Re: [PATCH linux-next] PCI: Fix the order in unregister path

From: Rob Herring
Date: Mon Aug 30 2021 - 10:56:10 EST


On Thu, Aug 26, 2021 at 9:39 PM <yajun.deng@xxxxxxxxx> wrote:
>
> August 26, 2021 8:01 PM, "Rob Herring" <robh@xxxxxxxxxx> wrote:
>
> > On Wed, Aug 25, 2021 at 10:57 PM <yajun.deng@xxxxxxxxx> wrote:
> >
> >> August 25, 2021 9:55 PM, "Rob Herring" <robh@xxxxxxxxxx> wrote:
> >>
> >> On Wed, Aug 25, 2021 at 3:34 AM Yajun Deng <yajun.deng@xxxxxxxxx> wrote:
> >>
> >> device_del() should be called first and then called put_device() in
> >> unregister path, becase if that the final reference count, the device
> >> will be cleaned up via device_release() above. So use device_unregister()
> >> instead.
> >>
> >> Fixes: 9885440b16b8 (PCI: Fix pci_host_bridge struct device release/free handling)
> >> Signed-off-by: Yajun Deng <yajun.deng@xxxxxxxxx>
> >> ---
> >> drivers/pci/probe.c | 4 +---
> >> 1 file changed, 1 insertion(+), 3 deletions(-)
> >>
> >> NAK.
> >>
> >> The current code is correct. Go read the comments for device_add/device_del.
> >>
> >> But the device_unregister() is only contains device_del() and put_device(). It just put
> >> device_del() before put_device().
> >
> > And that is the wrong order as we want to undo what the code above
> > did. The put_device here is for the get_device we did. The put_device
> > in device_unregister is for the get_device that device_register did
> > (on success only).
> >
> > Logically, it is wrong too to call unregister if register failed. That
> > would be like doing this:

You are right that the register and unregister are different devices.
However, your change is still wrong. The device_register is actually
irrelevant.

> >
> > p = malloc(1);
> > if (!p)
> > free(p);
> >
> This is the raw code:
> err = device_register(&bus->dev);
> if (err)
> goto unregister;
> unregister:
> put_device(&bridge->dev);
> device_del(&bridge->dev);

The pertinent parts are this:

err = device_add(&bridge->dev); // which calls get_device() itself,
so there's the first ref
if (err) {
put_device(&bridge->dev);
goto free;
}
bus->bridge = get_device(&bridge->dev); // This is the 2nd ref which
the PCI core holds
...
unregister:
put_device(&bridge->dev); // This is the put for the get_device
just above here.
device_del(&bridge->dev); // Then this does the 2nd put.

The get_device and put_device are paired, and the device_add and
device_del are paired.

As I said earlier, go read the kerneldoc for device_add. For your
convenience, here's the important part:

device_add:
* Rule of thumb is: if device_add() succeeds, you should call
* device_del() when you want to get rid of it. If device_add() has
* *not* succeeded, use *only* put_device() to drop the reference
* count.

device_del:
* NOTE: this should be called manually _iff_ device_add() was
* also called manually.


Rob