From: Mike Larkin <mlarkin@nested.page>
Subject: Re: fix vcpu leak in vmm(4) vm_create
To: Dave Voutila <dv@sisu.io>
Cc: tech@openbsd.org, mlarkin@openbsd.org
Date: Sun, 26 Oct 2025 18:26:58 -0700

On Sun, Oct 26, 2025 at 01:15:19PM -0400, Dave Voutila wrote:
> Since the vcpu isn't attached to the list, it never gets returned to the
> pool.
>
> If vcpu_init() fails, it handles cleaning up any allocated memory and
> state in the vcpu object, so there's no need to call vcpu_deinit().
>
> ok?
>

ok mlarkin

> -dv
>
> diff a7edf25a2cbd9b978653b6181daa4d24dae9d3ba c1e59316ede7ec393e35134268a96a83f3449d4d
> commit - a7edf25a2cbd9b978653b6181daa4d24dae9d3ba
> commit + c1e59316ede7ec393e35134268a96a83f3449d4d
> blob - 237ae3cfbfa3ad64acc8a13fe788965d3776ae75
> blob + 53618f43451d6c2182eace1a08d40939c455e701
> --- sys/dev/vmm/vmm.c
> +++ sys/dev/vmm/vmm.c
> @@ -452,16 +452,17 @@ vm_create(struct vm_create_params *vcp, struct proc *p
>  	for (i = 0; i < vcp->vcp_ncpus; i++) {
>  		vcpu = pool_get(&vcpu_pool, PR_WAITOK | PR_ZERO);
>
>  		vcpu->vc_parent = vm;
>  		vcpu->vc_id = vm->vm_vcpu_ct;
>  		vm->vm_vcpu_ct++;
>  		if ((ret = vcpu_init(vcpu, vcp)) != 0) {
>  			printf("failed to init vcpu %d for vm %p\n", i, vm);
> +			pool_put(&vcpu_pool, vcpu);
>  			vm_teardown(&vm);
>  			return (ret);
>  		}
>  		/* Publish vcpu to list, inheriting the reference. */
>  		SLIST_INSERT_HEAD(&vm->vm_vcpu_list, vcpu, vc_vcpu_link);
>  	}
>
>  	/* Attempt to register the vm now that it's configured. */