| Message ID | 20220318151555.381737-5-mark.kanda@oracle.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | vCPU hotunplug related memory leaks | expand |
On 18/3/22 16:15, Mark Kanda wrote: > vCPU hotunplug related leak reported by Valgrind: > > ==132362== 216 bytes in 1 blocks are definitely lost in loss record 7,119 of 8,549 > ==132362== at 0x4C3ADBB: calloc (vg_replace_malloc.c:1117) > ==132362== by 0x69EE4CD: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.5600.4) > ==132362== by 0x7E34AF: cpu_address_space_init (physmem.c:751) > ==132362== by 0x45053E: qemu_init_vcpu (cpus.c:635) > ==132362== by 0x76B4A7: x86_cpu_realizefn (cpu.c:6520) > ==132362== by 0x9343ED: device_set_realized (qdev.c:531) > ==132362== by 0x93E26F: property_set_bool (object.c:2273) > ==132362== by 0x93C23E: object_property_set (object.c:1408) > ==132362== by 0x9406DC: object_property_set_qobject (qom-qobject.c:28) > ==132362== by 0x93C5A9: object_property_set_bool (object.c:1477) > ==132362== by 0x933C81: qdev_realize (qdev.c:333) > ==132362== by 0x455E9A: qdev_device_add_from_qdict (qdev-monitor.c:713) > > Signed-off-by: Mark Kanda <mark.kanda@oracle.com> > --- > cpu.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/cpu.c b/cpu.c > index be1f8b074c..6a3475022f 100644 > --- a/cpu.c > +++ b/cpu.c > @@ -173,6 +173,7 @@ void cpu_exec_unrealizefn(CPUState *cpu) > if (tcg_enabled()) { > tcg_exec_unrealizefn(cpu); > } > + g_free(cpu->cpu_ases); There is an API mismatch here. We miss cpu_address_space_destroy(). cpu_exec_unrealizefn() then calls cpu_address_space_destroy(), and cpu_address_space_destroy() frees cpu_ases. Otherwise other cpu_address_space_init() calls will keep leaking. > cpu_list_remove(cpu); > }
On 3/18/2022 11:26 AM, Philippe Mathieu-Daudé wrote: > On 18/3/22 16:15, Mark Kanda wrote: >> vCPU hotunplug related leak reported by Valgrind: >> >> ==132362== 216 bytes in 1 blocks are definitely lost in loss record 7,119 of >> 8,549 >> ==132362== at 0x4C3ADBB: calloc (vg_replace_malloc.c:1117) >> ==132362== by 0x69EE4CD: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.5600.4) >> ==132362== by 0x7E34AF: cpu_address_space_init (physmem.c:751) >> ==132362== by 0x45053E: qemu_init_vcpu (cpus.c:635) >> ==132362== by 0x76B4A7: x86_cpu_realizefn (cpu.c:6520) >> ==132362== by 0x9343ED: device_set_realized (qdev.c:531) >> ==132362== by 0x93E26F: property_set_bool (object.c:2273) >> ==132362== by 0x93C23E: object_property_set (object.c:1408) >> ==132362== by 0x9406DC: object_property_set_qobject (qom-qobject.c:28) >> ==132362== by 0x93C5A9: object_property_set_bool (object.c:1477) >> ==132362== by 0x933C81: qdev_realize (qdev.c:333) >> ==132362== by 0x455E9A: qdev_device_add_from_qdict (qdev-monitor.c:713) >> >> Signed-off-by: Mark Kanda <mark.kanda@oracle.com> >> --- >> cpu.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/cpu.c b/cpu.c >> index be1f8b074c..6a3475022f 100644 >> --- a/cpu.c >> +++ b/cpu.c >> @@ -173,6 +173,7 @@ void cpu_exec_unrealizefn(CPUState *cpu) >> if (tcg_enabled()) { >> tcg_exec_unrealizefn(cpu); >> } >> + g_free(cpu->cpu_ases); > > There is an API mismatch here. We miss cpu_address_space_destroy(). > > cpu_exec_unrealizefn() then calls cpu_address_space_destroy(), > and cpu_address_space_destroy() frees cpu_ases. > > Otherwise other cpu_address_space_init() calls will keep leaking. > Will fix in v3. Thanks Philippe, -Mark
diff --git a/cpu.c b/cpu.c index be1f8b074c..6a3475022f 100644 --- a/cpu.c +++ b/cpu.c @@ -173,6 +173,7 @@ void cpu_exec_unrealizefn(CPUState *cpu) if (tcg_enabled()) { tcg_exec_unrealizefn(cpu); } + g_free(cpu->cpu_ases); cpu_list_remove(cpu); }
vCPU hotunplug related leak reported by Valgrind: ==132362== 216 bytes in 1 blocks are definitely lost in loss record 7,119 of 8,549 ==132362== at 0x4C3ADBB: calloc (vg_replace_malloc.c:1117) ==132362== by 0x69EE4CD: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.5600.4) ==132362== by 0x7E34AF: cpu_address_space_init (physmem.c:751) ==132362== by 0x45053E: qemu_init_vcpu (cpus.c:635) ==132362== by 0x76B4A7: x86_cpu_realizefn (cpu.c:6520) ==132362== by 0x9343ED: device_set_realized (qdev.c:531) ==132362== by 0x93E26F: property_set_bool (object.c:2273) ==132362== by 0x93C23E: object_property_set (object.c:1408) ==132362== by 0x9406DC: object_property_set_qobject (qom-qobject.c:28) ==132362== by 0x93C5A9: object_property_set_bool (object.c:1477) ==132362== by 0x933C81: qdev_realize (qdev.c:333) ==132362== by 0x455E9A: qdev_device_add_from_qdict (qdev-monitor.c:713) Signed-off-by: Mark Kanda <mark.kanda@oracle.com> --- cpu.c | 1 + 1 file changed, 1 insertion(+)