<div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">Hi,</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;"><br /></div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">Thank you for the detailed review. You are completely right.</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;"><br /></div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">My commit message was confusing, and returning early in qe_reset() just shifts the NULL pointer dereference to the dependent drivers later on, without actually fixing the root cause.</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;"><br /></div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">To achieve what you suggested ("if qe_immr remap fails, all drivers depending on it don't get probed"), I plan to do the following in the v2 patch:</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;"><br /></div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">1. Change the return type of qe_reset() from `void` to `int`.</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">2. Return `-ENOMEM` if the ioremap() fails.</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">3. Update the callers of qe_reset() (e.g., qe_probe() and other board-specific setup functions) to check this return value. If qe_reset() fails, the callers will abort their initialization/probing, which will properly prevent the child devices from being probed.</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;"><br /></div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">Does this approach sound correct to you? If so, I will prepare and submit the v2 patch accordingly.</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;"><br /></div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">Best regards,</div><div style="font-family: -apple-system, system-ui; font-size: 14px; color: rgb(0, 0, 0); line-height: 1.43;">Wang Jun</div><div contenteditable="false"><div style="display:block;width:150px;height:1px;border:none;margin:32px 0px 10px;background:rgb(230, 232, 235)"></div><div><a target="_blank" href="https://wx.mail.qq.com/home/index?t=readmail_businesscard_midpage&nocheck=true&name=%E6%9C%AA%E5%90%9B&icon=http%3A%2F%2Fthirdqq.qlogo.cn%2Fek_qqapp%2FAQSCOibrQxr6bYcqvn0v5iceyKJ1GCbXFjfDrcwK2c1ibdicb6M9VwuKyGDuKTSLMNQ2cYlLp1wm%2F0&mail=1742789905%40qq.com&code=-R1Lc7oyQJMmTGwx8TEnfraJzMY_OmSQO2c6Nr5fp2DA8MPERuwU249WFNd55iccedKtcIjvgFPxCl7V4NGM7A" style="text-decoration: underline;display:inline-block;text-decoration:none !important;font-family:-apple-system,BlinkMacSystemFont,PingFang SC,Microsoft YaHei" class="xm_write_card"><table cellspacing="0" cellpadding="0" style="table-layout:fixed;padding-right:20px"><tbody><tr valign="top"><td style="width:40px;min-width:40px;padding-top:10px"><div style="width:38px;height:38px;border:1px #FFF solid;border-radius:50%;margin:0;vertical-align:top;box-shadow:0 0 10px 0 rgba(127,152,178,0.14)"><img style="vertical-align: bottom;width:100%;height:100%;border-radius:50%;pointer-events:none" src="http://thirdqq.qlogo.cn/ek_qqapp/AQSCOibrQxr6bYcqvn0v5iceyKJ1GCbXFjfDrcwK2c1ibdicb6M9VwuKyGDuKTSLMNQ2cYlLp1wm/0" /></div></td><td style="padding:10px 0 8px 10px"><div style="font-size:14px;color:#33312E;line-height:20px;padding-bottom:2px;margin:0;font-weight:500" class="businessCard_name">未君</div><div style="font-size:12px;color:#999896;line-height:18px;margin:0" class="businessCard_mail">1742789905@qq.com</div></td></tr></tbody></table></a></div></div>
<div style="line-height: 1.43;"><br /></div><div style="line-height: 1.43;"><br /></div><article style="line-height: 1.43;"><div style="display:flex;align-items:center;padding-top:8px" contenteditable="false">
<div style="color:#959DA6;font-size:12px;line-height:30px">Original</div>
<hr style="border: none;flex-grow:1;border-top:1px solid rgba(21, 46, 74, 0.07);margin-left:8px" />
