On Tue, Mar 05, 2019 at 04:06:54PM +0000, Peter Maydell wrote: > On Fri, 22 Feb 2019 at 02:41, Michael S. Tsirkin wrote: > > > > From: David Gibson > > > > The virtio-balloon always works in units of 4kiB (BALLOON_PAGE_SIZE), but > > we can only actually discard memory in units of the host page size. > > Hi -- Coverity points out an issue in this patch (CID 1399146): > > > + /* Hard case > > + * > > + * We've put a piece of a larger host page into the balloon - we > > + * need to keep track until we have a whole host page to > > + * discard > > + */ > > + warn_report_once( > > +"Balloon used with backing page size > 4kiB, this may not be reliable"); > > + > > + subpages = rb_page_size / BALLOON_PAGE_SIZE; > > + > > + if (balloon->pbp > > + && (rb != balloon->pbp->rb > > + || host_page_base != balloon->pbp->base)) { > > + /* We've partially ballooned part of a host page, but now > > + * we're trying to balloon part of a different one. Too hard, > > + * give up on the old partial page */ > > + free(balloon->pbp); > > + balloon->pbp = NULL; > > } > > > > - ram_block_discard_range(rb, ram_offset, rb_page_size); > > - /* We ignore errors from ram_block_discard_range(), because it has > > - * already reported them, and failing to discard a balloon page is > > - * not fatal */ > > + if (!balloon->pbp) { > > + /* Starting on a new host page */ > > + size_t bitlen = BITS_TO_LONGS(subpages) * sizeof(unsigned long); > > + balloon->pbp = g_malloc0(sizeof(PartiallyBalloonedPage) + bitlen); > > > We allocate balloon->pbp with g_malloc0() here... > > > + balloon->pbp->rb = rb; > > + balloon->pbp->base = host_page_base; > > + } > > + > > + bitmap_set(balloon->pbp->bitmap, > > + (ram_offset - balloon->pbp->base) / BALLOON_PAGE_SIZE, > > + subpages); > > + > > + if (bitmap_full(balloon->pbp->bitmap, subpages)) { > > + /* We've accumulated a full host page, we can actually discard > > + * it now */ > > + > > + ram_block_discard_range(rb, balloon->pbp->base, rb_page_size); > > + /* We ignore errors from ram_block_discard_range(), because it > > + * has already reported them, and failing to discard a balloon > > + * page is not fatal */ > > + > > + free(balloon->pbp); > > ...but we free it (here and elsewhere) with free(), not g_free(). Ah. Whoops. I'll put a fix for that in the series of followup balloon patches I'm working on right now. -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson