignore 'nodeset' if 'placement' is
'auto' finally */
> if (placement_mode ==
VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
>
virBitmapFree(def->numatune.memory.nodemask);
> def->numatune.memory.nodemask = NULL;
> }
> 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
> virBitmapFree function to free the nodemask:
> virBitmapFree(def->numatune.memory.nodemask);
>>>
>>> Then can you send a patch which explicitly fixes that problem on its
>>> own, without doing this major refactoring, which obscures what is being
>>> fixed.
>>
>> I had sent a patch in my first mail. You can find the mail at the following
links:
>>
> https://www.redhat.com/archives/libvir-list/2013-September/msg00337.html
>
> No, I want the root cause fixed. This change to the bitmap APIs is just
> papering over any root cause bug.
>
This is a simple problem about an address is released twice in some scenario.
I think that released twice is the root cause. I'm not sure what you mean about root
cause.
Did you mean that why the address will be released two times?
What we want is a patch against virDomainDefParseXML - if it frees the
bitmap, it must set the bitmap member to NULL (ie. the root cause is
step 3 of your trace above). That will then avoid the second free in
virDomainDefFree (step 4 of your trace). The root cause is insidious
because leaving the bitmap pointer non-NULL after freeing it means that
ANY other use of the bitmap (not just the free in virDomainDefFree) is
accessing freed memory. Creating a macro to avoid the double free is
overkill; compared to fixing the real bug of freeing but not marking the
memory freed.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
9:27 p.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
-----Original Message-----
From: Eric Blake [mailto:eblake@redhat.com]
Sent: Tuesday, September 10, 2013 8:28 PM
To: Liuji (Jeremy)
Cc: Daniel P. Berrange; libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian);
Haofeng
Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 09/10/2013 02:29 AM, Liuji (Jeremy) wrote:
>>>>> Yes,it's an actual crash problem. I found the problem in the
above
>> problem
>>>> scenario in my first mail.
>>
>> A problem scenario:
>> 1) The XML of VM contain the below segment:
>> <numatune>
>> <memory mode='preferred' placement='auto'
nodeset='0'/>
>> </numatune>
>> 2)virsh create the VM
>> 3)In the virDomainDefParseXML funtion:
>> /* Ignore 'nodeset' if 'placement' is
'auto' finally
*/
>> if (placement_mode ==
> VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
>>
> virBitmapFree(def->numatune.memory.nodemask);
>> def->numatune.memory.nodemask = NULL;
>> }
>> 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it
>> also call the virBitmapFree function to free the nodemask:
>> virBitmapFree(def->numatune.memory.nodemask);
>>>>
>>>> Then can you send a patch which explicitly fixes that problem on
>>>> its own, without doing this major refactoring, which obscures what
>>>> is being fixed.
>>>
>>> I had sent a patch in my first mail. You can find the mail at the following
links:
>>>
>> https://www.redhat.com/archives/libvir-list/2013-September/msg00337.h
>> tml
>>
>> No, I want the root cause fixed. This change to the bitmap APIs is
>> just papering over any root cause bug.
>>
>
> This is a simple problem about an address is released twice in some scenario.
> I think that released twice is the root cause. I'm not sure what you mean
about root cause.
> Did you mean that why the address will be released two times?
What we want is a patch against virDomainDefParseXML - if it frees the bitmap,
it must set the bitmap member to NULL (ie. the root cause is step 3 of your
trace above). That will then avoid the second free in virDomainDefFree (step
4 of your trace). The root cause is insidious because leaving the bitmap
pointer non-NULL after freeing it means that ANY other use of the bitmap (not
just the free in virDomainDefFree) is accessing freed memory. Creating a
macro to avoid the double free is overkill; compared to fixing the real bug of
freeing but not marking the memory freed.
Thank you very much for your detailed advice.
The following is the latest patch.
From 234d8616dba9fa645146def8a8da2562f6b4802b Mon Sep 17 00:00:00 2001
From: "Liuji (Jeremy)" <jeremy.liu(a)huawei.com>
Date: Tue, 10 Sep 2013 22:13:32 -0400
Subject: [PATCH] virDomainDefParseXML: set the argument of virBitmapFree to
NULL after calling virBitmapFree
After freeing the bitmap pointer, it must set the pointer to NULL.