</div><table data-uneditable="true" style="line-height: 20px; border-radius: 6px; background-color: rgba(20, 46, 77, 0.05); margin: 0px; width: 100%;"><tbody><tr><td style="line-height: 20px; padding: 8px;"><div style="line-height: 20px; font-size: 12px;"><span style="color: rgb(92, 97, 102);">From: </span><span style="color: rgb(0, 0, 0);">Christophe Leroy (CS GROUP)</span> <span style="color: rgb(149, 157, 166);"><chleroy@kernel.org></span></div><div style="line-height: 20px; font-size: 12px;"><span style="color: rgb(92, 97, 102);">Date: </span><span style="color: rgb(0, 0, 0);">2026-03-13 17:48</span></div><div style="line-height: 20px; font-size: 12px;"><span style="color: rgb(92, 97, 102);">To: </span><span style="color: rgb(0, 0, 0);">Wang Jun</span> <span style="color: rgb(149, 157, 166);"><1742789905@qq.com>, </span><span style="color: rgb(0, 0, 0);">Qiang Zhao</span> <span style="color: rgb(149, 157, 166);"><qiang.zhao@nxp.com>, </span><span style="color: rgb(0, 0, 0);">linuxppc-dev</span> <span style="color: rgb(149, 157, 166);"><linuxppc-dev@lists.ozlabs.org>, </span><span style="color: rgb(0, 0, 0);">linux-arm-kernel</span> <span style="color: rgb(149, 157, 166);"><linux-arm-kernel@lists.infradead.org></span></div><div style="line-height: 20px; font-size: 12px;"><span style="color: rgb(92, 97, 102);">Cc: </span><span style="color: rgb(0, 0, 0);">linux-kernel</span> <span style="color: rgb(149, 157, 166);"><linux-kernel@vger.kernel.org>, </span><span style="color: rgb(0, 0, 0);">gszhai</span> <span style="color: rgb(149, 157, 166);"><gszhai@bjtu.edu.cn>, </span><span style="color: rgb(0, 0, 0);">25125332</span> <span style="color: rgb(149, 157, 166);"><25125332@bjtu.edu.cn>, </span><span style="color: rgb(0, 0, 0);">25125283</span> <span style="color: rgb(149, 157, 166);"><25125283@bjtu.edu.cn>, </span><span style="color: rgb(0, 0, 0);">23120469</span> <span style="color: rgb(149, 157, 166);"><23120469@bjtu.edu.cn></span></div><div style="line-height: 20px; font-size: 12px;"><span style="color: rgb(92, 97, 102);">Subject: </span><span style="color: rgb(0, 0, 0);">Re: [PATCH] soc: fsl: qe: Fix potential NULL pointer dereference inqe_reset()</span></div></td></tr></tbody></table><div><br /></div><br /><br />Le 10/03/2026 à 13:11, Wang Jun a écrit :<br />> [Vous ne recevez pas souvent de courriers de 1742789905@qq.com. Découvrez pourquoi ceci est important à https://aka.ms/LearnAboutSenderIdentification ]<br />> <br />> The function qe_reset() uses qe_immr without checking if it is NULL,<br />> which could happen if ioremap() failed earlier. Add a NULL check and<br />> perform ioremap() if needed; if it still fails, print an error and<br />> return to avoid crashing the system.<br /><br />I don't understand what you are trying to say here. What you say is <br />already what qe_reset() does: it does a NULL check and performs <br />ioremap() when it is NULL:<br /><br /> if (qe_immr == NULL)<br /> qe_immr = ioremap(get_qe_base(), QE_IMMAP_SIZE);<br /><br />You are adding a second NULL check and return early from qe_reset(). But <br />it doesn't really fix the problem because qe_immr is used in many other <br />places so you are just delaying the problem.<br /><br />What needs to be done is that if qe_immr remap fails, all drivers <br />depending on it don't get probed.<br /><br />> <br />> Signed-off-by: Wang Jun <1742789905@qq.com><br />> ---<br />> drivers/soc/fsl/qe/qe.c | 7 ++++++-<br />> 1 file changed, 6 insertions(+), 1 deletion(-)<br />> <br />> diff --git a/drivers/soc/fsl/qe/qe.c b/drivers/soc/fsl/qe/qe.c<br />> index 70b6eddb867b..6dcfa340970a 100644<br />> --- a/drivers/soc/fsl/qe/qe.c<br />> +++ b/drivers/soc/fsl/qe/qe.c<br />> @@ -86,8 +86,13 @@ static phys_addr_t get_qe_base(void)<br />> <br />> void qe_reset(void)<br />> {<br />> - if (qe_immr == NULL)<br />> + if (qe_immr == NULL) {<br />> qe_immr = ioremap(get_qe_base(), QE_IMMAP_SIZE);<br />> + if (qe_immr == NULL) {<br />> + pr_err("QE: cannot remap IMMR\n");<br />> + return;<br />> + }<br />> + }<br />> <br />> qe_snums_init();<br />> <br />> --<br />> 2.43.0<br />> <br />
</article><div style="line-height: 1.43;"><br /></div>