On 2019-12-12 13:28:26 [-0600], Rob Herring wrote:
> On Thu, Dec 12, 2019 at 7:05 AM Sebastian Andrzej Siewior
> <bigeasy@xxxxxxxxxxxxx> wrote:
> >
> > On 2019-12-11 17:48:54 [-0600], Rob Herring wrote:
> > > > - if (phandle_cache) {
> > > > - if (phandle_cache[masked_handle] &&
> > > > - handle == phandle_cache[masked_handle]->phandle)
> > > > - np = phandle_cache[masked_handle];
> > > > - if (np && of_node_check_flag(np, OF_DETACHED)) {
> > > > - WARN_ON(1); /* did not uncache np on node removal */
> > > > - of_node_put(np);
> > > > - phandle_cache[masked_handle] = NULL;
> > > > - np = NULL;
> > > > - }
> > > > + if (phandle_cache[handle_hash] &&
> > > > + handle == phandle_cache[handle_hash]->phandle)
> > > > + np = phandle_cache[handle_hash];
> > > > + if (np && of_node_check_flag(np, OF_DETACHED)) {
> > > > + WARN_ON(1); /* did not uncache np on node removal */
> > >
> > > BTW, I don't think this check is even valid. If we failed to detach
> > > and remove the node from the cache, then we could be accessing np
> > > after freeing it.
> >
> > this is kmalloc()ed memory which is always valid. If the memory is
> > already re-used then
> > handle == phandle_cache[handle_hash]->phandle
> >
> > will fail (the check, not the memory access itself).
>
> There's a 1 in 2^32 chance it won't.
:)
> > If the check
> > remains valid then you can hope for the OF_DETACHED flag to trigger the
> > warning.
>
> Keyword is hope.
>
> To look at it another way. Do we need this check? It is in the "fast
> path". There's a single location where we set OF_DETACHED and the
> cache entry is removed at the same time. Also, if we do free the
> node's memory, it also checks for OF_DETACHED. Previously, a free
> wouldn't happen because we incremented the ref count on nodes in the
> cache.
So get rid of it then. It is just __of_detach_node() that removes it.
> Rob
Sebastian