This will avoid any other use of the freed memory of the bitmap pointer.
Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
---
src/conf/domain_conf.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e3aec69..9d1e9fc 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -11220,8 +11220,10 @@ virDomainDefParseXML(xmlDocPtr xml,
}
/* Ignore 'nodeset' if 'placement' is 'auto'
finally */
- if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO)
+ if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
virBitmapFree(def->numatune.memory.nodemask);
+ def->numatune.memory.nodemask = NULL;
+ }
/* Copy 'placement' of <numatune> to <vcpu> if
its 'placement'
* is not specified and 'placement' of <numatune> is
specified.
--
1.8.1.4
2:25 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 09/11/2013 04:27 AM, Liuji (Jeremy) wrote:
From: "Liuji (Jeremy)" <jeremy.liu(a)huawei.com>
Date: Tue, 10 Sep 2013 22:13:32 -0400
Subject: [PATCH] virDomainDefParseXML: set the argument of virBitmapFree to
NULL after calling virBitmapFree
After freeing the bitmap pointer, it must set the pointer to NULL.
This will avoid any other use of the freed memory of the bitmap pointer.
Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
---
src/conf/domain_conf.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
ACK, I've added a link to bugzilla and pushed it:
https://bugzilla.redhat.com/show_bug.cgi?id=1006710
Jan
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e3aec69..9d1e9fc 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -11220,8 +11220,10 @@ virDomainDefParseXML(xmlDocPtr xml,
}
/* Ignore 'nodeset' if 'placement' is 'auto'
finally */
- if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO)
+ if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
virBitmapFree(def->numatune.memory.nodemask);
+ def->numatune.memory.nodemask = NULL;
+ }
/* Copy 'placement' of <numatune> to <vcpu> if
its 'placement'
* is not specified and 'placement' of <numatune> is
specified.
9:46 p.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 06/09/13 18:30, Liuji (Jeremy) wrote:
The parameter of virBitmapFree function is just a pointer, not a
pointer of pointer.
The second VIR_FREE on virBitmapFree only assign NULL to the formal parameter.
After calling the virBitmapFree function, the actual parameter are still not NULL.
There are many code segment don't assign NULL to the formal parameter after calling
the virBitmapFree function. This will bring potential risks.
A problem scenario:
1) The XML of VM contain the below segment:
<numatune>
<memory mode='preferred' placement='auto'
nodeset='0'/>
</numatune>
2)virsh create the VM
3)In the virDomainDefParseXML funtion:
/* Ignore 'nodeset' if 'placement' is 'auto'
finally */
if (placement_mode == VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
virBitmapFree(def->numatune.memory.nodemask);
def->numatune.memory.nodemask = NULL;
}
4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
virBitmapFree function to free the nodemask:
virBitmapFree(def->numatune.memory.nodemask);
But after this call, the value of def->numatune.memory.nodemask is still not NULL.
This will generate an exception.
>From d2b69b130bca89df85005d395c6d45d8df0b74f1 Mon Sep 17 00:00:00 2001
From: "Liuji (Jeremy)" <jeremy.liu(a)huawei.com>
Date: Fri, 6 Sep 2013 04:49:30 -0400
Subject: [PATCH] virBitmapFree: Change the function to a macro
The parameter of virBitmapFree function is just a pointer, not a pointer of pointer.
The second VIR_FREE on virBitmapFree only assign NULL to the formal parameter.
After calling the virBitmapFree function, the actual parameter are still not NULL.
There are many code segment don't assign NULL to the formal parameter after calling
the virBitmapFree function. This will bring potential risks.
Regardless of what the problem is......
Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
---
src/util/virbitmap.c | 21 ---------------------
src/util/virbitmap.h | 21 ++++++++++++++++-----
2 files changed, 16 insertions(+), 26 deletions(-)
diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
index 7e1cd02..cde502f 100644
--- a/src/util/virbitmap.c
+++ b/src/util/virbitmap.c
@@ -40,13 +40,6 @@
#define VIR_FROM_THIS VIR_FROM_NONE
-struct _virBitmap {
- size_t max_bit;
- size_t map_len;
- unsigned long *map;
-};
-
-
#define VIR_BITMAP_BITS_PER_UNIT ((int) sizeof(unsigned long) * CHAR_BIT)
#define VIR_BITMAP_UNIT_OFFSET(b) ((b) / VIR_BITMAP_BITS_PER_UNIT)
#define VIR_BITMAP_BIT_OFFSET(b) ((b) % VIR_BITMAP_BITS_PER_UNIT)
@@ -88,20 +81,6 @@ virBitmapPtr virBitmapNew(size_t size)
return bitmap;
}
-/**
- * virBitmapFree:
- * @bitmap: previously allocated bitmap
- *
- * Free @bitmap previously allocated by virBitmapNew.
