Received: by 10.223.185.116 with SMTP id b49csp1125245wrg; Fri, 16 Feb 2018 12:58:37 -0800 (PST) X-Google-Smtp-Source: AH8x2274Hp8uhQSzwqHeVejjUaOrtka3cKFk7j5T1nS5XEu37f4Zu19kwDIjkklGnAsIR9DV0P/m X-Received: by 10.98.238.2 with SMTP id e2mr7298705pfi.206.1518814717653; Fri, 16 Feb 2018 12:58:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518814717; cv=none; d=google.com; s=arc-20160816; b=JrVIC5InyrTxbyNf7oe+9vDLOr86dIyxTAi2b4j/TAE0GjrthJjJsFlSZLG8a+jXhs /uLVu3wGypOacMmir4pTVk6MqL/54+2DPkShbKOW+wm96ewSFhRoZb28/WIivgwoPQ9k ba2ClMz/ETzvQUI46Mu6pj2i6M7jNFYgi3Pt/5oS01ZieM9tCPUJDMS4840rrToNxDpu YwDd8KZ7f9Gs3kzGbru1xdPBtzPYc1tJp0mGz92GL4yIBWaxpnYxqcjTsuh7OdrmRrSF GP++SybJSaBEWNl9+IZCGaHsGuFu6wwMuSoFV8H7CWr6XPI+lNMNZJQ8YdzmawI8H59W YASA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:date:cc:to:from:subject :message-id:arc-authentication-results; bh=FUlJBM5gq+nBuntWZ/wA8vBu5CGpyBLZ9ZaDH0kurHA=; b=eF5VZD91uRoplcossZB8tr6XoyzfCtec9/fQaXZKEib09484YQymF90SrYrW7YeYAc jQYggvrsd0Lcm36hehkVovKsulLcOYnQqIJ2LYQ8D7XlB+OG/hklcFuaLgrsQWK8dLMp x03GMKzFby7GRrQU2Fe1HBJvvvm22pIOeYZ2JwOrwegQetkb2x4OWDeMXwkQsLWD5ggm ho+f9a1XdjZLFKT7XPXgCnrzLPDuqayOK7e6g2zBBcqvFyFNGD3YrGaLkDrcsvWbBc4O tf7yA84hVPwt6sRNp03HscAZugzw+RdqkcVqqrxXFLWp5AdNxZkBMMSszTkPlWQZPNp9 vmlA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=codethink.co.uk Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a10si5892124pgd.623.2018.02.16.12.58.22; Fri, 16 Feb 2018 12:58:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=codethink.co.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750788AbeBPU5p (ORCPT + 99 others); Fri, 16 Feb 2018 15:57:45 -0500 Received: from imap1.codethink.co.uk ([176.9.8.82]:48135 "EHLO imap1.codethink.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750713AbeBPU5o (ORCPT ); Fri, 16 Feb 2018 15:57:44 -0500 Received: from [167.98.27.229] (helo=xylophone) by imap1.codethink.co.uk with esmtpsa (Exim 4.84_2 #1 (Debian)) id 1emn4j-0003bC-Dp; Fri, 16 Feb 2018 20:57:45 +0000 Message-ID: <1518814661.3422.42.camel@codethink.co.uk> Subject: Re: [PATCH 4.4 33/53] x86/apic/vector: Fix off by one in error path From: Ben Hutchings To: Greg Kroah-Hartman , linux-kernel@vger.kernel.org, Thomas Gleixner Cc: stable@vger.kernel.org, Keith Busch Date: Fri, 16 Feb 2018 20:57:41 +0000 In-Reply-To: <20180122083911.776154720@linuxfoundation.org> References: <20180122083910.299610926@linuxfoundation.org> <20180122083911.776154720@linuxfoundation.org> Organization: Codethink Ltd. Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.22.6-1+deb9u1 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2018-01-22 at 09:40 +0100, Greg Kroah-Hartman wrote: > 4.4-stable review patch.  If anyone has any objections, please let me know. > > ------------------ > > From: Thomas Gleixner > > commit 45d55e7bac4028af93f5fa324e69958a0b868e96 upstream. > > Keith reported the following warning: > > WARNING: CPU: 28 PID: 1420 at kernel/irq/matrix.c:222 irq_matrix_remove_managed+0x10f/0x120 >   x86_vector_free_irqs+0xa1/0x180 >   x86_vector_alloc_irqs+0x1e4/0x3a0 >   msi_domain_alloc+0x62/0x130 > > The reason for this is that if the vector allocation fails the error > handling code tries to free the failed vector as well, which causes the > above imbalance warning to trigger. > > Adjust the error path to handle this correctly. > > Fixes: b5dc8e6c21e7 ("x86/irq: Use hierarchical irqdomain to manage CPU interrupt vectors") > Reported-by: Keith Busch > Signed-off-by: Thomas Gleixner > Tested-by: Keith Busch > Cc: stable@vger.kernel.org > Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801161217300.1823@nanos > > Signed-off-by: Greg Kroah-Hartman > > --- >  arch/x86/kernel/apic/vector.c |    7 +++++-- >  1 file changed, 5 insertions(+), 2 deletions(-) > > --- a/arch/x86/kernel/apic/vector.c > +++ b/arch/x86/kernel/apic/vector.c > @@ -359,14 +359,17 @@ static int x86_vector_alloc_irqs(struct >   irq_data->chip_data = data; >   irq_data->hwirq = virq + i; >   err = assign_irq_vector_policy(virq + i, node, data, info); > - if (err) > + if (err) { > + irq_data->chip_data = NULL; > + free_apic_chip_data(data); >   goto error; This doesn't look quite right for 4.4.y (or any stable branch before 4.15.y). When virq is a legacy IRQ this function doesn't allocate "data" and shouldn't free it. Ben. > + } >   } >   >   return 0; >   >  error: > - x86_vector_free_irqs(domain, virq, i + 1); > + x86_vector_free_irqs(domain, virq, i); >   return err; >  } >   > > > -- Ben Hutchings Software Developer, Codethink Ltd.