Re: [PATCH -next 1/3] PCI: fix double put_device() in error case in pci_create_root_bus()

From: Yang Yingliang
Date: Sat Aug 27 2022 - 05:15:35 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH] ARM: dts: aspeed: Add IBM Bonnell system BMC devicetree"
Previous message: Frank Wunderlich: "Aw: Re: Re: [PATCH v5 5/5] arm64: dts: rockchip: Add PCIe v3 nodes to BPI-R2-Pro"
In reply to: Bjorn Helgaas: "Re: [PATCH -next 1/3] PCI: fix double put_device() in error case in pci_create_root_bus()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On 2022/8/27 5:14, Bjorn Helgaas wrote:

[+cc Rob]

On Thu, Aug 25, 2022 at 08:27:51PM +0800, Yang Yingliang wrote:

If device_add() fails in pci_register_host_bridge(), the brigde device will
be put once, and it will be put again in error path of pci_create_root_bus().
Move the put_device() from pci_create_root_bus() to pci_register_host_bridge()
to fix this problem. And use device_unregister() instead of del_device() and
put_device().

s/brigde/bridge/

Fixes: 9885440b16b8 ("PCI: Fix pci_host_bridge struct device release/free handling")

If you're fixing a commit from somebody else, please always cc: the
author because the author can help review the change.

OK.

Signed-off-by: Yang Yingliang <yangyingliang@xxxxxxxxxx>
---
drivers/pci/probe.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index c5286b027f00..e500eb9d6468 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1027,7 +1027,7 @@ static int pci_register_host_bridge(struct pci_host_bridge *bridge)
unregister:
put_device(&bridge->dev);
- device_del(&bridge->dev);
+ device_unregister(&bridge->dev);

I don't understand this part. device_unregister() looks like this:

void device_unregister(struct device *dev)
{
device_del(dev);
put_device(dev);
}

So this calls put_device(&bridge->dev) twice, doesn't it?

The "unregister" label looks poorly named. We only get there if
device_register() *failed*. We shouldn't need to unregister anything
in that case.

If it goes to the 'unregister' label, the bridge->dev has been register sucessfully (device_initialize() called from pci_alloc_host_bridge()
and device_add() called from pci_register_host_bridge()), so it need be unregister, and another put_device() is for decreasing
refcount of 'bus->bridge'.

Thanks,
Yang

free:
kfree(bus);
@@ -3037,13 +3037,9 @@ struct pci_bus *pci_create_root_bus(struct device *parent, int bus,
error = pci_register_host_bridge(bridge);
if (error < 0)
- goto err_out;
+ return NULL;
return bridge->bus;
-
-err_out:
- put_device(&bridge->dev);
- return NULL;

This part looks right to me. The get_device() is in
pci_register_host_bridge(), and if pci_register_host_bridge() returns
failure, I think it should first do the corresponding put_device().

}
EXPORT_SYMBOL_GPL(pci_create_root_bus);
--
2.25.1

.

Next message: Krzysztof Kozlowski: "Re: [PATCH] ARM: dts: aspeed: Add IBM Bonnell system BMC devicetree"
Previous message: Frank Wunderlich: "Aw: Re: Re: [PATCH v5 5/5] arm64: dts: rockchip: Add PCIe v3 nodes to BPI-R2-Pro"
In reply to: Bjorn Helgaas: "Re: [PATCH -next 1/3] PCI: fix double put_device() in error case in pci_create_root_bus()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]