- */
-void virBitmapFree(virBitmapPtr bitmap)
-{
- if (bitmap) {
- VIR_FREE(bitmap->map);
- VIR_FREE(bitmap);
- }
-}
-
int virBitmapCopy(virBitmapPtr dst, virBitmapPtr src)
{
diff --git a/src/util/virbitmap.h b/src/util/virbitmap.h
index b682523..9b93b88 100644
--- a/src/util/virbitmap.h
+++ b/src/util/virbitmap.h
@@ -28,6 +28,22 @@
# include <sys/types.h>
+struct _virBitmap {
+ size_t max_bit;
+ size_t map_len;
+ unsigned long *map;
+};
+
+/*
+ * Free previously allocated bitmap
+ */
+#define virBitmapFree(bitmap) \
+ do { \
+ if (bitmap) { \
+ VIR_FREE((bitmap)->map); \
+ VIR_FREE(bitmap); \
+ } \
+ } while (0);
... What does this make difference? Unless I missed something, what you
do is
just changing the function into a macro. And I don't see any benifit
from it.
Osier
10:57 p.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
-----Original Message-----
From: Osier Yang [mailto:jyang@redhat.com]
Sent: Monday, September 09, 2013 10:46 AM
To: Liuji (Jeremy)
Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 06/09/13 18:30, Liuji (Jeremy) wrote:
> The parameter of virBitmapFree function is just a pointer, not a pointer of
pointer.
> The second VIR_FREE on virBitmapFree only assign NULL to the formal
parameter.
> After calling the virBitmapFree function, the actual parameter are still not
NULL.
> There are many code segment don't assign NULL to the formal parameter
after calling
> the virBitmapFree function. This will bring potential risks.
>
> A problem scenario:
> 1) The XML of VM contain the below segment:
> <numatune>
> <memory mode='preferred' placement='auto'
nodeset='0'/>
> </numatune>
> 2)virsh create the VM
> 3)In the virDomainDefParseXML funtion:
> /* Ignore 'nodeset' if 'placement' is
'auto' finally */
> if (placement_mode ==
VIR_NUMA_TUNE_MEM_PLACEMENT_MODE_AUTO) {
>
virBitmapFree(def->numatune.memory.nodemask);
> def->numatune.memory.nodemask = NULL;
> }
> 4)Then, virsh destroy the VM. In the virDomainDefFree funtion, it also call the
> virBitmapFree function to free the nodemask:
> virBitmapFree(def->numatune.memory.nodemask);
> But after this call, the value of def->numatune.memory.nodemask is still not
NULL.
> This will generate an exception.
>
>
> >From d2b69b130bca89df85005d395c6d45d8df0b74f1 Mon Sep 17 00:00:00
2001
> From: "Liuji (Jeremy)" <jeremy.liu(a)huawei.com>
> Date: Fri, 6 Sep 2013 04:49:30 -0400
> Subject: [PATCH] virBitmapFree: Change the function to a macro
>
> The parameter of virBitmapFree function is just a pointer, not a pointer of
pointer.
> The second VIR_FREE on virBitmapFree only assign NULL to the formal
parameter.
> After calling the virBitmapFree function, the actual parameter are still not
NULL.
> There are many code segment don't assign NULL to the formal parameter
after calling
> the virBitmapFree function. This will bring potential risks.
Regardless of what the problem is......
