Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp4592517imm;
        Mon, 30 Jul 2018 18:29:44 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdgzf3+4zHuTTO+pVT7TZMga9oUO6joRj1H7UaOvDA8knByhjyh5rd1lvdXCjHZcvJY+f5Z
X-Received: by 2002:a17:902:b594:: with SMTP id a20-v6mr18742223pls.140.1533000584859;
        Mon, 30 Jul 2018 18:29:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1533000584; cv=none;
        d=google.com; s=arc-20160816;
        b=CJJmLGHNvEF04ehZXzTp9DZm/CO6+aeU2nI6uY5AoIPc5kIDQmiL8ze/FUwY2YCfK/
         Vu/1A1/V6h8tgynxMIEyw4TtNnfuS/GgHaWU+/WEudYVN7agpL/ICUekjk5RMrFVeu1d
         4D8tIm0KU+kIVlP/vDsq8VxsscKjtfJH0yRD2MmOuqkZM9/e2napfutyp7WNuNq0xPiX
         dmkJsBeRRSscPAtphAQpz6LyX35Zzfl2UInmO4hWLv0yft5ZVlP4oh5CrRvTqTFdhqXu
         eYo+pV6sSRl1zDLr74AnfDNQmRaTR20VlTWrVvHHN13ISOwRRH8OhwKrIEG602LNimoz
         aZZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:in-reply-to
         :mime-version:user-agent:date:message-id:from:cc:references:to
         :subject:arc-authentication-results;
        bh=Jz4b5nSKND18futrLHXsyRKExB7TwaYFBr9Oeo36Lkk=;
        b=PoysyIbUbmlXngMl03jm4IUaHU+944P1UToZwlBeqyFUnDhSYL0FiBxYxMGZFjqkl3
         P7hyURPgRn39hE8t0F5R3F/XIxkgd0PK13jOXNByq9zmoWTk6rXZVjcLHTLXH30nB7TW
         EAVA+GYdArMAREDbdrZ0gRYiZ2c3GhTYefNZrb6AvtKadjGWO3vxyt7ny5c1JPQwem8h
         quskvQwZIjuvSEM5UXiAHvCD90JuzF/LHmLD83Ysdgry4EFvnQ23weC1MibZogWcZ3BZ
         ZJyRmw+4veDWui/dq5T+Tc+l1E5UASWrtSmoGPCIC+S2V3l3IJ5j0bw8F2128832U0QR
         8aDg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c125-v6si6305588pga.534.2018.07.30.18.29.30;
        Mon, 30 Jul 2018 18:29:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1732044AbeGaDGO (ORCPT <rfc822;rmelvin.vger@gmail.com>
        + 99 others); Mon, 30 Jul 2018 23:06:14 -0400
Received: from szxga06-in.huawei.com ([45.249.212.32]:51020 "EHLO huawei.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1731288AbeGaDGO (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 30 Jul 2018 23:06:14 -0400
Received: from DGGEMS405-HUB.china.huawei.com (unknown [172.30.72.59])
        by Forcepoint Email with ESMTP id CCDB6E57524DB;
        Tue, 31 Jul 2018 09:28:26 +0800 (CST)
Received: from [10.177.253.249] (10.177.253.249) by smtp.huawei.com
 (10.3.19.205) with Microsoft SMTP Server id 14.3.399.0; Tue, 31 Jul 2018
 09:28:25 +0800
Subject: Re: [V9fs-developer] [PATCH 1/2] net/9p: embed fcall in req to round
 down buffer allocs
To:     Dominique Martinet <asmadeus@codewreck.org>
References: <20180730093101.GA7894@nautica>
 <1532943263-24378-1-git-send-email-asmadeus@codewreck.org>
 <5B5FB380.1000208@huawei.com> <20180731011256.GA30388@nautica>
CC:     <v9fs-developer@lists.sourceforge.net>,
        <linux-fsdevel@vger.kernel.org>, Greg Kurz <groug@kaod.org>,
        Matthew Wilcox <willy@infradead.org>,
        <linux-kernel@vger.kernel.org>
From:   piaojun <piaojun@huawei.com>
Message-ID: <5B5FBB2B.8030008@huawei.com>
Date:   Tue, 31 Jul 2018 09:28:11 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <20180731011256.GA30388@nautica>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.177.253.249]
X-CFilter-Loop: Reflected
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 2018/7/31 9:12, Dominique Martinet wrote:
> piaojun wrote on Tue, Jul 31, 2018:
>> This is really a *big* patch, but the modification seems no harm. And I
>> suggest running testcases to cover this. Please see my comments below.
