On Thu, Jul 17, 2025 at 12:48:02PM +0100, Colin King (gmail) wrote:
> Hi,
>
> Static analysis found an issue in the following commit in linux-next:
>
> commit 2b96beffa42760513567919aa27eb72035f2db58
> Author: Nam Cao <namcao@xxxxxxxxxxxxx>
> Date: Thu Jun 26 16:48:06 2025 +0200
>
> PCI: vmd: Switch to msi_create_parent_irq_domain()
>
>
> The issue is as follows:
>
> static void vmd_msi_free(struct irq_domain *domain, unsigned int virq,
> unsigned int nr_irqs)
> {
> struct vmd_irq *vmdirq = irq_get_chip_data(virq);
>
> for (int i = 0; i < nr_irqs; ++i) {
> synchronize_srcu(&vmdirq->irq->srcu);
>
> /* XXX: Potential optimization to rebalance */
> scoped_guard(raw_spinlock_irq, &list_lock)
> vmdirq->irq->count--;
>
> kfree(vmdirq);
> }
> }
>
> The for-loop is repeatedly kfree'ing vmdirq which seems incorrect.
Thanks for the report. It has been resolved in PCI tree.
Best regards,
Nam
