The call to of_find_compatible_node() returns irqc_node with refcount
incremented thus it must be explicitly decremented here after it was
checked for non-NULL.
Signed-off-by: Nicholas Mc Guire <[email protected]>
Fixes: commit 72ee8626eeb1 ("staging: board: Add support for translating hwirq to virq numbers")
---
Problem located with an experimental coccinelle script
Patch was compile-tested with: x86_64_defconfig + STAGING=y, STAGING_BOARD=y
Patch is against 4.18-rc1 (localversion-next is next-20180618)
drivers/staging/board/board.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/staging/board/board.c b/drivers/staging/board/board.c
index cb6feb3..8ee48e5 100644
--- a/drivers/staging/board/board.c
+++ b/drivers/staging/board/board.c
@@ -64,12 +64,13 @@ int __init board_staging_gic_setup_xlate(const char *gic_match,
irqc_node = of_find_compatible_node(NULL, NULL, gic_match);
WARN_ON(!irqc_node);
if (!irqc_node)
return -ENOENT;
+ of_node_put(irqc_node);
irqc_base = base;
return 0;
}
static void __init gic_fixup_resource(struct resource *res)
{
--
2.1.4
On Mon, Jun 18, 2018 at 08:53:19PM +0200, Nicholas Mc Guire wrote:
> The call to of_find_compatible_node() returns irqc_node with refcount
> incremented thus it must be explicitly decremented here after it was
> checked for non-NULL.
>
> Signed-off-by: Nicholas Mc Guire <[email protected]>
> Fixes: commit 72ee8626eeb1 ("staging: board: Add support for translating hwirq to virq numbers")
> ---
>
> Problem located with an experimental coccinelle script
>
> Patch was compile-tested with: x86_64_defconfig + STAGING=y, STAGING_BOARD=y
>
> Patch is against 4.18-rc1 (localversion-next is next-20180618)
>
> drivers/staging/board/board.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/staging/board/board.c b/drivers/staging/board/board.c
> index cb6feb3..8ee48e5 100644
> --- a/drivers/staging/board/board.c
> +++ b/drivers/staging/board/board.c
> @@ -64,12 +64,13 @@ int __init board_staging_gic_setup_xlate(const char *gic_match,
> irqc_node = of_find_compatible_node(NULL, NULL, gic_match);
>
> WARN_ON(!irqc_node);
> if (!irqc_node)
> return -ENOENT;
>
> + of_node_put(irqc_node);
I don't feel like this is the right thing... We should keep the
reference until we're done with it. Which apparently is never?
But I don't know the code at all so I could be wrong.
regards,
dan carpenter
On Tue, Jun 19, 2018 at 9:37 AM Dan Carpenter <[email protected]> wrote:
> On Mon, Jun 18, 2018 at 08:53:19PM +0200, Nicholas Mc Guire wrote:
> > The call to of_find_compatible_node() returns irqc_node with refcount
> > incremented thus it must be explicitly decremented here after it was
> > checked for non-NULL.
> >
> > Signed-off-by: Nicholas Mc Guire <[email protected]>
> > Fixes: commit 72ee8626eeb1 ("staging: board: Add support for translating hwirq to virq numbers")
> > ---
> >
> > Problem located with an experimental coccinelle script
> >
> > Patch was compile-tested with: x86_64_defconfig + STAGING=y, STAGING_BOARD=y
> >
> > Patch is against 4.18-rc1 (localversion-next is next-20180618)
> >
> > drivers/staging/board/board.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/drivers/staging/board/board.c b/drivers/staging/board/board.c
> > index cb6feb3..8ee48e5 100644
> > --- a/drivers/staging/board/board.c
> > +++ b/drivers/staging/board/board.c
> > @@ -64,12 +64,13 @@ int __init board_staging_gic_setup_xlate(const char *gic_match,
> > irqc_node = of_find_compatible_node(NULL, NULL, gic_match);
> >
> > WARN_ON(!irqc_node);
> > if (!irqc_node)
> > return -ENOENT;
> >
> > + of_node_put(irqc_node);
>
> I don't feel like this is the right thing... We should keep the
> reference until we're done with it. Which apparently is never?
Indeed. The reference must not be released in this function, as it's stored in
a global variable, and used later.
As all users are __init, it could be released when the init section is freeed,
in theory, but there's no callback for that.
Hence:
NAKed-by: Geert Uytterhoeven <[email protected]>
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
On Tue, Jun 19, 2018 at 09:51:44AM +0200, Geert Uytterhoeven wrote:
> On Tue, Jun 19, 2018 at 9:37 AM Dan Carpenter <[email protected]> wrote:
> > On Mon, Jun 18, 2018 at 08:53:19PM +0200, Nicholas Mc Guire wrote:
> > > The call to of_find_compatible_node() returns irqc_node with refcount
> > > incremented thus it must be explicitly decremented here after it was
> > > checked for non-NULL.
> > >
> > > Signed-off-by: Nicholas Mc Guire <[email protected]>
> > > Fixes: commit 72ee8626eeb1 ("staging: board: Add support for translating hwirq to virq numbers")
> > > ---
> > >
> > > Problem located with an experimental coccinelle script
> > >
> > > Patch was compile-tested with: x86_64_defconfig + STAGING=y, STAGING_BOARD=y
> > >
> > > Patch is against 4.18-rc1 (localversion-next is next-20180618)
> > >
> > > drivers/staging/board/board.c | 1 +
> > > 1 file changed, 1 insertion(+)
> > >
> > > diff --git a/drivers/staging/board/board.c b/drivers/staging/board/board.c
> > > index cb6feb3..8ee48e5 100644
> > > --- a/drivers/staging/board/board.c
> > > +++ b/drivers/staging/board/board.c
> > > @@ -64,12 +64,13 @@ int __init board_staging_gic_setup_xlate(const char *gic_match,
> > > irqc_node = of_find_compatible_node(NULL, NULL, gic_match);
> > >
> > > WARN_ON(!irqc_node);
> > > if (!irqc_node)
> > > return -ENOENT;
> > >
> > > + of_node_put(irqc_node);
> >
> > I don't feel like this is the right thing... We should keep the
> > reference until we're done with it. Which apparently is never?
>
> Indeed. The reference must not be released in this function, as it's stored in
> a global variable, and used later.
yup - I had simply interpreted this incorrectly as checking only and
overlooked that this was a global variable.
>
> As all users are __init, it could be released when the init section is freeed,
> in theory, but there's no callback for that.
>
> Hence:
> NAKed-by: Geert Uytterhoeven <[email protected]>
>
thanks for the clarification - sorry for the noise.
thx
hofrat