> 
> I'm always running tests, but more never hurt - please help ;)

I'm glad to help testing, and actually I'm going to run some testcases in
xfs-test for 9p.

> 
> For reference I'm running a subset of cthon04[1], ltp[2] and some custom
> tests like these[3][4]
> 
> [1] https://fedorapeople.org/cgit/steved/public_git/cthon04.git/
> [2] https://github.com/linux-test-project/ltp
> [3] https://github.com/phdeniel/sigmund/blob/master/modules/allfs.inc#L208
> [4] https://github.com/phdeniel/sigmund/blob/master/modules/allfs.inc#L251
> 
>>> [...]
>>> @@ -263,13 +261,13 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
>>>  	if (!req)
>>>  		return NULL;
>>>  
>>> -	req->tc = p9_fcall_alloc(alloc_msize);
>>> -	req->rc = p9_fcall_alloc(alloc_msize);
>>> -	if (!req->tc || !req->rc)
>>> +	if (p9_fcall_alloc(&req->tc, alloc_msize))
>>> +		goto free;
>>> +	if (p9_fcall_alloc(&req->rc, alloc_msize))
>>>  		goto free;
>>>  
>>> -	p9pdu_reset(req->tc);
>>> -	p9pdu_reset(req->rc);
>>> +	p9pdu_reset(&req->tc);
>>> +	p9pdu_reset(&req->rc);
>>>  	req->status = REQ_STATUS_ALLOC;
>>>  	init_waitqueue_head(&req->wq);
>>>  	INIT_LIST_HEAD(&req->req_list);
>>> @@ -281,7 +279,7 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
>>>  				GFP_NOWAIT);
>>>  	else
>>>  		tag = idr_alloc(&c->reqs, req, 0, P9_NOTAG, GFP_NOWAIT);
>>> -	req->tc->tag = tag;
>>> +	req->tc.tag = tag;
>>>  	spin_unlock_irq(&c->lock);
>>>  	idr_preload_end();
>>>  	if (tag < 0)
>>> @@ -290,8 +288,8 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
>>>  	return req;
>>>  
>>>  free:
>>> -	kfree(req->tc);
>>> -	kfree(req->rc);
>>> +	kfree(req->tc.sdata);
>>> +	kfree(req->rc.sdata);
>>
>> I wonder if we will free a wild pointer as 'sdata' has not been initialized NULL.
> 
> Good point, it's possible to jump here if the first fcall_alloc failed
> since this declustered the two allocations.
> 
> Please consider this added to the previous patch (I'll send a v2 after
> this has had more time for review, you can find the amended commit in my
> 9p-test tree meanwhile):
> -----8<-----------------------------
> diff --git a/net/9p/client.c b/net/9p/client.c
> index ba99a94a12c9..fe030ef1c076 100644
> --- a/net/9p/client.c
> +++ b/net/9p/client.c
> @@ -262,7 +262,7 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
>  		return NULL;
>  
>  	if (p9_fcall_alloc(&req->tc, alloc_msize))
> -		goto free;
> +		goto free_req;
>  	if (p9_fcall_alloc(&req->rc, alloc_msize))
>  		goto free;
>  
> @@ -290,6 +290,7 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
>  free:
>  	kfree(req->tc.sdata);
>  	kfree(req->rc.sdata);
> +free_req:
>  	kmem_cache_free(p9_req_cache, req);
>  	return ERR_PTR(-ENOMEM);
>  }
> -----8<-----------------------------
> 
> The second goto doesn't need changing because rc.sdata will be set to
> NULL if the allocation failed
>