RE: [PATCH 1/1] Input/Touchscreen Driver: add support AD7877touchscreen driver
From: Hennerich, Michael
Date: Tue Apr 08 2008 - 13:13:52 EST
>-----Original Message-----
>From: Dmitry Torokhov [mailto:dmitry.torokhov@xxxxxxxxx]
>Sent: Montag, 7. April 2008 22:16
>To: Bryan Wu
>Cc: linux-input@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; Michael
>Hennerich
>Subject: Re: [PATCH 1/1] Input/Touchscreen Driver: add support
>AD7877touchscreen driver
>
>Hi Bryan, Michael,
>
>On Thu, Feb 14, 2008 at 05:17:28PM +0800, Bryan Wu wrote:
>> From: Michael Hennerich <michael.hennerich@xxxxxxxxxx>
>>
>> [try #3] Changlog (Add feedback from Dmitry Torokhov):
>> - Change handling of spi_sync / spi_async return value handling
>> - Remove depreciated dev->power.power_state
>> - Fix error return path in ad7877_probe
>> - delete pending kernel timer
>> - Some minor cleanup (indention, use dev_err etc.)
>
>Sorry for the long silence... I have a couple of comments at the moment
>but I am sure i will have more ;)
>
>> +
>> + status = spi_sync(spi, &req->msg);
>> +
>> + if (status == 0)
>> + status = req->msg.status;
>> +
>> + kfree(req);
>> + return status ? status : req->sample;
>
>Use after free here.
Yeah this is definitely broken.
>
>> +
>> + ts->irq_disabled = 1;
>> + disable_irq(spi->irq);
>
>I am a bit uneasy here... do we need to wait for an async spi
completion
>here before proceeding? Overall I have some concerns about the
>irq/spi/removal/sysfs iteractions, I will need some more time to look
>through the driver.
I think you are right - let me come up with a patch.
Thanks and best regards,
Michael
>
>> + status = spi_sync(spi, &req->msg);
>> + ts->irq_disabled = 0;
>> + enable_irq(spi->irq);
>> +
>
>--
>Dmitry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/