* Fix misplaced kfree from xlated_setup_gnttab_pages
[not found] <20140123064242.09E68660D05@gitolite.kernel.org>
@ 2014-01-24 18:31 ` Dave Jones
2014-01-24 18:46 ` Konrad Rzeszutek Wilk
0 siblings, 1 reply; 3+ messages in thread
From: Dave Jones @ 2014-01-24 18:31 UTC (permalink / raw)
To: Linux Kernel Mailing List; +Cc: konrad.wilk
Passing a freed 'pages' to free_xenballooned_pages will end badly
on kernels with slub debug enabled.
This looks out of place between the rc assign and the check, and
was likely a cut-and-paste error.
Signed-off-by: Dave Jones <davej@fedoraproject.org>
diff --git a/arch/x86/xen/grant-table.c b/arch/x86/xen/grant-table.c
index 103c93f874b2..28990cc97304 100644
--- a/arch/x86/xen/grant-table.c
+++ b/arch/x86/xen/grant-table.c
@@ -161,12 +161,11 @@ static int __init xlated_setup_gnttab_pages(void)
rc = arch_gnttab_map_shared(pfns, nr_grant_frames, nr_grant_frames,
&xen_auto_xlat_grant_frames.vaddr);
-
- kfree(pages);
if (rc) {
pr_warn("%s Couldn't map %ld pfns rc:%d\n", __func__,
nr_grant_frames, rc);
free_xenballooned_pages(nr_grant_frames, pages);
+ kfree(pages);
kfree(pfns);
return rc;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: Fix misplaced kfree from xlated_setup_gnttab_pages
2014-01-24 18:31 ` Fix misplaced kfree from xlated_setup_gnttab_pages Dave Jones
@ 2014-01-24 18:46 ` Konrad Rzeszutek Wilk
2014-01-24 18:48 ` Dave Jones
0 siblings, 1 reply; 3+ messages in thread
From: Konrad Rzeszutek Wilk @ 2014-01-24 18:46 UTC (permalink / raw)
To: Dave Jones, Linux Kernel Mailing List
Cc: boris.ostrovsky, david.vrabel, xen-devel
On Fri, Jan 24, 2014 at 01:31:14PM -0500, Dave Jones wrote:
> Passing a freed 'pages' to free_xenballooned_pages will end badly
> on kernels with slub debug enabled.
Ouch.
>
> This looks out of place between the rc assign and the check, and
> was likely a cut-and-paste error.
>
> Signed-off-by: Dave Jones <davej@fedoraproject.org>
>
> diff --git a/arch/x86/xen/grant-table.c b/arch/x86/xen/grant-table.c
> index 103c93f874b2..28990cc97304 100644
> --- a/arch/x86/xen/grant-table.c
> +++ b/arch/x86/xen/grant-table.c
> @@ -161,12 +161,11 @@ static int __init xlated_setup_gnttab_pages(void)
>
> rc = arch_gnttab_map_shared(pfns, nr_grant_frames, nr_grant_frames,
> &xen_auto_xlat_grant_frames.vaddr);
> -
> - kfree(pages);
> if (rc) {
> pr_warn("%s Couldn't map %ld pfns rc:%d\n", __func__,
> nr_grant_frames, rc);
> free_xenballooned_pages(nr_grant_frames, pages);
> + kfree(pages);
> kfree(pfns);
> return rc;
> }
Actually it should also be freed on the success path, as so:
I can squash it in, if you are OK with that?
diff --git a/arch/x86/xen/grant-table.c b/arch/x86/xen/grant-table.c
index 103c93f..c985835 100644
--- a/arch/x86/xen/grant-table.c
+++ b/arch/x86/xen/grant-table.c
@@ -162,14 +162,15 @@ static int __init xlated_setup_gnttab_pages(void)
rc = arch_gnttab_map_shared(pfns, nr_grant_frames, nr_grant_frames,
&xen_auto_xlat_grant_frames.vaddr);
- kfree(pages);
if (rc) {
pr_warn("%s Couldn't map %ld pfns rc:%d\n", __func__,
nr_grant_frames, rc);
free_xenballooned_pages(nr_grant_frames, pages);
+ kfree(pages);
kfree(pfns);
return rc;
}
+ kfree(pages);
xen_auto_xlat_grant_frames.pfn = pfns;
xen_auto_xlat_grant_frames.count = nr_grant_frames;
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: Fix misplaced kfree from xlated_setup_gnttab_pages
2014-01-24 18:46 ` Konrad Rzeszutek Wilk
@ 2014-01-24 18:48 ` Dave Jones
0 siblings, 0 replies; 3+ messages in thread
From: Dave Jones @ 2014-01-24 18:48 UTC (permalink / raw)
To: Konrad Rzeszutek Wilk
Cc: Linux Kernel Mailing List, boris.ostrovsky, david.vrabel, xen-devel
On Fri, Jan 24, 2014 at 01:46:55PM -0500, Konrad Rzeszutek Wilk wrote:
> Actually it should also be freed on the success path, as so:
>
> I can squash it in, if you are OK with that?
Looks good to me.
thanks,
Dave
> diff --git a/arch/x86/xen/grant-table.c b/arch/x86/xen/grant-table.c
> index 103c93f..c985835 100644
> --- a/arch/x86/xen/grant-table.c
> +++ b/arch/x86/xen/grant-table.c
> @@ -162,14 +162,15 @@ static int __init xlated_setup_gnttab_pages(void)
> rc = arch_gnttab_map_shared(pfns, nr_grant_frames, nr_grant_frames,
> &xen_auto_xlat_grant_frames.vaddr);
>
> - kfree(pages);
> if (rc) {
> pr_warn("%s Couldn't map %ld pfns rc:%d\n", __func__,
> nr_grant_frames, rc);
> free_xenballooned_pages(nr_grant_frames, pages);
> + kfree(pages);
> kfree(pfns);
> return rc;
> }
> + kfree(pages);
>
> xen_auto_xlat_grant_frames.pfn = pfns;
> xen_auto_xlat_grant_frames.count = nr_grant_frames;
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-01-24 18:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20140123064242.09E68660D05@gitolite.kernel.org>
2014-01-24 18:31 ` Fix misplaced kfree from xlated_setup_gnttab_pages Dave Jones
2014-01-24 18:46 ` Konrad Rzeszutek Wilk
2014-01-24 18:48 ` Dave Jones
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).