All of lore.kernel.org
 help / color / mirror / Atom feed
From: Fam Zheng <famz@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>
Subject: [Qemu-devel] [PULL 03/17] nvme: Fix nvme_init error handling
Date: Wed, 15 Aug 2018 11:12:34 +0800	[thread overview]
Message-ID: <20180815031248.14908-4-famz@redhat.com> (raw)
In-Reply-To: <20180815031248.14908-1-famz@redhat.com>

It is wrong to leave this field as 1, as nvme_close() called in the
error handling code in nvme_file_open() will use it and try to free
s->queues again.

Another problem is the cleaning ups are duplicated between the fail*
labels of nvme_init() and nvme_file_open(), which calls nvme_close().

A third problem is nvme_close() misses g_free() and
event_notifier_cleanup().

Fix all of them.

Cc: qemu-stable@nongnu.org
Signed-off-by: Fam Zheng <famz@redhat.com>

Message-Id: <20180712025420.4932-1-famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
---
 block/nvme.c | 37 ++++++++++++-------------------------
 1 file changed, 12 insertions(+), 25 deletions(-)

diff --git a/block/nvme.c b/block/nvme.c
index 6f71122bf5..37805e8890 100644
--- a/block/nvme.c
+++ b/block/nvme.c
@@ -569,13 +569,13 @@ static int nvme_init(BlockDriverState *bs, const char *device, int namespace,
     s->vfio = qemu_vfio_open_pci(device, errp);
     if (!s->vfio) {
         ret = -EINVAL;
-        goto fail;
+        goto out;
     }
 
     s->regs = qemu_vfio_pci_map_bar(s->vfio, 0, 0, NVME_BAR_SIZE, errp);
     if (!s->regs) {
         ret = -EINVAL;
-        goto fail;
+        goto out;
     }
 
     /* Perform initialize sequence as described in NVMe spec "7.6.1
@@ -585,7 +585,7 @@ static int nvme_init(BlockDriverState *bs, const char *device, int namespace,
     if (!(cap & (1ULL << 37))) {
         error_setg(errp, "Device doesn't support NVMe command set");
         ret = -EINVAL;
-        goto fail;
+        goto out;
     }
 
     s->page_size = MAX(4096, 1 << (12 + ((cap >> 48) & 0xF)));
@@ -603,7 +603,7 @@ static int nvme_init(BlockDriverState *bs, const char *device, int namespace,
                              PRId64 " ms)",
                        timeout_ms);
             ret = -ETIMEDOUT;
-            goto fail;
+            goto out;
         }
     }
 
@@ -613,7 +613,7 @@ static int nvme_init(BlockDriverState *bs, const char *device, int namespace,
     s->queues[0] = nvme_create_queue_pair(bs, 0, NVME_QUEUE_SIZE, errp);
     if (!s->queues[0]) {
         ret = -EINVAL;
-        goto fail;
+        goto out;
     }
     QEMU_BUILD_BUG_ON(NVME_QUEUE_SIZE & 0xF000);
     s->regs->aqa = cpu_to_le32((NVME_QUEUE_SIZE << 16) | NVME_QUEUE_SIZE);
@@ -633,14 +633,14 @@ static int nvme_init(BlockDriverState *bs, const char *device, int namespace,
                              PRId64 " ms)",
                        timeout_ms);
             ret = -ETIMEDOUT;
-            goto fail_queue;
+            goto out;
         }
     }
 
     ret = qemu_vfio_pci_init_irq(s->vfio, &s->irq_notifier,
                                  VFIO_PCI_MSIX_IRQ_INDEX, errp);
     if (ret) {
-        goto fail_queue;
+        goto out;
     }
     aio_set_event_notifier(bdrv_get_aio_context(bs), &s->irq_notifier,
                            false, nvme_handle_event, nvme_poll_cb);
@@ -649,30 +649,15 @@ static int nvme_init(BlockDriverState *bs, const char *device, int namespace,
     if (local_err) {
         error_propagate(errp, local_err);
         ret = -EIO;
-        goto fail_handler;
+        goto out;
     }
 
     /* Set up command queues. */
     if (!nvme_add_io_queue(bs, errp)) {
         ret = -EIO;
-        goto fail_handler;
     }
-    return 0;
-
-fail_handler:
-    aio_set_event_notifier(bdrv_get_aio_context(bs), &s->irq_notifier,
-                           false, NULL, NULL);
-fail_queue:
-    nvme_free_queue_pair(bs, s->queues[0]);
-fail:
-    g_free(s->queues);
-    if (s->regs) {
-        qemu_vfio_pci_unmap_bar(s->vfio, 0, (void *)s->regs, 0, NVME_BAR_SIZE);
-    }
-    if (s->vfio) {
-        qemu_vfio_close(s->vfio);
-    }
-    event_notifier_cleanup(&s->irq_notifier);
+out:
+    /* Cleaning up is done in nvme_file_open() upon error. */
     return ret;
 }
 
@@ -739,8 +724,10 @@ static void nvme_close(BlockDriverState *bs)
     for (i = 0; i < s->nr_queues; ++i) {
         nvme_free_queue_pair(bs, s->queues[i]);
     }
+    g_free(s->queues);
     aio_set_event_notifier(bdrv_get_aio_context(bs), &s->irq_notifier,
                            false, NULL, NULL);
+    event_notifier_cleanup(&s->irq_notifier);
     qemu_vfio_pci_unmap_bar(s->vfio, 0, (void *)s->regs, 0, NVME_BAR_SIZE);
     qemu_vfio_close(s->vfio);
 }
-- 
2.17.1

  parent reply	other threads:[~2018-08-15  3:13 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-15  3:12 [Qemu-devel] [PULL 00/17] Block and testing patches Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 01/17] tests/vm: Only use -cpu 'host' if KVM is available Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 02/17] tests/vm: Add flex and bison to the vm image Fam Zheng
2018-08-15  3:12 ` Fam Zheng [this message]
2018-08-15  3:12 ` [Qemu-devel] [PULL 04/17] nvme: simplify plug/unplug Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 05/17] aio-posix: Don't count ctx->notifier as progress when polling Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 06/17] aio: Do aio_notify_accept only during blocking aio_poll Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 07/17] docker: Install more packages in centos7 Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 08/17] tests: Add an option for snapshot (default: off) Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 09/17] tests: Allow overriding archive path with SRC_ARCHIVE Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 10/17] tests: Add centos VM testing Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 11/17] tests: vm: Add vm-clean-all Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 12/17] tests/vm: Pass the jobs parallelism setting to 'make check' Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 13/17] tests/vm: Propagate V=1 down into the make inside the VM Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 14/17] tests/vm: Bump guest RAM up from 2G to 4G Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 15/17] tests/vm: Use make's --output-sync option Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 16/17] tests/vm: Add vm-build-all/vm-clean-all in help text Fam Zheng
2018-08-15  3:12 ` [Qemu-devel] [PULL 17/17] aio-posix: Improve comment around marking node deleted Fam Zheng
2018-08-15 15:31 ` [Qemu-devel] [PULL 00/17] Block and testing patches Peter Maydell
2018-08-15 15:35 ` Peter Maydell
2018-08-16  4:34   ` Fam Zheng

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180815031248.14908-4-famz@redhat.com \
    --to=famz@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.