>
> Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
> ---
> src/util/virbitmap.c | 21 ---------------------
> src/util/virbitmap.h | 21 ++++++++++++++++-----
> 2 files changed, 16 insertions(+), 26 deletions(-)
>
> diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
> index 7e1cd02..cde502f 100644
> --- a/src/util/virbitmap.c
> +++ b/src/util/virbitmap.c
> @@ -40,13 +40,6 @@
>
> #define VIR_FROM_THIS VIR_FROM_NONE
>
> -struct _virBitmap {
> - size_t max_bit;
> - size_t map_len;
> - unsigned long *map;
> -};
> -
> -
> #define VIR_BITMAP_BITS_PER_UNIT ((int) sizeof(unsigned long) *
CHAR_BIT)
> #define VIR_BITMAP_UNIT_OFFSET(b) ((b) /
VIR_BITMAP_BITS_PER_UNIT)
> #define VIR_BITMAP_BIT_OFFSET(b) ((b) %
VIR_BITMAP_BITS_PER_UNIT)
> @@ -88,20 +81,6 @@ virBitmapPtr virBitmapNew(size_t size)
> return bitmap;
> }
>
> -/**
> - * virBitmapFree:
> - * @bitmap: previously allocated bitmap
> - *
> - * Free @bitmap previously allocated by virBitmapNew.
> - */
> -void virBitmapFree(virBitmapPtr bitmap)
> -{
> - if (bitmap) {
> - VIR_FREE(bitmap->map);
> - VIR_FREE(bitmap);
> - }
> -}
> -
>
> int virBitmapCopy(virBitmapPtr dst, virBitmapPtr src)
> {
> diff --git a/src/util/virbitmap.h b/src/util/virbitmap.h
> index b682523..9b93b88 100644
> --- a/src/util/virbitmap.h
> +++ b/src/util/virbitmap.h
> @@ -28,6 +28,22 @@
>
> # include <sys/types.h>
>
> +struct _virBitmap {
> + size_t max_bit;
> + size_t map_len;
> + unsigned long *map;
> +};
> +
> +/*
> + * Free previously allocated bitmap
> + */
> +#define virBitmapFree(bitmap) \
> + do { \
> + if (bitmap) { \
> + VIR_FREE((bitmap)->map); \
> + VIR_FREE(bitmap); \
> + } \
> + } while (0);
>
... What does this make difference? Unless I missed something, what you
do is
just changing the function into a macro. And I don't see any benifit
from it.
Osier
I thought I have already clearly explained the problem.
The virBitmapFree is:
void virBitmapFree(virBitmapPtr bitmap)
{
if (bitmap) {
VIR_FREE(bitmap->map);
VIR_FREE(bitmap);
}
}
Bitmap is a parameter (formal parameter). The address which is pointed by Bitmap is the
same as argument(actual parameter) pointed.
In " VIR_FREE(bitmap);", it frees the same address. But only assigns the NULL to
the Bitmap, not to the argument(actual parameter).
After calling virBitmapFree, if there is not assigning NULL to the argument(actual
parameter), and using this argument(actual parameter) to call
the virBitmapFree again, it will free an already freed address. It will generate a crash.
There are 3 solutions:
1> After call virBitmapFree function, add a assignment which is assign NULL to the
argument(actual parameter) of virBitmapFree.
2> Change the virBitmapFree to :
void virBitmapFree(virBitmapPtr *bitmap)
{
if (*bitmap) {
VIR_FREE((*bitmap)->map);
VIR_FREE(*bitmap);
}
}
And change all virBitmapFree calling from
virBitmapFree(abc)
to
virBitmapFree(&abc)
3> change the virBitmapFree to a macro, like my first mail.
Because the 1 and 2 solutions will modify the code in many code segment. So, I prefer the
3 solution.
5:14 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
[......]
> Regardless of what the problem is......
>
>> Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
>> ---
>> src/util/virbitmap.c | 21 ---------------------
>> src/util/virbitmap.h | 21 ++++++++++++++++-----
>> 2 files changed, 16 insertions(+), 26 deletions(-)
>>
>> diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
>> index 7e1cd02..cde502f 100644
>> --- a/src/util/virbitmap.c
>> +++ b/src/util/virbitmap.c
>> @@ -40,13 +40,6 @@
>>
>> #define VIR_FROM_THIS VIR_FROM_NONE
>>
>> -struct _virBitmap {
>> - size_t max_bit;
>> - size_t map_len;
>> - unsigned long *map;
>> -};
>> -
>> -
>> #define VIR_BITMAP_BITS_PER_UNIT ((int) sizeof(unsigned long) *
> CHAR_BIT)
>> #define VIR_BITMAP_UNIT_OFFSET(b) ((b) /
> VIR_BITMAP_BITS_PER_UNIT)
>> #define VIR_BITMAP_BIT_OFFSET(b) ((b) %
> VIR_BITMAP_BITS_PER_UNIT)
>> @@ -88,20 +81,6 @@ virBitmapPtr virBitmapNew(size_t size)
>> return bitmap;
>> }
>>
>> -/**
>> - * virBitmapFree:
>> - * @bitmap: previously allocated bitmap
>> - *
>> - * Free @bitmap previously allocated by virBitmapNew.
