On Thu, Dec 13, 2007 at 02:00:09PM -0800, Christopher Li wrote:
 > On Dec 12, 2007 12:00 PM, Dave Jones <[EMAIL PROTECTED]> wrote:
 > > Today I came across a bug in the kernel cpufreq code where
 > > we were missing a bunch of up_write() calls in error paths
 > > of a function.
 > >
 > > I've been trying to get sparse's context checking to pick up
 > > on the errors and failing.  The kernel patch below is what I have
 > > so far, but it seems to report no output whatsoever.
 > > What am I missing ?
 > 
 > Can you share the example buggy cpufreq code that miss the up_write() calls?

Sure. In drivers/cpufreq/cpufreq.c cpufreq_add_dev() is missing several
calls to unlock_policy_rwsem_write() in the error paths.

The patch below should make it more obvious..

        Dave

diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c
index 5e626b1..79581fa 100644
--- a/drivers/cpufreq/cpufreq.c
+++ b/drivers/cpufreq/cpufreq.c
@@ -841,19 +841,25 @@ static int cpufreq_add_dev (struct sys_device * sys_dev)
        drv_attr = cpufreq_driver->attr;
        while ((drv_attr) && (*drv_attr)) {
                ret = sysfs_create_file(&policy->kobj, &((*drv_attr)->attr));
-               if (ret)
+               if (ret) {
+                       unlock_policy_rwsem_write(cpu);
                        goto err_out_driver_exit;
+               }
                drv_attr++;
        }
        if (cpufreq_driver->get){
                ret = sysfs_create_file(&policy->kobj, &cpuinfo_cur_freq.attr);
-               if (ret)
+               if (ret) {
+                       unlock_policy_rwsem_write(cpu);
                        goto err_out_driver_exit;
+               }
        }
        if (cpufreq_driver->target){
                ret = sysfs_create_file(&policy->kobj, &scaling_cur_freq.attr);
-               if (ret)
+               if (ret) {
+                       unlock_policy_rwsem_write(cpu);
                        goto err_out_driver_exit;
+               }
        }
 
        spin_lock_irqsave(&cpufreq_driver_lock, flags);
-- 
http://www.codemonkey.org.uk
-
To unsubscribe from this list: send the line "unsubscribe linux-sparse" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to