On Tue, Sep 14, 2021 at 11:01:31AM -0700, Linus Torvalds wrote: > On Tue, Sep 14, 2021 at 7:56 AM Steven Rostedt <rostedt@xxxxxxxxxxx> wrote: > > > > A couple of memory management fixes to the bootconfig code > > These may be fixes, but they are too ugly to merit the tiny > theoretical leak fix. > > All of these are just plain wrong: > > > +static void *init_xbc_data_copy __initdata; > > +static phys_addr_t init_xbc_data_size __initdata; > > + init_xbc_data_copy = copy; > > + init_xbc_data_size = size + 1; > > + memblock_free(__pa(init_xbc_data_copy), init_xbc_data_size); > > because the xbc code already saves these as xbc_data/xbc_data_size and > that final free should just be done in xbc_destroy_all(). > > So this fix is pointlessly ugly to begin with. > > But what I _really_ ended up reacting to was that > > > + memblock_free(__pa(copy), size + 1); > > where that "copy" was allocated with > > copy = memblock_alloc(size + 1, SMP_CACHE_BYTES); > > so it should damn well be free'd without any crazy "__pa()" games. > > This is a memblock interface bug, plain and simple. > > Mike - this craziness needs to just be fixed. If memblock_alloc() > returns a virtual address, then memblock_free() should take one. Yep, it was on my todo list. But since it was like this for years with both memblock and bootmem I didn't prioritise this. > Let's just get these interfaces fixed. It might be as simple as having > a "memblock_free_phys()" interface, and doing a search-and-replace > with coccinelle of > > memblock_free(__pa(xyz), .. -> memblock_free(xyz, ... > memblock_free(other, .. -> memblock_free_phys(other, .. > > and adding the (trivial) internal helper functions to memblock, > instead of making the atcual _users_ of memblock do insanely stupid > and confusing things. I've done the automated search and replace, with several fixups here and there, so there is now memblock_phys_free(phys_addr_t addr) to match memblock_phys_alloc() and memblock_free(void *ptr) to match memblock_alloc(). The initial version is in memblock tree https://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock.git/log/?h=memblock_free-cleanup/v0 I'm waiting for robots to run the builds before posting. While doing the replacement I've found one mismatch in Xen code which used memblock_free() to free a virtual pointer, but except that users seem to do the correct thing, even if it is ugly __pa() conversions. -- Sincerely yours, Mike.
