As described in the documentation for devm_input_allocate_device():
Managed input devices do not need to be explicitly unregistered or
freed as it will be done automatically when owner device unbinds from
its driver (or binding fails).
However this driver was explicitly freeing the input device.
Remove the calls to input_free_device() to avoid a possible double free
error.
Fixes: 5ede7f0cfb93f ("Input: goodix - add pen support")
Signed-off-by: José Expósito <[email protected]>
---
drivers/input/touchscreen/goodix.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/drivers/input/touchscreen/goodix.c b/drivers/input/touchscreen/goodix.c
index 752e8ba4fecb..61eb69f3a259 100644
--- a/drivers/input/touchscreen/goodix.c
+++ b/drivers/input/touchscreen/goodix.c
@@ -308,10 +308,8 @@ static struct input_dev *goodix_create_pen_input(struct goodix_ts_data *ts)
return NULL;
input_alloc_absinfo(input);
- if (!input->absinfo) {
- input_free_device(input);
+ if (!input->absinfo)
return NULL;
- }
input->absinfo[ABS_X] = ts->input_dev->absinfo[ABS_MT_POSITION_X];
input->absinfo[ABS_Y] = ts->input_dev->absinfo[ABS_MT_POSITION_Y];
@@ -340,10 +338,8 @@ static struct input_dev *goodix_create_pen_input(struct goodix_ts_data *ts)
input->id.product = 0x1001;
input->id.version = ts->version;
- if (input_register_device(input) != 0) {
- input_free_device(input);
+ if (input_register_device(input) != 0)
return NULL;
- }
return input;
}
--
2.25.1
As described in the documentation for devm_input_allocate_device():
Managed input devices do not need to be explicitly unregistered or
freed as it will be done automatically when owner device unbinds from
its driver (or binding fails).
However this driver was explicitly freeing the input device, allocated
using devm_input_allocate_device() through wacom_allocate_input().
Remove the calls to input_free_device() to avoid a possible double free
error.
Fixes: d2d13f18aaa51 ("Input: wacom - create a separate input device for pads")
Signed-off-by: José Expósito <[email protected]>
---
drivers/hid/wacom_sys.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/drivers/hid/wacom_sys.c b/drivers/hid/wacom_sys.c
index 066c567dbaa2..164c0f7cb796 100644
--- a/drivers/hid/wacom_sys.c
+++ b/drivers/hid/wacom_sys.c
@@ -2098,7 +2098,6 @@ static int wacom_register_inputs(struct wacom *wacom)
error = wacom_setup_pen_input_capabilities(pen_input_dev, wacom_wac);
if (error) {
/* no pen in use on this interface */
- input_free_device(pen_input_dev);
wacom_wac->pen_input = NULL;
pen_input_dev = NULL;
} else {
@@ -2110,7 +2109,6 @@ static int wacom_register_inputs(struct wacom *wacom)
error = wacom_setup_touch_input_capabilities(touch_input_dev, wacom_wac);
if (error) {
/* no touch in use on this interface */
- input_free_device(touch_input_dev);
wacom_wac->touch_input = NULL;
touch_input_dev = NULL;
} else {
@@ -2122,7 +2120,6 @@ static int wacom_register_inputs(struct wacom *wacom)
error = wacom_setup_pad_input_capabilities(pad_input_dev, wacom_wac);
if (error) {
/* no pad in use on this interface */
- input_free_device(pad_input_dev);
wacom_wac->pad_input = NULL;
pad_input_dev = NULL;
} else {
--
2.25.1
Hi,
On 4/22/22 18:17, José Expósito wrote:
> As described in the documentation for devm_input_allocate_device():
>
> Managed input devices do not need to be explicitly unregistered or
> freed as it will be done automatically when owner device unbinds from
> its driver (or binding fails).
>
> However this driver was explicitly freeing the input device, allocated
> using devm_input_allocate_device() through wacom_allocate_input().
>
> Remove the calls to input_free_device() to avoid a possible double free
> error.
Actually calling input_free_device() on a devm allocated input device
is fine. The input subsystem has chosen to not have a
separate devm_input_free_device(), instead input_free_device() knows
if a device is allocated through devm and then also frees the devres
tied to it:
void input_free_device(struct input_dev *dev)
{
if (dev) {
if (dev->devres_managed)
WARN_ON(devres_destroy(dev->dev.parent,
devm_input_device_release,
devm_input_device_match,
dev));
input_put_device(dev);
}
}
So there is no need for this patch.
Regards,
Hans
>
> Fixes: d2d13f18aaa51 ("Input: wacom - create a separate input device for pads")
> Signed-off-by: José Expósito <[email protected]>
> ---
> drivers/hid/wacom_sys.c | 3 ---
> 1 file changed, 3 deletions(-)
>
> diff --git a/drivers/hid/wacom_sys.c b/drivers/hid/wacom_sys.c
> index 066c567dbaa2..164c0f7cb796 100644
> --- a/drivers/hid/wacom_sys.c
> +++ b/drivers/hid/wacom_sys.c
> @@ -2098,7 +2098,6 @@ static int wacom_register_inputs(struct wacom *wacom)
> error = wacom_setup_pen_input_capabilities(pen_input_dev, wacom_wac);
> if (error) {
> /* no pen in use on this interface */
> - input_free_device(pen_input_dev);
> wacom_wac->pen_input = NULL;
> pen_input_dev = NULL;
> } else {
> @@ -2110,7 +2109,6 @@ static int wacom_register_inputs(struct wacom *wacom)
> error = wacom_setup_touch_input_capabilities(touch_input_dev, wacom_wac);
> if (error) {
> /* no touch in use on this interface */
> - input_free_device(touch_input_dev);
> wacom_wac->touch_input = NULL;
> touch_input_dev = NULL;
> } else {
> @@ -2122,7 +2120,6 @@ static int wacom_register_inputs(struct wacom *wacom)
> error = wacom_setup_pad_input_capabilities(pad_input_dev, wacom_wac);
> if (error) {
> /* no pad in use on this interface */
> - input_free_device(pad_input_dev);
> wacom_wac->pad_input = NULL;
> pad_input_dev = NULL;
> } else {
Hi José,
On 4/22/22 18:17, José Expósito wrote:
> As described in the documentation for devm_input_allocate_device():
>
> Managed input devices do not need to be explicitly unregistered or
> freed as it will be done automatically when owner device unbinds from
> its driver (or binding fails).
>
> However this driver was explicitly freeing the input device.
>
> Remove the calls to input_free_device() to avoid a possible double free
> error.
>
> Fixes: 5ede7f0cfb93f ("Input: goodix - add pen support")
> Signed-off-by: José Expósito <[email protected]>
> ---
> drivers/input/touchscreen/goodix.c | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/input/touchscreen/goodix.c b/drivers/input/touchscreen/goodix.c
> index 752e8ba4fecb..61eb69f3a259 100644
> --- a/drivers/input/touchscreen/goodix.c
> +++ b/drivers/input/touchscreen/goodix.c
> @@ -308,10 +308,8 @@ static struct input_dev *goodix_create_pen_input(struct goodix_ts_data *ts)
> return NULL;
>
> input_alloc_absinfo(input);
> - if (!input->absinfo) {
> - input_free_device(input);
> + if (!input->absinfo)
> return NULL;
> - }
>
> input->absinfo[ABS_X] = ts->input_dev->absinfo[ABS_MT_POSITION_X];
> input->absinfo[ABS_Y] = ts->input_dev->absinfo[ABS_MT_POSITION_Y];
I don't know what tree you've based this on, but the above code has been replaced
with the new input_copy_abs helper in Linus' current master branch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/input/touchscreen/goodix.c#n310
> @@ -340,10 +338,8 @@ static struct input_dev *goodix_create_pen_input(struct goodix_ts_data *ts)
> input->id.product = 0x1001;
> input->id.version = ts->version;
>
> - if (input_register_device(input) != 0) {
> - input_free_device(input);
> + if (input_register_device(input) != 0)
> return NULL;
> - }
>
> return input;
> }
And this code has also already been fixed, so this patch can be dropped.
Regards,
Hans