[PATCH] rpmsg: Avoid double-free in mtk_rpmsg_register_device()
Markus Elfring
Markus.Elfring at web.de
Wed Sep 2 05:33:35 EDT 2020
> If rpmsg_register_device fails, it will call
> mtk_rpmsg_release_device which already frees mdev.
Can another imperative wording become helpful for the change description?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?id=9c7d619be5a002ea29c172df5e3c1227c22cbb41#n151
…
> +++ b/drivers/rpmsg/mtk_rpmsg.c
> @@ -220,10 +220,8 @@ static int mtk_rpmsg_register_device(struct mtk_rpmsg_rproc_subdev *mtk_subdev,
> rpdev->dev.release = mtk_rpmsg_release_device;
>
> ret = rpmsg_register_device(rpdev);
> - if (ret) {
> - kfree(mdev);
> + if (ret)
> return ret;
> - }
>
> return 0;
> }
* How do you think about to use the following code variant instead?
return rpmsg_register_device(rpdev);
* Would you like to omit the variable “ret” for this function implementation?
Regards,
Markus
More information about the Linux-mediatek
mailing list