Re: PCI: vmd: repeated kfree of vmdirq

From: Nam Cao
Date: Thu Jul 17 2025 - 07:53:07 EST

Next message: David Hildenbrand: "[PATCH v2 2/9] mm/huge_memory: move more common code into insert_pud()"
Previous message: David Hildenbrand: "[PATCH v2 1/9] mm/huge_memory: move more common code into insert_pmd()"
In reply to: Colin King (gmail): "PCI: vmd: repeated kfree of vmdirq"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 17, 2025 at 12:48:02PM +0100, Colin King (gmail) wrote:
> Hi,
>
> Static analysis found an issue in the following commit in linux-next:
>
> commit 2b96beffa42760513567919aa27eb72035f2db58
> Author: Nam Cao <namcao@xxxxxxxxxxxxx>
> Date: Thu Jun 26 16:48:06 2025 +0200
>
> PCI: vmd: Switch to msi_create_parent_irq_domain()
>
>
> The issue is as follows:
>
> static void vmd_msi_free(struct irq_domain *domain, unsigned int virq,
> unsigned int nr_irqs)
> {
> struct vmd_irq *vmdirq = irq_get_chip_data(virq);
>
> for (int i = 0; i < nr_irqs; ++i) {
> synchronize_srcu(&vmdirq->irq->srcu);
>
> /* XXX: Potential optimization to rebalance */
> scoped_guard(raw_spinlock_irq, &list_lock)
> vmdirq->irq->count--;
>
> kfree(vmdirq);
> }
> }
>
> The for-loop is repeatedly kfree'ing vmdirq which seems incorrect.

Thanks for the report. It has been resolved in PCI tree.

Best regards,
Nam

Next message: David Hildenbrand: "[PATCH v2 2/9] mm/huge_memory: move more common code into insert_pud()"
Previous message: David Hildenbrand: "[PATCH v2 1/9] mm/huge_memory: move more common code into insert_pmd()"
In reply to: Colin King (gmail): "PCI: vmd: repeated kfree of vmdirq"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]