On Thu, Nov 21, 2019 at 1:19 PM Dmitry Safonov <0x7f454c46@xxxxxxxxx> wrote: > > Hi Francesco, > > I believe, there's still an issue with your patch. > > On Wed, 20 Nov 2019 at 05:50, Francesco Ruggeri <fruggeri@xxxxxxxxxx> wrote: > > @@ -472,10 +477,11 @@ void acpi_os_unmap_generic_address(struct acpi_generic_address *gas) > > mutex_unlock(&acpi_ioremap_lock); > > return; > > } > > - acpi_os_drop_map_ref(map); > > + refcount = acpi_os_drop_map_ref(map); > > mutex_unlock(&acpi_ioremap_lock); > > Here comes acpi_os_get_iomem() increasing the refcount again. Thanks Dmitry. I think that any code that increments the refcount does so after looking for map in acpi_ioremap under acpi_ioremap_lock, and the process that drops the last reference removes map from the list, also under acpi_ioremap_lock, so I am not sure this could happen. The synchronize_rcu_expedited in acpi_os_map_cleanup should then take care of any other references to map (which it is my understanding require acpi_ioremap_lock or rcu read lock). Thanks, Francesco