>> - */
>> -void virBitmapFree(virBitmapPtr bitmap)
>> -{
>> - if (bitmap) {
>> - VIR_FREE(bitmap->map);
>> - VIR_FREE(bitmap);
>> - }
>> -}
>> -
>>
>> int virBitmapCopy(virBitmapPtr dst, virBitmapPtr src)
>> {
>> diff --git a/src/util/virbitmap.h b/src/util/virbitmap.h
>> index b682523..9b93b88 100644
>> --- a/src/util/virbitmap.h
>> +++ b/src/util/virbitmap.h
>> @@ -28,6 +28,22 @@
>>
>> # include <sys/types.h>
>>
>> +struct _virBitmap {
>> + size_t max_bit;
>> + size_t map_len;
>> + unsigned long *map;
>> +};
>> +
>> +/*
>> + * Free previously allocated bitmap
>> + */
>> +#define virBitmapFree(bitmap) \
>> + do { \
>> + if (bitmap) { \
>> + VIR_FREE((bitmap)->map); \
>> + VIR_FREE(bitmap); \
>> + } \
>> + } while (0);
>>
> ... What does this make difference? Unless I missed something, what you
> do is
> just changing the function into a macro. And I don't see any benifit
> from it.
>
> Osier
I thought I have already clearly explained the problem.
The virBitmapFree is:
void virBitmapFree(virBitmapPtr bitmap)
{
if (bitmap) {
VIR_FREE(bitmap->map);
VIR_FREE(bitmap);
}
}
Bitmap is a parameter (formal parameter). The address which is pointed by Bitmap is the
same as argument(actual parameter) pointed.
In " VIR_FREE(bitmap);", it frees the same address. But only assigns the NULL
to the Bitmap, not to the argument(actual parameter).
After calling virBitmapFree, if there is not assigning NULL to the argument(actual
parameter), and using this argument(actual parameter) to call
the virBitmapFree again, it will free an already freed address. It will generate a crash.
I knew your meaning, what I was wondering was:
There are 3 solutions:
1> After call virBitmapFree function, add a assignment which is assign NULL to the
argument(actual parameter) of virBitmapFree.
2> Change the virBitmapFree to :
void virBitmapFree(virBitmapPtr *bitmap)
{
if (*bitmap) {
VIR_FREE((*bitmap)->map);
VIR_FREE(*bitmap);
}
}
And change all virBitmapFree calling from
virBitmapFree(abc)
to
virBitmapFree(&abc)
3> change the virBitmapFree to a macro, like my first mail.
1) Regardless of what the problem is, and whether to change the interface of
virBitmapFree or introduce a macro, I didn't see you use it, I.E
fixing the crash
problems. Without the changes on the use of virBitmapFree, the patch is
quite confused between the commit log and the patch itself.
2) And actually the macro still doesn't help if we don't pass a
"virBitmapPtr *"
argument for it. So the patch doesn't change things.
I prefer to change the interface of virBitmapFree instead, since it will
need the
"virBitmapPtr *" argument anyway.
Osier
8:52 p.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
-----Original Message-----
From: Osier Yang [mailto:jyang@redhat.com]
Sent: Monday, September 09, 2013 6:15 PM
To: Liuji (Jeremy)
Cc: libvir-list(a)redhat.com; Jinbo (Justin); Luohao (brian); Haofeng
Subject: Re: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
[......]
>> Regardless of what the problem is......
