Re: [PATCH v1 3/7] powercap/dtpm: Fixup kfree for virtual node

From: Daniel Lezcano
Date: Thu Feb 17 2022 - 08:54:31 EST

Next message: Dan Carpenter: "[intel-tdx:guest-rebased 120/133] drivers/acpi/svkl.c:164 acpi_svkl_init() warn: '&acpi_svkl_dev' not released on lines: 157."
Previous message: Jiaxin Yu: "Re: [PATCH 10/15] ASoC: mediatek: mt8186: add platform driver"
In reply to: Ulf Hansson: "Re: [PATCH v1 3/7] powercap/dtpm: Fixup kfree for virtual node"
Next in thread: Ulf Hansson: "Re: [PATCH v1 3/7] powercap/dtpm: Fixup kfree for virtual node"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 17/02/2022 14:17, Ulf Hansson wrote:

On Wed, 16 Feb 2022 at 19:10, Daniel Lezcano <daniel.lezcano@xxxxxxxxxx> wrote:

On 16/02/2022 17:22, Ulf Hansson wrote:

On Sun, 30 Jan 2022 at 22:02, Daniel Lezcano <daniel.lezcano@xxxxxxxxxx> wrote:

When the node is virtual there is no release function associated which
can free the memory.

Free the memory when no 'ops' exists.

Signed-off-by: Daniel Lezcano <daniel.lezcano@xxxxxxxxxx>
---
drivers/powercap/dtpm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/powercap/dtpm.c b/drivers/powercap/dtpm.c
index 0b0121c37a1b..7bddd25a6767 100644
--- a/drivers/powercap/dtpm.c
+++ b/drivers/powercap/dtpm.c
@@ -181,12 +181,12 @@ int dtpm_release_zone(struct powercap_zone *pcz)

if (dtpm->ops)
dtpm->ops->release(dtpm);
+ else
+ kfree(dtpm);

This doesn't look correct. Below you check dtpm against "root", which
may be after its memory has been freed.

If the ->release() function should be responsible for freeing the
dtpm, it needs to be called after the check below.

It is harmless, 'root' is not dereferenced but used as an ID

Moreover, in the patch 5/7 it is moved out this function.

Right. It just looks a bit odd here.

if (root == dtpm)
root = NULL;

- kfree(dtpm);

So then why doesn't this kfree do the job already?

kfree(NULL) works fine, if dtpm->ops->release(dtpm) already freed the data.

The description is confusing.

Actually, there is a double kfree. When there is a ops->release, the kfree is done there and again a few lines after.

The issue was introduced with the change where dtpm had a private data field to store the backend specific structure and was converted to a backend specific structure containing a dtpm node [1].

So this function was calling release from the dtpm backend which was freeing the specific data in the dtpm->private and then here was freeing the dtpm. Now, the backend frees the structure which contains the dtpm structure, so when returning from ops->release(), dtpm is already free.

I should change the description and add a Fixes tag to the change described above.

[1] https://lore.kernel.org/r/20210312130411.29833-4-daniel.lezcano@xxxxxxxxxx

--
<http://www.linaro.org/> Linaro.org │ Open source software for ARM SoCs

Follow Linaro: <http://www.facebook.com/pages/Linaro> Facebook |
<http://twitter.com/#!/linaroorg> Twitter |
<http://www.linaro.org/linaro-blog/> Blog

Next message: Dan Carpenter: "[intel-tdx:guest-rebased 120/133] drivers/acpi/svkl.c:164 acpi_svkl_init() warn: '&acpi_svkl_dev' not released on lines: 157."
Previous message: Jiaxin Yu: "Re: [PATCH 10/15] ASoC: mediatek: mt8186: add platform driver"
In reply to: Ulf Hansson: "Re: [PATCH v1 3/7] powercap/dtpm: Fixup kfree for virtual node"
Next in thread: Ulf Hansson: "Re: [PATCH v1 3/7] powercap/dtpm: Fixup kfree for virtual node"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]