All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Burakov, Anatoly" <anatoly.burakov@intel.com>
To: Erik Gabriel Carrillo <erik.g.carrillo@intel.com>,
	rsanford@akamai.com, thomas@monjalon.net
Cc: dev@dpdk.org
Subject: Re: [dpdk-dev] [PATCH v2] timer: fix resource leak in finalize
Date: Tue, 7 May 2019 12:03:40 +0100	[thread overview]
Message-ID: <7baed0b9-432f-be86-5e39-68035bc309a4@intel.com> (raw)
In-Reply-To: <1556924082-22535-1-git-send-email-erik.g.carrillo@intel.com>

On 03-May-19 11:54 PM, Erik Gabriel Carrillo wrote:
> The finalize function should free the memzone created in the init
> function, rather than freeing the allocation the memzone references,
> otherwise a memzone descriptor can be leaked.
> 
> Fixes: c0749f7096c7 ("timer: allow management in shared memory")
> 
> Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com>
> ---
> changes in v2:
>   - Handle scenario where primary process exits before secondaries such
>     that memzone is not freed early (Anatoly)
> 
>   lib/librte_timer/rte_timer.c | 20 +++++++++++++++++---
>   1 file changed, 17 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/librte_timer/rte_timer.c b/lib/librte_timer/rte_timer.c
> index eb46009..4771287 100644
> --- a/lib/librte_timer/rte_timer.c
> +++ b/lib/librte_timer/rte_timer.c
> @@ -60,6 +60,8 @@ struct rte_timer_data {
>   };
>   
>   #define RTE_MAX_DATA_ELS 64
> +static const struct rte_memzone *rte_timer_data_mz;
> +static rte_atomic16_t *rte_timer_mz_refcnt;
>   static struct rte_timer_data *rte_timer_data_arr;
>   static const uint32_t default_data_id;
>   static uint32_t rte_timer_subsystem_initialized;
> @@ -155,6 +157,7 @@ rte_timer_subsystem_init_v1905(void)
>   	struct rte_timer_data *data;
>   	int i, lcore_id;
>   	static const char *mz_name = "rte_timer_mz";
> +	size_t data_arr_size = RTE_MAX_DATA_ELS * sizeof(*rte_timer_data_arr);

nitpicking, but... const?

>   
>   	if (rte_timer_subsystem_initialized)
>   		return -EALREADY;
> @@ -164,10 +167,14 @@ rte_timer_subsystem_init_v1905(void)
>   		if (mz == NULL)
>   			return -EEXIST;
>   
> +		rte_timer_data_mz = mz;
>   		rte_timer_data_arr = mz->addr;
> +		rte_timer_mz_refcnt =
> +				(void *)((char *)mz->addr + data_arr_size);
>   
>   		rte_timer_data_arr[default_data_id].internal_flags |=
>   			FL_ALLOCATED;
> +		rte_atomic16_inc(rte_timer_mz_refcnt);
>   
>   		rte_timer_subsystem_initialized = 1;
>   
> @@ -175,12 +182,15 @@ rte_timer_subsystem_init_v1905(void)
>   	}
>   
>   	mz = rte_memzone_reserve_aligned(mz_name,
> -			RTE_MAX_DATA_ELS * sizeof(*rte_timer_data_arr),
> +			data_arr_size + sizeof(*rte_timer_mz_refcnt),
>   			SOCKET_ID_ANY, 0, RTE_CACHE_LINE_SIZE);
>   	if (mz == NULL)
>   		return -ENOMEM;
>   
> +	rte_timer_data_mz = mz;
>   	rte_timer_data_arr = mz->addr;
> +	rte_timer_mz_refcnt = (void *)((char *)mz->addr + data_arr_size);
> +	rte_atomic16_init(rte_timer_mz_refcnt);
>   
>   	for (i = 0; i < RTE_MAX_DATA_ELS; i++) {
>   		data = &rte_timer_data_arr[i];
> @@ -193,6 +203,7 @@ rte_timer_subsystem_init_v1905(void)
>   	}
>   
>   	rte_timer_data_arr[default_data_id].internal_flags |= FL_ALLOCATED;
> +	rte_atomic16_inc(rte_timer_mz_refcnt);
>   
>   	rte_timer_subsystem_initialized = 1;
>   
> @@ -205,8 +216,11 @@ BIND_DEFAULT_SYMBOL(rte_timer_subsystem_init, _v1905, 19.05);
>   void __rte_experimental
>   rte_timer_subsystem_finalize(void)
>   {
> -	if (rte_timer_data_arr)
> -		rte_free(rte_timer_data_arr);
> +	if (!rte_timer_subsystem_initialized)
> +		return;
> +
> +	if (rte_atomic16_dec_and_test(rte_timer_mz_refcnt))
> +		rte_memzone_free(rte_timer_data_mz);

