[PATCH] rpmsg: Avoid double-free in mtk_rpmsg_register_device()
Nicolas Boichat
drinkcat at chromium.org
Wed Sep 2 07:04:27 EDT 2020
On Wed, Sep 2, 2020 at 5:33 PM Markus Elfring <Markus.Elfring at web.de> wrote:
>
> > If rpmsg_register_device fails, it will call
> > mtk_rpmsg_release_device which already frees mdev.
>
> Can another imperative wording become helpful for the change description?
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?id=9c7d619be5a002ea29c172df5e3c1227c22cbb41#n151
Looking at your posting history, I'll leave it up to the maintainer.
> …
> > +++ b/drivers/rpmsg/mtk_rpmsg.c
> > @@ -220,10 +220,8 @@ static int mtk_rpmsg_register_device(struct mtk_rpmsg_rproc_subdev *mtk_subdev,
> > rpdev->dev.release = mtk_rpmsg_release_device;
> >
> > ret = rpmsg_register_device(rpdev);
> > - if (ret) {
> > - kfree(mdev);
> > + if (ret)
> > return ret;
> > - }
> >
> > return 0;
> > }
>
>
> * How do you think about to use the following code variant instead?
>
> return rpmsg_register_device(rpdev);
>
> * Would you like to omit the variable “ret” for this function implementation?
That's a good suggestion, I'll update and send a v2.
>
> Regards,
> Markus
More information about the linux-arm-kernel
mailing list