KERNEL_VERSION: 2.6.36
SUBJECT: return from function without mutex_unlock in
drivers/media/video/cx231xx/cx231xx-core.c
SUBSCRIBE:
1. In line 282 in function cx231xx_read_ctrl_reg mutex was locked.
2. If usb_control_msg returns ret<0 then we exit from function
cx231xx_read_ctrl_reg without unlocking mutex. In other (ret>=0) case mutex
has been unlocked before exiting in line 295.
282 mutex_lock(&dev->ctrl_urb_lock);
283 ret = usb_control_msg(dev->udev, pipe, req,
284 USB_DIR_IN | USB_TYPE_VENDOR |
USB_RECIP_DEVICE,
285 val, reg, dev->urb_buf, len, HZ);
286 if (ret < 0) {
287 cx231xx_isocdbg(" failed!\n");
288 /* mutex_unlock(&dev->ctrl_urb_lock); */
289 return ret;
290 }
291
292 if (len)
293 memcpy(buf, dev->urb_buf, len);
294
295 mutex_unlock(&dev->ctrl_urb_lock);
Found by Linux Device Drivers Verification Project