On 03-May-19 11:54 PM, Erik Gabriel Carrillo wrote:
The finalize function should free the memzone created in the init
function, rather than freeing the allocation the memzone references,
otherwise a memzone descriptor can be leaked.
Fixes: c0749f7096c7 ("timer: allow management in shared memory")
Signed-off-by: Erik Gabriel Carrillo <erik.g.carri...@intel.com>
---
changes in v2:
- Handle scenario where primary process exits before secondaries such
that memzone is not freed early (Anatoly)
lib/librte_timer/rte_timer.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/lib/librte_timer/rte_timer.c b/lib/librte_timer/rte_timer.c
index eb46009..4771287 100644
--- a/lib/librte_timer/rte_timer.c
+++ b/lib/librte_timer/rte_timer.c
@@ -60,6 +60,8 @@ struct rte_timer_data {
};
#define RTE_MAX_DATA_ELS 64
+static const struct rte_memzone *rte_timer_data_mz;
+static rte_atomic16_t *rte_timer_mz_refcnt;
static struct rte_timer_data *rte_timer_data_arr;
static const uint32_t default_data_id;
static uint32_t rte_timer_subsystem_initialized;
@@ -155,6 +157,7 @@ rte_timer_subsystem_init_v1905(void)
struct rte_timer_data *data;
int i, lcore_id;
static const char *mz_name = "rte_timer_mz";
+ size_t data_arr_size = RTE_MAX_DATA_ELS * sizeof(*rte_timer_data_arr);
nitpicking, but... const?
if (rte_timer_subsystem_initialized)
return -EALREADY;
@@ -164,10 +167,14 @@ rte_timer_subsystem_init_v1905(void)
if (mz == NULL)
return -EEXIST;
+ rte_timer_data_mz = mz;
rte_timer_data_arr = mz->addr;
+ rte_timer_mz_refcnt =
+ (void *)((char *)mz->addr + data_arr_size);
rte_timer_data_arr[default_data_id].internal_flags |=
FL_ALLOCATED;
+ rte_atomic16_inc(rte_timer_mz_refcnt);
rte_timer_subsystem_initialized = 1;
@@ -175,12 +182,15 @@ rte_timer_subsystem_init_v1905(void)
}
mz = rte_memzone_reserve_aligned(mz_name,
- RTE_MAX_DATA_ELS * sizeof(*rte_timer_data_arr),
+ data_arr_size + sizeof(*rte_timer_mz_refcnt),
SOCKET_ID_ANY, 0, RTE_CACHE_LINE_SIZE);
if (mz == NULL)
return -ENOMEM;
+ rte_timer_data_mz = mz;
rte_timer_data_arr = mz->addr;
+ rte_timer_mz_refcnt = (void *)((char *)mz->addr + data_arr_size);
+ rte_atomic16_init(rte_timer_mz_refcnt);
for (i = 0; i < RTE_MAX_DATA_ELS; i++) {
data = &rte_timer_data_arr[i];
@@ -193,6 +203,7 @@ rte_timer_subsystem_init_v1905(void)
}
rte_timer_data_arr[default_data_id].internal_flags |= FL_ALLOCATED;
+ rte_atomic16_inc(rte_timer_mz_refcnt);
rte_timer_subsystem_initialized = 1;
@@ -205,8 +216,11 @@ BIND_DEFAULT_SYMBOL(rte_timer_subsystem_init, _v1905, 19.05);
void __rte_experimental
rte_timer_subsystem_finalize(void)
{
- if (rte_timer_data_arr)
- rte_free(rte_timer_data_arr);
+ if (!rte_timer_subsystem_initialized)
+ return;
+
+ if (rte_atomic16_dec_and_test(rte_timer_mz_refcnt))
+ rte_memzone_free(rte_timer_data_mz);
I think there's a race here. You may get preempted after test but before
free, where another secondary could initialize. As far as i know, we
also support a case when secondary initializes after primary stops running.
Let's even suppose that we allow secondary processes to initialize the
timer subsystem by reserving memzone and checking rte_errno. You would
still have a chance of two init/deinit conflicting, because there's a
hole between memzone allocation and atomic increment.
I don't think this race can be resolved in a safe way, so we might just
have to settle for a memory leak.
rte_timer_subsystem_initialized = 0;
}
--
Thanks,
Anatoly
