On Fri, Dec 20, 2024 at 01:42:29PM +0530, Manivannan Sadhasivam wrote:
[...]
Sorry, forgot to trim my reply.
> > +static void nvmet_pci_epf_clear_bar(struct nvmet_pci_epf *nvme_epf)
> > +{
> > + struct pci_epf *epf = nvme_epf->epf;
> > +
> > + pci_epc_clear_bar(epf->epc, epf->func_no, epf->vfunc_no,
> > + &epf->bar[BAR_0]);
> > + pci_epf_free_space(epf, nvme_epf->reg_bar, BAR_0, PRIMARY_INTERFACE);
> > + nvme_epf->reg_bar = NULL;
>
> Memory for BAR 0 is allocated in nvmet_pci_epf_bind(), but it is freed in both
> nvmet_pci_epf_epc_deinit() and nvmet_pci_epf_bind(). This will cause NULL ptr
> dereference if epc_deinit() gets called after nvmet_pci_epf_bind() and then
> epc_init() is called (we call epc_deinit() once PERST# is deasserted to cleanup
> the EPF for platforms requiring refclk from host).
>
> So please move pci_epf_free_space() and 'nvme_epf->reg_bar = NULL' to a
> separate helper nvmet_pci_epf_free_bar() and call that only from
> nvmet_pci_epf_unbind() (outside of 'epc->init_complete' check).
>
> With the above change, I'm able to get this EPF driver working on my Qcom RC/EP
> setup.
>
> - Mani
--
மணிவண்ணன் சதாசிவம்