>>
>>> Signed-off-by: Liuji (Jeremy) <jeremy.liu(a)huawei.com>
>>> ---
>>> src/util/virbitmap.c | 21 ---------------------
>>> src/util/virbitmap.h | 21 ++++++++++++++++-----
>>> 2 files changed, 16 insertions(+), 26 deletions(-)
>>>
>>> diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
>>> index 7e1cd02..cde502f 100644
>>> --- a/src/util/virbitmap.c
>>> +++ b/src/util/virbitmap.c
>>> @@ -40,13 +40,6 @@
>>>
>>> #define VIR_FROM_THIS VIR_FROM_NONE
>>>
>>> -struct _virBitmap {
>>> - size_t max_bit;
>>> - size_t map_len;
>>> - unsigned long *map;
>>> -};
>>> -
>>> -
>>> #define VIR_BITMAP_BITS_PER_UNIT ((int) sizeof(unsigned long) *
>> CHAR_BIT)
>>> #define VIR_BITMAP_UNIT_OFFSET(b) ((b) /
>> VIR_BITMAP_BITS_PER_UNIT)
>>> #define VIR_BITMAP_BIT_OFFSET(b) ((b) %
>> VIR_BITMAP_BITS_PER_UNIT)
>>> @@ -88,20 +81,6 @@ virBitmapPtr virBitmapNew(size_t size)
>>> return bitmap;
>>> }
>>>
>>> -/**
>>> - * virBitmapFree:
>>> - * @bitmap: previously allocated bitmap
>>> - *
>>> - * Free @bitmap previously allocated by virBitmapNew.
>>> - */
>>> -void virBitmapFree(virBitmapPtr bitmap)
>>> -{
>>> - if (bitmap) {
>>> - VIR_FREE(bitmap->map);
>>> - VIR_FREE(bitmap);
>>> - }
>>> -}
>>> -
>>>
>>> int virBitmapCopy(virBitmapPtr dst, virBitmapPtr src)
>>> {
>>> diff --git a/src/util/virbitmap.h b/src/util/virbitmap.h
>>> index b682523..9b93b88 100644
>>> --- a/src/util/virbitmap.h
>>> +++ b/src/util/virbitmap.h
>>> @@ -28,6 +28,22 @@
>>>
>>> # include <sys/types.h>
>>>
>>> +struct _virBitmap {
>>> + size_t max_bit;
>>> + size_t map_len;
>>> + unsigned long *map;
>>> +};
>>> +
>>> +/*
>>> + * Free previously allocated bitmap
>>> + */
>>> +#define virBitmapFree(bitmap) \
>>> + do { \
>>> + if (bitmap) { \
>>> + VIR_FREE((bitmap)->map); \
>>> + VIR_FREE(bitmap); \
>>> + } \
>>> + } while (0);
>>>
>> ... What does this make difference? Unless I missed something, what you
>> do is
>> just changing the function into a macro. And I don't see any benifit
>> from it.
>>
>> Osier
> I thought I have already clearly explained the problem.
>
> The virBitmapFree is:
> void virBitmapFree(virBitmapPtr bitmap)
> {
> if (bitmap) {
> VIR_FREE(bitmap->map);
> VIR_FREE(bitmap);
> }
> }
> Bitmap is a parameter (formal parameter). The address which is pointed by
Bitmap is the same as argument(actual parameter) pointed.
> In " VIR_FREE(bitmap);", it frees the same address. But only assigns the
NULL to the Bitmap, not to the argument(actual parameter).
> After calling virBitmapFree, if there is not assigning NULL to the
argument(actual parameter), and using this argument(actual parameter) to
call
> the virBitmapFree again, it will free an already freed address. It will generate
a crash.
I knew your meaning, what I was wondering was:
>
> There are 3 solutions:
> 1> After call virBitmapFree function, add a assignment which is assign NULL
to the argument(actual parameter) of virBitmapFree.
> 2> Change the virBitmapFree to :
> void virBitmapFree(virBitmapPtr *bitmap)
> {
> if (*bitmap) {
> VIR_FREE((*bitmap)->map);
> VIR_FREE(*bitmap);
> }
> }
> And change all virBitmapFree calling from
> virBitmapFree(abc)
> to
> virBitmapFree(&abc)
> 3> change the virBitmapFree to a macro, like my first mail.
>
1) Regardless of what the problem is, and whether to change the interface of
virBitmapFree or introduce a macro, I didn't see you use it, I.E
fixing the crash
problems. Without the changes on the use of virBitmapFree, the patch is
quite confused between the commit log and the patch itself.
