@@ -155,6 +155,13 @@ static QVirtQueue *qvirtio_mmio_virtqueue_setup(QVirtioDevice *d,
return vq;
}
+static void qvirtio_mmio_virtqueue_cleanup(QVirtQueue *vq,
+ QGuestAllocator *alloc)
+{
+ guest_free(alloc, vq->desc);
+ g_free(vq);
+}
+
static void qvirtio_mmio_virtqueue_kick(QVirtioDevice *d, QVirtQueue *vq)
{
QVirtioMMIODevice *dev = (QVirtioMMIODevice *)d;
@@ -177,6 +184,7 @@ const QVirtioBus qvirtio_mmio = {
.get_queue_size = qvirtio_mmio_get_queue_size,
.set_queue_address = qvirtio_mmio_set_queue_address,
.virtqueue_setup = qvirtio_mmio_virtqueue_setup,
+ .virtqueue_cleanup = qvirtio_mmio_virtqueue_cleanup,
.virtqueue_kick = qvirtio_mmio_virtqueue_kick,
};
@@ -236,6 +236,15 @@ static QVirtQueue *qvirtio_pci_virtqueue_setup(QVirtioDevice *d,
return &vqpci->vq;
}
+static void qvirtio_pci_virtqueue_cleanup(QVirtQueue *vq,
+ QGuestAllocator *alloc)
+{
+ QVirtQueuePCI *vqpci = container_of(vq, QVirtQueuePCI, vq);
+
+ guest_free(alloc, vq->desc);
+ g_free(vqpci);
+}
+
static void qvirtio_pci_virtqueue_kick(QVirtioDevice *d, QVirtQueue *vq)
{
QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
@@ -258,6 +267,7 @@ const QVirtioBus qvirtio_pci = {
.get_queue_size = qvirtio_pci_get_queue_size,
.set_queue_address = qvirtio_pci_set_queue_address,
.virtqueue_setup = qvirtio_pci_virtqueue_setup,
+ .virtqueue_cleanup = qvirtio_pci_virtqueue_cleanup,
.virtqueue_kick = qvirtio_pci_virtqueue_kick,
};
@@ -55,6 +55,12 @@ QVirtQueue *qvirtqueue_setup(const QVirtioBus *bus, QVirtioDevice *d,
return bus->virtqueue_setup(d, alloc, index);
}
+void qvirtqueue_cleanup(const QVirtioBus *bus, QVirtQueue *vq,
+ QGuestAllocator *alloc)
+{
+ return bus->virtqueue_cleanup(vq, alloc);
+}
+
void qvirtio_reset(const QVirtioBus *bus, QVirtioDevice *d)
{
bus->set_status(d, 0);
@@ -83,6 +83,9 @@ typedef struct QVirtioBus {
QVirtQueue *(*virtqueue_setup)(QVirtioDevice *d, QGuestAllocator *alloc,
uint16_t index);
+ /* Free virtqueue resources */
+ void (*virtqueue_cleanup)(QVirtQueue *vq, QGuestAllocator *alloc);
+
/* Notify changes in virtqueue */
void (*virtqueue_kick)(QVirtioDevice *d, QVirtQueue *vq);
} QVirtioBus;
@@ -125,6 +128,8 @@ unsigned int qvirtio_wait_queue_buf(const QVirtioBus *bus, QVirtioDevice *d,
gint64 timeout_us);
QVirtQueue *qvirtqueue_setup(const QVirtioBus *bus, QVirtioDevice *d,
QGuestAllocator *alloc, uint16_t index);
+void qvirtqueue_cleanup(const QVirtioBus *bus, QVirtQueue *vq,
+ QGuestAllocator *alloc);
void qvring_init(const QGuestAllocator *alloc, QVirtQueue *vq, uint64_t addr);
QVRingIndirectDesc *qvring_indirect_desc_setup(QVirtioDevice *d,
@@ -299,7 +299,7 @@ static void pci_basic(void)
(uint64_t)(uintptr_t)addr);
/* End test */
- guest_free(alloc, vqpci->vq.desc);
+ qvirtqueue_cleanup(&qvirtio_pci, &vqpci->vq, alloc);
pc_alloc_uninit(alloc);
qvirtio_pci_device_disable(dev);
g_free(dev);
@@ -402,7 +402,7 @@ static void pci_indirect(void)
guest_free(alloc, req_addr);
/* End test */
- guest_free(alloc, vqpci->vq.desc);
+ qvirtqueue_cleanup(&qvirtio_pci, &vqpci->vq, alloc);
pc_alloc_uninit(alloc);
qvirtio_pci_device_disable(dev);
g_free(dev);
@@ -553,7 +553,7 @@ static void pci_msix(void)
guest_free(alloc, req_addr);
/* End test */
- guest_free(alloc, vqpci->vq.desc);
+ qvirtqueue_cleanup(&qvirtio_pci, &vqpci->vq, alloc);
pc_alloc_uninit(alloc);
qpci_msix_disable(dev->pdev);
qvirtio_pci_device_disable(dev);
@@ -680,7 +680,7 @@ static void pci_idx(void)
guest_free(alloc, req_addr);
/* End test */
- guest_free(alloc, vqpci->vq.desc);
+ qvirtqueue_cleanup(&qvirtio_pci, &vqpci->vq, alloc);
pc_alloc_uninit(alloc);
qpci_msix_disable(dev->pdev);
qvirtio_pci_device_disable(dev);
@@ -746,7 +746,7 @@ static void mmio_basic(void)
g_assert_cmpint(capacity, ==, n_size / 512);
/* End test */
- guest_free(alloc, vq->desc);
+ qvirtqueue_cleanup(&qvirtio_mmio, vq, alloc);
generic_alloc_uninit(alloc);
g_free(dev);
test_end();
@@ -230,7 +230,7 @@ static void pci_basic(gconstpointer data)
/* End test */
close(sv[0]);
- guest_free(alloc, tx->vq.desc);
+ qvirtqueue_cleanup(&qvirtio_pci, &tx->vq, alloc);
pc_alloc_uninit(alloc);
qvirtio_pci_device_disable(dev);
g_free(dev);
@@ -59,7 +59,7 @@ static void qvirtio_scsi_pci_free(QVirtIOSCSI *vs)
int i;
for (i = 0; i < vs->num_queues + 2; i++) {
- guest_free(vs->alloc, vs->vq[i]->desc);
+ qvirtqueue_cleanup(&qvirtio_pci, vs->vq[i], vs->alloc);
}
pc_alloc_uninit(vs->alloc);
qvirtio_pci_device_disable(container_of(vs->dev, QVirtioPCIDevice, vdev));
qvirtqueue_setup() allocates the vring and virtqueue state. So far there has been no function to free it. Callers have been using guest_free() for the vring but forgot to free the QVirtQueue state. This patch solves the memory leak by introducing qvirtqueue_cleanup(). Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> --- This fix is based on based on "[PATCH 0/5] libqos: add ability to pop buffers from virtqueue" but probably applies more or less cleanly onto other trees too. Also available on my vsock tree: https://github.com/stefanha/qemu/commits/vsock. tests/libqos/virtio-mmio.c | 8 ++++++++ tests/libqos/virtio-pci.c | 10 ++++++++++ tests/libqos/virtio.c | 6 ++++++ tests/libqos/virtio.h | 5 +++++ tests/virtio-blk-test.c | 10 +++++----- tests/virtio-net-test.c | 2 +- tests/virtio-scsi-test.c | 2 +- 7 files changed, 36 insertions(+), 7 deletions(-)