Commit 572086325ce9 ("Drivers: hv: vmbus: Cleanup synic memory free path")
says "Any memory allocations that succeeded will be freed when the caller
cleans up by calling hv_synic_free()", but if the get_zeroed_page() in
hv_synic_alloc() fails, currently hv_synic_free() is not really called
in vmbus_bus_init(), consequently there will be a memory lead, e.g.
hv_context.hv_numa_map is not freed in the error path. Fix this by
updating the goto lables.
Cc: [email protected]
Signed-off-by: Dexuan Cui <[email protected]>
---
drivers/hv/vmbus_drv.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c
index 59eb5fad12e7..c41e6ad0cf64 100644
--- a/drivers/hv/vmbus_drv.c
+++ b/drivers/hv/vmbus_drv.c
@@ -1525,7 +1525,7 @@ static int vmbus_bus_init(void)
ret = cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "hyperv/vmbus:online",
hv_synic_init, hv_synic_cleanup);
if (ret < 0)
- goto err_cpuhp;
+ goto err_alloc;
hyperv_cpuhp_online = ret;
ret = vmbus_connect();
@@ -1577,9 +1577,8 @@ static int vmbus_bus_init(void)
err_connect:
cpuhp_remove_state(hyperv_cpuhp_online);
-err_cpuhp:
- hv_synic_free();
err_alloc:
+ hv_synic_free();
if (vmbus_irq == -1) {
hv_remove_vmbus_handler();
} else {
--
2.25.1
From: Dexuan Cui <[email protected]> Sent: Thursday, May 4, 2023 3:42 PM
>
> Commit 572086325ce9 ("Drivers: hv: vmbus: Cleanup synic memory free path")
> says "Any memory allocations that succeeded will be freed when the caller
> cleans up by calling hv_synic_free()", but if the get_zeroed_page() in
> hv_synic_alloc() fails, currently hv_synic_free() is not really called
> in vmbus_bus_init(), consequently there will be a memory lead, e.g.
s/lead/leak/
> hv_context.hv_numa_map is not freed in the error path. Fix this by
> updating the goto lables.
s/lables/labels/
The statement in commit 572086325ce9 was true at the time of that
commit. But I broke things in commit 4df4cb9e99f8. Should add a
"Fixes:" tag for 4df4cb9e99f8.
>
> Cc: [email protected]
> Signed-off-by: Dexuan Cui <[email protected]>
> ---
> drivers/hv/vmbus_drv.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c
> index 59eb5fad12e7..c41e6ad0cf64 100644
> --- a/drivers/hv/vmbus_drv.c
> +++ b/drivers/hv/vmbus_drv.c
> @@ -1525,7 +1525,7 @@ static int vmbus_bus_init(void)
> ret = cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "hyperv/vmbus:online",
> hv_synic_init, hv_synic_cleanup);
> if (ret < 0)
> - goto err_cpuhp;
> + goto err_alloc;
> hyperv_cpuhp_online = ret;
>
> ret = vmbus_connect();
> @@ -1577,9 +1577,8 @@ static int vmbus_bus_init(void)
>
> err_connect:
> cpuhp_remove_state(hyperv_cpuhp_online);
> -err_cpuhp:
> - hv_synic_free();
> err_alloc:
> + hv_synic_free();
> if (vmbus_irq == -1) {
> hv_remove_vmbus_handler();
> } else {
> --
> 2.25.1
Nits notwithstanding,
Reviewed-by: Michael Kelley <[email protected]>
> From: Michael Kelley (LINUX) <[email protected]>
> Sent: Friday, May 5, 2023 5:30 PM
> ...
> From: Dexuan Cui <[email protected]> Sent: Thursday, May 4, 2023 3:42
> PM
> >
> > Commit 572086325ce9 ("Drivers: hv: vmbus: Cleanup synic memory free
> > path")
> > says "Any memory allocations that succeeded will be freed when the caller
> > cleans up by calling hv_synic_free()", but if the get_zeroed_page() in
> > hv_synic_alloc() fails, currently hv_synic_free() is not really called
> > in vmbus_bus_init(), consequently there will be a memory lead, e.g.
>
> s/lead/leak/
Sorry for the typo. Wei, can you please help fix this?
> > hv_context.hv_numa_map is not freed in the error path. Fix this by
> > updating the goto lables.
>
> s/lables/labels/
Ditto.
> The statement in commit 572086325ce9 was true at the time of that
> commit. But I broke things in commit 4df4cb9e99f8. Should add a
> "Fixes:" tag for 4df4cb9e99f8.
I suppose Wei can help add the line:
Fixes: 4df4cb9e99f8 ("x86/hyperv: Initialize clockevents earlier in CPU onlining")
> Nits notwithstanding,
>
> Reviewed-by: Michael Kelley <[email protected]>
Thanks!
On Sat, May 06, 2023 at 02:38:04AM +0000, Dexuan Cui wrote:
> > From: Michael Kelley (LINUX) <[email protected]>
> > Sent: Friday, May 5, 2023 5:30 PM
> > ...
> > From: Dexuan Cui <[email protected]> Sent: Thursday, May 4, 2023 3:42
> > PM
> > >
> > > Commit 572086325ce9 ("Drivers: hv: vmbus: Cleanup synic memory free
> > > path")
> > > says "Any memory allocations that succeeded will be freed when the caller
> > > cleans up by calling hv_synic_free()", but if the get_zeroed_page() in
> > > hv_synic_alloc() fails, currently hv_synic_free() is not really called
> > > in vmbus_bus_init(), consequently there will be a memory lead, e.g.
> >
> > s/lead/leak/
>
> Sorry for the typo. Wei, can you please help fix this?
>
> > > hv_context.hv_numa_map is not freed in the error path. Fix this by
> > > updating the goto lables.
> >
> > s/lables/labels/
> Ditto.
>
> > The statement in commit 572086325ce9 was true at the time of that
> > commit. But I broke things in commit 4df4cb9e99f8. Should add a
> > "Fixes:" tag for 4df4cb9e99f8.
>
> I suppose Wei can help add the line:
> Fixes: 4df4cb9e99f8 ("x86/hyperv: Initialize clockevents earlier in CPU onlining")
>
> > Nits notwithstanding,
> >
> > Reviewed-by: Michael Kelley <[email protected]>
Applied to hyperv-fixes. Thanks.