2) And actually the macro still doesn't help if we don't pass a
"virBitmapPtr *"
argument for it. So the patch doesn't change things.
In my patch, no need to modify the virBitmapFree called code, I.E NO need to change
virBitmapFree(abc)
to
virBitmapFree(&abc)
After the virBitmapFree was changed to a macro, there is no parameter(formal parameter).
virBitmapFree directly operate the argument(actual parameter).
I prefer to change the interface of virBitmapFree instead, since it
will
need the
"virBitmapPtr *" argument anyway.
Osier
6:24 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 09/09/2013 05:57 AM, Liuji (Jeremy) wrote:
The virBitmapFree is:
void virBitmapFree(virBitmapPtr bitmap)
{
if (bitmap) {
VIR_FREE(bitmap->map);
VIR_FREE(bitmap);
}
}
Bitmap is a parameter (formal parameter). The address which is pointed by Bitmap is the
same as argument(actual parameter) pointed.
In " VIR_FREE(bitmap);", it frees the same address. But only assigns the NULL
to the Bitmap, not to the argument(actual parameter).
After calling virBitmapFree, if there is not assigning NULL to the argument(actual
parameter), and using this argument(actual parameter) to call
the virBitmapFree again, it will free an already freed address. It will generate a
crash.
There are 3 solutions:
1> After call virBitmapFree function, add a assignment which is assign NULL to the
argument(actual parameter) of virBitmapFree.
2> Change the virBitmapFree to :
void virBitmapFree(virBitmapPtr *bitmap)
{
if (*bitmap) {
VIR_FREE((*bitmap)->map);
VIR_FREE(*bitmap);
}
}
And change all virBitmapFree calling from
virBitmapFree(abc)
to
virBitmapFree(&abc)
3> change the virBitmapFree to a macro, like my first mail.
Because the 1 and 2 solutions will modify the code in many code segment. So, I prefer the
3 solution.
Most of the code doesn't use the bitmap after it's freed, it seems it's just
the one case of numatune nodemask that needs to be fixed. I vote for option
(1). I think it's better to be consistent with what other *Free functions do.
Jan
10:59 a.m.
New subject: [libvirt] [PATCH] virBitmapFree: Change the function to a macro
On 09/09/13 19:24, Ján Tomko wrote:
On 09/09/2013 05:57 AM, Liuji (Jeremy) wrote:
> The virBitmapFree is:
> void virBitmapFree(virBitmapPtr bitmap)
> {
> if (bitmap) {
> VIR_FREE(bitmap->map);
> VIR_FREE(bitmap);
> }
> }
> Bitmap is a parameter (formal parameter). The address which is pointed by Bitmap is
the same as argument(actual parameter) pointed.
> In " VIR_FREE(bitmap);", it frees the same address. But only assigns the
NULL to the Bitmap, not to the argument(actual parameter).
> After calling virBitmapFree, if there is not assigning NULL to the argument(actual
parameter), and using this argument(actual parameter) to call
> the virBitmapFree again, it will free an already freed address. It will generate a
crash.
>
> There are 3 solutions:
> 1> After call virBitmapFree function, add a assignment which is assign NULL to the
argument(actual parameter) of virBitmapFree.
> 2> Change the virBitmapFree to :
> void virBitmapFree(virBitmapPtr *bitmap)
> {
> if (*bitmap) {
> VIR_FREE((*bitmap)->map);
> VIR_FREE(*bitmap);
> }
> }
> And change all virBitmapFree calling from
> virBitmapFree(abc)
> to
> virBitmapFree(&abc)
> 3> change the virBitmapFree to a macro, like my first mail.
>
>
> Because the 1 and 2 solutions will modify the code in many code segment. So, I prefer
the 3 solution.
Most of the code doesn't use the bitmap after it's freed, it seems it's just
the one case of numatune nodemask that needs to be fixed. I vote for option
(1). I think it's better to be consistent with what other *Free functions do.
Not really, a dangling pointer always has potential risks. It's never
known whether
if it will be used later, especially when the memory it pointed to is
allocated for some
other purpose. Causing crash is actually the better result than
unexpected ones.
Osier
4091
days inactive
4096
days old
15 comments
5 participants
participants (5)
-
Daniel P. Berrange -
Eric Blake -
Ján Tomko -
Liuji (Jeremy) -
Osier Yang