Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp334742imu;
        Tue, 27 Nov 2018 13:10:21 -0800 (PST)
X-Google-Smtp-Source: AFSGD/VqtaWz9sOkd2+tOrW4/o4ckdgPT36uzs/zW3aMyyZHUXi3HgeMTC/IgxFITaBxSr1Z0TWx
X-Received: by 2002:a63:b649:: with SMTP id v9mr30939630pgt.436.1543353021033;
        Tue, 27 Nov 2018 13:10:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543353021; cv=none;
        d=google.com; s=arc-20160816;
        b=WP8O5a2qz7QsZqSaOLKh2Gq6swQdRThOogyaRdUE29uPv43ln/37ZzsaLotXGyQfPi
         LnkI+w04+LxB6ZAQ0U9kDYezPv01ItJEw4hIN4svIOKBQhR7CJ0cYuKBbRUpHCA8r8WL
         QGafGD1FJlJADrFK/G02BbIgSQSgKHQkRbSAj0uqJ8igl2ElRTps17jf6tp2yBNZ2d/p
         dWVpSX30LoXPGT60YyKJ1BJlxY3Gbgx8vX1d033C+nFOMRQIaMV5c8L2pL8KZMGdSJzz
         OhJ5gt6XpiJh/Hl4yuwfAiW9uEluLKhoBx9sKAll2LjEixtK+F4OFMW4Tr0gmm2UoksW
         xmQg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature;
        bh=KUzy9boHRLF79euy7oHA3NNcRBkOpPl2ovqdk+GRHnM=;
        b=dhoKle2HeYTv0dP4iiDtbu07pfsLaCI5z9yAi+toZhoZN8rSYeyh4CC0JlAErkHhTl
         6czy+KbkfvBD/xl0iwZibfWTF44POpgrlU69QLirOAJPpJpMHuyCQLgNtrWcoL9HlSdB
         c6Zid956Sd8v3VWR2KQYISxHq85cRy2pYxfePgh+3VzwcCaqLY9dKUjj2t034dk/vTkq
         413MwrU7/WL4mQDR27hD439Tg8K8awXnEFscKKzdLrrzYBeyoX/89ax+H+Z6d+7KMAeM
         qonXUkB7cIG72pZVu5nBC2ZLEfaHKgzUq+M6A303HjvrfGBcGNYXF8EC7ypNttHqWb1A
         x1oA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=m7HYtqwf;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m198si4674962pga.98.2018.11.27.13.10.05;
        Tue, 27 Nov 2018 13:10:20 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=m7HYtqwf;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726512AbeK1IIK (ORCPT <rfc822;xiaochao379261131@gmail.com>
        + 99 others); Wed, 28 Nov 2018 03:08:10 -0500
Received: from mail.kernel.org ([198.145.29.99]:44102 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726273AbeK1IIK (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 28 Nov 2018 03:08:10 -0500
Received: from localhost (c-67-164-102-47.hsd1.ca.comcast.net [67.164.102.47])
        (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 496032086B;
        Tue, 27 Nov 2018 21:08:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1543352938;
        bh=oa/ucYvyNcqNqg3rsTT8fgFZ5kTbtEyLSbFjJCWUaLQ=;
        h=Date:From:To:cc:Subject:In-Reply-To:References:From;
        b=m7HYtqwfuhEcrHZHUZobbuIvQtFtQli1We9S5y2o1X+Vtcaw/+2/XdfuIhde5XgNO
         SZUZrwkC7JtMhfeJiFMrkLkKhV8U+PO2ZZD27rh0nffe2Tmf4MUtIrhSzRW3ozImjF
         JeTptBTclfK5Ad6vh60FBGBiZS1b8qd4v7oCgVWA=
Date:   Tue, 27 Nov 2018 13:08:56 -0800 (PST)
From:   Stefano Stabellini <sstabellini@kernel.org>
X-X-Sender: sstabellini@sstabellini-ThinkPad-X260
To:     Boris Ostrovsky <boris.ostrovsky@oracle.com>
cc:     Stefano Stabellini <sstabellini@kernel.org>,
        PanBian <bianpan2016@163.com>, Juergen Gross <jgross@suse.com>,
        xen-devel@lists.xenproject.org, linux-kernel@vger.kernel.org
