Re: [PATCH] ACPI: only free map once in osl.c

[Francesco Ruggeri]

On Thu, Nov 21, 2019 at 1:19 PM Dmitry Safonov <0x7f454c46@xxxxxxxxx> wrote:
>
> Hi Francesco,
>
> I believe, there's still an issue with your patch.
>
> On Wed, 20 Nov 2019 at 05:50, Francesco Ruggeri <fruggeri@xxxxxxxxxx> wrote:
> > @@ -472,10 +477,11 @@ void acpi_os_unmap_generic_address(struct acpi_generic_address *gas)
> >                 mutex_unlock(&acpi_ioremap_lock);
> >                 return;
> >         }
> > -       acpi_os_drop_map_ref(map);
> > +       refcount = acpi_os_drop_map_ref(map);
> >         mutex_unlock(&acpi_ioremap_lock);
>
> Here comes acpi_os_get_iomem() increasing the refcount again.

Thanks Dmitry.
I think that any code that increments the refcount does so after
looking for map in acpi_ioremap under acpi_ioremap_lock,
and the process that drops the last reference removes map
from the list, also under acpi_ioremap_lock, so I am not sure
this could happen.
The synchronize_rcu_expedited in acpi_os_map_cleanup should
then take care of any other references to map (which it is my
understanding require acpi_ioremap_lock or rcu read lock).

Thanks,
Francesco