Hi Johan,
On Sun, Nov 12, 2017 at 01:28:50PM +0100, Johan Hovold wrote:
Fix child-node lookup during initialisation, which ended up searching the whole device tree depth-first starting at the parent rather than just matching on its children.
To make things worse, the parent pci node was prematurely freed, while the child interrupt-controller node was leaked.
I think you should explain that of_find_node_by_name() drops a reference to the from pointer, it is not clear from the log.
More importantly: are you saying that all of_find_node_by_name() usages with a (from* != NULL) are broken unless they bump up the from node (if != NULL) ref count ?
Is there a reason why of_find_node_by_name() behaviour can't be changed ?
Fixes: 0c4ffcfe1fbc ("PCI: keystone: Add TI Keystone PCIe driver") Cc: stable stable@vger.kernel.org # 3.18
Do we really want to send this to stable kernels straight away ?
There is not any specific bug report - it should be safe but I wanted to ask.
Cc: Murali Karicheri m-karicheri2@ti.com
drivers/pci/dwc/pci-keystone.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
With an update log:
Acked-by: Lorenzo Pieralisi lorenzo.pieralisi@arm.com
diff --git a/drivers/pci/dwc/pci-keystone.c b/drivers/pci/dwc/pci-keystone.c index 5bee3af47588..39405598b22d 100644 --- a/drivers/pci/dwc/pci-keystone.c +++ b/drivers/pci/dwc/pci-keystone.c @@ -178,7 +178,7 @@ static int ks_pcie_get_irq_controller_info(struct keystone_pcie *ks_pcie, } /* interrupt controller is in a child node */
- *np_temp = of_find_node_by_name(np_pcie, controller);
- *np_temp = of_get_child_by_name(np_pcie, controller); if (!(*np_temp)) { dev_err(dev, "Node for %s is absent\n", controller); return -EINVAL;
@@ -187,6 +187,7 @@ static int ks_pcie_get_irq_controller_info(struct keystone_pcie *ks_pcie, temp = of_irq_count(*np_temp); if (!temp) { dev_err(dev, "No IRQ entries in %s\n", controller);
of_node_put(*np_temp);@@ -204,6 +205,8 @@ static int ks_pcie_get_irq_controller_info(struct keystone_pcie *ks_pcie, break; }
- of_node_put(*np_temp);
- if (temp) { *num_irqs = temp; return 0;
-- 2.15.0