genirq/matrix: Prevent allocation counter corruption

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When irq_matrix_free() is called for an unallocated vector the
managed_allocated and total_allocated counters get out of sync with the
real state of the matrix. Later, when the last interrupt is freed, these
counters will underflow resulting in UINTMAX because the counters are
unsigned.

While this is certainly a problem of the calling code, this can be catched
in the allocator by checking the allocation bit for the to be freed vector
which simplifies debugging.

An example of the problem described above:
https://lore.kernel.org/lkml/20210318192819.636943062@linutronix.de/

Add the missing sanity check and emit a warning when it triggers.

Suggested-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20210319111823.1105248-1-vkuznets@redhat.com

authored by

Vitaly Kuznetsov and committed by

Thomas Gleixner 5 years ago c93a5e20 2c6b0218

+3 -1

1 changed file

expand all

kernel

irq

matrix.c

+3 -1

kernel/irq/matrix.c

··· 422 422 if (WARN_ON_ONCE(bit < m->alloc_start || bit >= m->alloc_end)) 423 423 return; 424 424 425 - clear_bit(bit, cm->alloc_map); 425 + if (WARN_ON_ONCE(!test_and_clear_bit(bit, cm->alloc_map))) 426 + return; 427 + 426 428 cm->allocated--; 427 429 if(managed) 428 430 cm->managed_allocated--;