On Mon, 2025-08-11 at 20:39 +0800, Qianfeng Rong wrote:
> The 'backedge' pointer is allocated with kzalloc(), which returns
> physically contiguous memory. Using kvfree() to deallocate such
> memory is functionally safe but semantically incorrect.
>
> Replace kvfree() with kfree() to avoid unnecessary is_vmalloc_addr()
> check in kvfree().
>
> Signed-off-by: Qianfeng Rong <rongqianfeng@xxxxxxxx>
> ---
Acked-by: Eduard Zingerman <eddyz87@xxxxxxxxx>
> kernel/bpf/verifier.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index c4f69a9e9af6..4e5de1ff7e30 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -19553,7 +19553,7 @@ static int is_state_visited(struct bpf_verifier_env *env, int insn_idx)
> err = err ?: add_scc_backedge(env, &sl->state, backedge);
> if (err) {
> free_verifier_state(&backedge->state, false);
> - kvfree(backedge);
> + kfree(backedge);
The backedge encapsulates verifier state, verifier states are
allocated using kzalloc() and freed using kfreed() in other places in
verifier.c => I think this patch is valid.
> return err;
> }
> }
