Re: [PATCH] staging: vchiq_arm: Fix missing refcount decrement in error path for fw_node

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Javier Carrasco <javier.carrasco.cruz@gmail.com>
To: Dan Carpenter <dan.carpenter@linaro.org>
Cc: Florian Fainelli <florian.fainelli@broadcom.com>,
	Broadcom internal kernel review list
	<bcm-kernel-feedback-list@broadcom.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Stefan Wahren <wahrenst@gmx.net>,
	Umang Jain <umang.jain@ideasonboard.com>,
	Laurent Pinchart <laurent.pinchart@ideasonboard.com>,
	linux-rpi-kernel@lists.infradead.org,
	linux-arm-kernel@lists.infradead.org,
	linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org,
	stable@vger.kernel.org
Subject: Re: [PATCH] staging: vchiq_arm: Fix missing refcount decrement in error path for fw_node
Date: Mon, 14 Oct 2024 10:49:28 +0200	[thread overview]
Message-ID: <a3a8418a-57f2-4f3e-80a3-011de2af1296@gmail.com> (raw)
In-Reply-To: <20d12a96-c06b-4204-9a57-69a4bac02867@stanley.mountain>

On 14/10/2024 10:39, Dan Carpenter wrote:
> On Mon, Oct 14, 2024 at 10:15:25AM +0200, Javier Carrasco wrote:
>> On 14/10/2024 10:12, Dan Carpenter wrote:
>>> On Mon, Oct 14, 2024 at 09:59:49AM +0200, Javier Carrasco wrote:
>>>> This approach is great as long as the maintainer accepts mid-scope
>>>> variable declaration and the goto instructions get refactored, as stated
>>>> in cleanup.h.
>>>>
>>>> The first point is not being that problematic so far, but the second one
>>>> is trickier, and we all have to take special care to avoid such issues,
>>>> even if they don't look dangerous in the current code, because adding a
>>>> goto where there cleanup attribute is already used can be overlooked as
>>>> well.
>>>>
>>>
>>> To be honest, I don't really understand this paragraph.  I think maybe you're
>>> talking about if we declare the variable at the top and forget to initialize it
>>> to NULL?  It leads to an uninitialized variable if we exit the function before
>>> it is initialized.
>>>
>>
>> No, I am talking about declaring the variable mid-scope, and later on
>> adding a goto before that declaration in a different patch, let's say
>> far above the variable declaration. As soon as a goto is added, care
>> must be taken to make sure that we don't have variables with the cleanup
>> attribute in the scope. Just something to take into account.
>>
> 
> Huh.  That's an interesting point.  If you have:
> 
> 	if (ret)
> 		goto done;
> 
> 	struct device_node *fw_node __free(device_node) = something;
> 
> Then fw_node isn't initialized when we get to done.  However, in my simple test
> this triggered a build failure with Clang so I believe we would catch this sort
> of bug pretty quickly.
> 
> regards,
> dan carpenter
> 

Yes, the only pity is that GCC (I guess still the most common compiler
for the Linux kernel) stays silent, and it happily builds a buggy image.
But as you said, the patch will trigger some alarms as soon as it is
sent upstream.

In this particular case, and as Greg pointed out, that is not a real
threat anyway. My digression comes to an end, and v2 is on its way.

Thanks and best regards,
Javier Carrasco

next prev parent reply	other threads:[~2024-10-14  8:49 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-10-13 10:42 [PATCH] staging: vchiq_arm: Fix missing refcount decrement in error path for fw_node Javier Carrasco
2024-10-13 11:36 ` Umang Jain
2024-10-13 12:55   ` Javier Carrasco
2024-10-14  6:50   ` Krzysztof Kozlowski
2024-10-14  7:22 ` Dan Carpenter
2024-10-14  7:59   ` Javier Carrasco
2024-10-14  8:12     ` Dan Carpenter
2024-10-14  8:15       ` Javier Carrasco
2024-10-14  8:33         ` Greg Kroah-Hartman
2024-10-14  8:39         ` Dan Carpenter
2024-10-14  8:49           ` Javier Carrasco [this message]
2024-10-14  9:06             ` Dan Carpenter
2024-10-14  8:51   ` Krzysztof Kozlowski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a3a8418a-57f2-4f3e-80a3-011de2af1296@gmail.com \
    --to=javier.carrasco.cruz@gmail.com \
    --cc=bcm-kernel-feedback-list@broadcom.com \
    --cc=dan.carpenter@linaro.org \
    --cc=florian.fainelli@broadcom.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=laurent.pinchart@ideasonboard.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-rpi-kernel@lists.infradead.org \
    --cc=linux-staging@lists.linux.dev \
    --cc=stable@vger.kernel.org \
    --cc=umang.jain@ideasonboard.com \
    --cc=wahrenst@gmx.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox