From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751720AbcGRPVp (ORCPT ); Mon, 18 Jul 2016 11:21:45 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:63009 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751265AbcGRPVk (ORCPT ); Mon, 18 Jul 2016 11:21:40 -0400 X-IBM-Helo: d06dlp01.portsmouth.uk.ibm.com X-IBM-MailFrom: cornelia.huck@de.ibm.com X-IBM-RcptTo: linux-kernel@vger.kernel.org Date: Mon, 18 Jul 2016 17:21:28 +0200 From: Cornelia Huck To: Minfei Huang Cc: mst@redhat.com, virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, fanc.fnst@cn.fujitsu.com, Minfei Huang , Minfei Huang Subject: Re: [PATCH v2] virtio_blk: Fix a slient kernel panic In-Reply-To: <1468850489-40157-1-git-send-email-mnghuan@gmail.com> References: <1468850489-40157-1-git-send-email-mnghuan@gmail.com> Organization: IBM Deutschland Research & Development GmbH Vorsitzende des Aufsichtsrats: Martina Koederitz =?UTF-8?B?R2VzY2jDpGZ0c2bDvGhydW5nOg==?= Dirk Wittkopp Sitz der Gesellschaft: =?UTF-8?B?QsO2Ymxpbmdlbg==?= Registergericht: Amtsgericht Stuttgart, HRB 243294 X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.23; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16071815-0020-0000-0000-0000022025A5 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 16071815-0021-0000-0000-00003D17AA8C Message-Id: <20160718172128.5b8c10b1.cornelia.huck@de.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2016-07-18_07:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1607180170 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 18 Jul 2016 22:01:29 +0800 Minfei Huang wrote: > We do a lot of memory allocation in function init_vq, and don't handle > the allocation failure properly. Then this function will return 0, > although initialization fails due to lacking memory. At that moment, > kernel will panic in guest machine, if virtio is used to drive disk. > > To fix this bug, we should take care of allocation failure, and return > correct value to let caller know what happen. > > Tested-by: Chao Fan > Signed-off-by: Minfei Huang > Signed-off-by: Minfei Huang > --- > v1: > - Refactor the patch to make code more readable > --- > drivers/block/virtio_blk.c | 32 +++++++++++--------------------- > 1 file changed, 11 insertions(+), 21 deletions(-) > > diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c > index 42758b5..d920512 100644 > --- a/drivers/block/virtio_blk.c > +++ b/drivers/block/virtio_blk.c > @@ -381,9 +381,9 @@ static int init_vq(struct virtio_blk *vblk) > { > int err = 0; > int i; > - vq_callback_t **callbacks; > - const char **names; > - struct virtqueue **vqs; > + vq_callback_t **callbacks = NULL; > + const char **names = NULL; > + struct virtqueue **vqs = NULL; If you init the variables to NULL anyway... > unsigned short num_vqs; > struct virtio_device *vdev = vblk->vdev; > > @@ -394,22 +394,16 @@ static int init_vq(struct virtio_blk *vblk) > num_vqs = 1; > ...just do err = -ENOMEM; here and... > vblk->vqs = kmalloc(sizeof(*vblk->vqs) * num_vqs, GFP_KERNEL); > - if (!vblk->vqs) { > - err = -ENOMEM; > - goto out; > - } > + if (!vblk->vqs) > + return -ENOMEM; > > names = kmalloc(sizeof(*names) * num_vqs, GFP_KERNEL); > - if (!names) > - goto err_names; > - > callbacks = kmalloc(sizeof(*callbacks) * num_vqs, GFP_KERNEL); > - if (!callbacks) > - goto err_callbacks; > - > vqs = kmalloc(sizeof(*vqs) * num_vqs, GFP_KERNEL); > - if (!vqs) > - goto err_vqs; > + if (!names || !callbacks || !vqs) { > + err = -ENOMEM; > + goto out; > + } ...you could use the foo = kmalloc(...); if (!foo) goto out; sequence in any case. This avoids trying again and again if e.g. the names allocation already failed. Alternatively, you should be fine if you don't init the variables to NULL: The code is now either taking an early exit or setting all of the variables anyway.