I think there's a race here. You may get preempted after test but before 
free, where another secondary could initialize. As far as i know, we 
also support a case when secondary initializes after primary stops running.

Let's even suppose that we allow secondary processes to initialize the 
timer subsystem by reserving memzone and checking rte_errno. You would 
still have a chance of two init/deinit conflicting, because there's a 
hole between memzone allocation and atomic increment.

I don't think this race can be resolved in a safe way, so we might just 
have to settle for a memory leak.

>   
>   	rte_timer_subsystem_initialized = 0;
>   }
> 


-- 
Thanks,
Anatoly

  reply	other threads:[~2019-05-07 11:03 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-01 19:00 [dpdk-dev] [PATCH] timer: fix resource leak in finalize Erik Gabriel Carrillo
2019-05-02  9:18 ` Burakov, Anatoly
2019-05-02 12:19   ` Carrillo, Erik G
2019-05-02 13:03     ` Burakov, Anatoly
2019-05-02 13:48       ` Carrillo, Erik G
2019-05-03 22:54 ` [dpdk-dev] [PATCH v2] " Erik Gabriel Carrillo
2019-05-07 11:03   ` Burakov, Anatoly [this message]
2019-05-07 22:04     ` Carrillo, Erik G
2019-05-08  8:49       ` Burakov, Anatoly
2019-05-08 23:01         ` Carrillo, Erik G
2019-05-09  7:44           ` Thomas Monjalon
2019-05-08 22:35   ` [dpdk-dev] [PATCH v3] " Erik Gabriel Carrillo
2019-05-09  8:29     ` Burakov, Anatoly
2019-06-05  9:33       ` Thomas Monjalon
2019-06-05  9:47         ` Burakov, Anatoly
2019-06-25 16:11     ` [dpdk-dev] [PATCH 0/2] Fix timer resource leak Anatoly Burakov
2019-07-05 13:20       ` [dpdk-dev] [PATCH v2 0/1] " Anatoly Burakov
2019-07-05 17:22         ` [dpdk-dev] [PATCH v3 " Anatoly Burakov
2019-07-05 17:22         ` [dpdk-dev] [PATCH v3 1/1] timer: fix resource leak in finalize Anatoly Burakov
2019-07-05 22:06           ` Thomas Monjalon
2019-07-05 13:20       ` [dpdk-dev] [PATCH v2 " Anatoly Burakov
2019-06-25 16:11     ` [dpdk-dev] [PATCH 1/2] eal: add internal locks for timer lib into EAL Anatoly Burakov
2019-06-27 18:41       ` Carrillo, Erik G
2019-07-04  9:09       ` David Marchand
2019-07-04 10:44         ` Burakov, Anatoly
2019-06-25 16:11     ` [dpdk-dev] [PATCH 2/2] timer: fix resource leak in finalize Anatoly Burakov
2019-06-27 18:48       ` Carrillo, Erik G
2019-07-04  9:10       ` David Marchand
2019-07-04 10:45         ` Burakov, Anatoly
2019-07-04 10:50           ` David Marchand

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7baed0b9-432f-be86-5e39-68035bc309a4@intel.com \
    --to=anatoly.burakov@intel.com \
    --cc=dev@dpdk.org \
    --cc=erik.g.carrillo@intel.com \
    --cc=rsanford@akamai.com \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.