Subject: Re: [Xen-devel] [PATCH] pvcalls-front: fixes incorrect error
 handling
In-Reply-To: <0af126ad-1a74-e4c7-d74f-658a46757b9d@oracle.com>
Message-ID: <alpine.DEB.2.10.1811271307020.4577@sstabellini-ThinkPad-X260>
References: <1542852432-30019-1-git-send-email-bianpan2016@163.com> <1f765e81-ed89-d110-74b1-cc8029a4555f@oracle.com> <20181127005823.GB125510@bp> <alpine.DEB.2.10.1811271233550.4577@sstabellini-ThinkPad-X260>
 <0af126ad-1a74-e4c7-d74f-658a46757b9d@oracle.com>
User-Agent: Alpine 2.10 (DEB 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 27 Nov 2018, Boris Ostrovsky wrote:
> On 11/27/18 3:37 PM, Stefano Stabellini wrote:
> > On Tue, 27 Nov 2018, PanBian wrote:
> >> On Mon, Nov 26, 2018 at 03:31:39PM -0500, Boris Ostrovsky wrote:
> >>> On 11/21/18 9:07 PM, Pan Bian wrote:
> >>>> kfree() is incorrectly used to release the pages allocated by
> >>>> __get_free_page() and __get_free_pages(). Use the matching deallocators
> >>>> i.e., free_page() and free_pages(), respectively.
> >>>>
> >>>> Signed-off-by: Pan Bian <bianpan2016@163.com>
> >>>> ---
> >>>>  drivers/xen/pvcalls-front.c | 4 ++--
> >>>>  1 file changed, 2 insertions(+), 2 deletions(-)
> >>>>
> >>>> diff --git a/drivers/xen/pvcalls-front.c b/drivers/xen/pvcalls-front.c
> >>>> index 2f11ca7..77224d8 100644
> >>>> --- a/drivers/xen/pvcalls-front.c
> >>>> +++ b/drivers/xen/pvcalls-front.c
> >>>> @@ -385,8 +385,8 @@ static int create_active(struct sock_mapping *map, int *evtchn)
> >>>>  out_error:
> >>>>  	if (*evtchn >= 0)
> >>>>  		xenbus_free_evtchn(pvcalls_front_dev, *evtchn);
> >>>> -	kfree(map->active.data.in);
> >>>> -	kfree(map->active.ring);
> >>>> +	free_pages((unsigned long)map->active.data.in, PVCALLS_RING_ORDER);
> >>> Is map->active.data.in guaranteed to be NULL when entering this routine?
> >> I am not sure yet. Sorry for that. I observed the mismatches between
> >> __get_free_page and kfree, and submitted the patch.
> >>
> >> But I think your consideration is reasonable. A better solution is to
> >> directly free bytes, a local variable that holds __get_free_pages return
> >> value. If you agree, I will rewrite the patch.
> > Like Boris said, map->active.ring and map->active.data.in are not
> > guaranteed to be NULL or != NULL here. For instance,map->active.ring can
> > be != NULL and map->active.data.in can be NULL. However, free_pages and
> > free_page should be able to cope with it, the same way that kfree is
> > able to cope with it?
> 
> If map->active.data.in can be non-NULL on entry to this routine then I
> think this has been a problem all along. Pan's suggestion to use bytes
> for freeing is going to solve this (assuming bytes will be initialized
> to NULL).

Why is it a problem? map->active.data.in and map->active.ring are only
!= NULL if they need to be freed. Otherwise, they are NULL. All structs
are always initialized to zero. I don't think there are any issues.