[PATCH] drm/vboxvideo: Unmap iomem on probe-failure and remove

Daniel Vetter daniel at ffwll.ch
Fri Nov 20 09:39:45 UTC 2020


On Fri, Nov 20, 2020 at 8:58 AM Dan Carpenter <dan.carpenter at oracle.com> wrote:
>
> On Thu, Nov 19, 2020 at 08:30:59PM +0100, Daniel Vetter wrote:
> > On Thu, Nov 19, 2020 at 6:51 PM Dan Carpenter <dan.carpenter at oracle.com> wrote:
> > >
> > > On Thu, Nov 19, 2020 at 12:35:56PM +0100, Hans de Goede wrote:
> > > > Hi,
> > > >
> > > > On 10/27/20 2:51 PM, Hans de Goede wrote:
> > > > > Add missing pci_iounmap() calls to properly unmap the memory on
> > > > > probe-failure and remove.
> > > > >
> > > > > Reported-by: kernel test robot <lkp at intel.com>
> > > > > Reported-by: Dan Carpenter <dan.carpenter at oracle.com>
> > > > > Signed-off-by: Hans de Goede <hdegoede at redhat.com>
> > > >
> > > > For some reason the spam-filter used by Red Hat's email system has eaten
> > > > Daniel Vetter's reply to this, so let me copy and paste that from patchwork:
> > > >
> > > > Daniel Vetter wrote:
> > > >
> > > > > I think switching over to devm would be really nice. And for pci all
> > > > > you need to do is use pcim_enable_device and delete all the cleanup
> > > > > code, and it's all done. Hand rolling device cleanup code really isn't
> > > > > a great idea and way too error-prone. Plus you're using lots of devm_
> > > > > already.
> > > >
> > > > Good point, so I just checked and the vboxvideo code is already
> > > > using pcim_enable_device() so it looks like this is a false-positive
> > > > from the lkp at intel.com bot, and Dan Carpenter missed that pcim_enable_device()
> > > > makes all subsequent pci-resource acquiring calls behave like devm calls,
> > > > when he forwarded the report to me.
> > > >
> > > > Tl;DR: there is no bug / leak and this patch can be dropped.
> > > >
> > > > Is there a place where I can report a bug against the lkp at intel.com bot
> > > > for this false-positive ?
> > >
> > > Ah.  Thanks!
> > >
> > > This is a Smatch bug.  There is a list for that smatch at vger.kernel.org
> > > but I already remove the pci_iomap() from the list of functions that
> > > needs to be unwound based on your report.
> >
> > I guess if smatch sees a pci_enable_device but not pcim_enable_device
> > on the same device as passed to pci_iomap (and a pile of other pci
> > functions) then it still must be unwound. Could smatch detect that?
> > There's a lot of pci drivers not using the managed functions, catching
> > bugs in these would be good.
>
> It's a lot of code.  There would be two ways to implement this:
>
> 1) Somehow store the links to figure out the value of:
>
>          devres_find(vbox->ddev.pdev.dev)->enabled
>
> That's very complicated.  I'm sort of working on some of the steps
> involved but and it's probably a multi year process before it's
> possible.
>
> 2) Create a data base table with driver data, then store if the driver
> calls pcim_enable_device().  This is still a bit of work, but probably
> straight forward.  Storing driver data would be useful for other things
> as well.

Hm maybe I totally misunderstand how smatch works, but I thought you
can track additional invariants and stuff on various pointers. So I
figured you just track whether pci_enable_device has been called on a
struct pci_device *dev, and then if anyone calls pci_iomap on the same
pointer and there's no cleanup, it's a bug. For any other case you
just can't tell (since absence of pcim_enable_device might just mean
that smatch doesn't see through the maze). Or is that what you meant
with approach 2?
-Daniel
-- 
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch


More information about the dri-devel mailing list