Greg:
There is a bug in drivers/base/class.c in 2.5.70. Near the start of the
routine class_device_add() are the lines
if (class_dev->dev)
get_device(class_dev->dev);
But there's nothing to undo this get_device, either in the error return
part of class_device_add() or in class_device_del().
I assume that either this get_device() doesn't belong there or else there
should be corresponding put_device() calls in the other two spots.
Whichever is the case, it should be easy for you to fix.
Alan Stern
On Wed, Jun 11, 2003 at 01:12:47PM -0400, Alan Stern wrote:
> Greg:
>
> There is a bug in drivers/base/class.c in 2.5.70. Near the start of the
> routine class_device_add() are the lines
>
> if (class_dev->dev)
> get_device(class_dev->dev);
>
> But there's nothing to undo this get_device, either in the error return
> part of class_device_add() or in class_device_del().
>
> I assume that either this get_device() doesn't belong there or else there
> should be corresponding put_device() calls in the other two spots.
> Whichever is the case, it should be easy for you to fix.
Already fixed in Linus's -bk tree :)
thanks for pointing it out though.
greg k-h
On Wed, Jun 11, 2003 at 01:12:47PM -0400, Alan Stern wrote:
> Greg:
>
> There is a bug in drivers/base/class.c in 2.5.70. Near the start of the
> routine class_device_add() are the lines
>
> if (class_dev->dev)
> get_device(class_dev->dev);
>
> But there's nothing to undo this get_device, either in the error return
> part of class_device_add() or in class_device_del().
>
> I assume that either this get_device() doesn't belong there or else there
> should be corresponding put_device() calls in the other two spots.
> Whichever is the case, it should be easy for you to fix.
You are correct. I took out the other put_device() in the -bk tree in
class_device_del() but forgot to remove this one. Good catch.
Pat, here's a patch to fix this up, against the latest -bk tree.
thanks,
greg k-h
# Driver core: fix unbounded get_device() in class_device_add()
#
# This was found by Alan Stern.
diff -Nru a/drivers/base/class.c b/drivers/base/class.c
--- a/drivers/base/class.c Wed Jun 11 14:47:20 2003
+++ b/drivers/base/class.c Wed Jun 11 14:47:20 2003
@@ -264,8 +264,6 @@
return -EINVAL;
parent = class_get(class_dev->class);
- if (class_dev->dev)
- get_device(class_dev->dev);
pr_debug("CLASS: registering class device: ID = '%s'\n",
class_dev->class_id);
On Wed, 11 Jun 2003, Greg KH wrote:
> On Wed, Jun 11, 2003 at 01:12:47PM -0400, Alan Stern wrote:
> > Greg:
> >
> > There is a bug in drivers/base/class.c in 2.5.70. Near the start of the
> > routine class_device_add() are the lines
> >
> > if (class_dev->dev)
> > get_device(class_dev->dev);
> >
> > But there's nothing to undo this get_device, either in the error return
> > part of class_device_add() or in class_device_del().
> >
> > I assume that either this get_device() doesn't belong there or else there
> > should be corresponding put_device() calls in the other two spots.
> > Whichever is the case, it should be easy for you to fix.
>
> You are correct. I took out the other put_device() in the -bk tree in
> class_device_del() but forgot to remove this one. Good catch.
>
> Pat, here's a patch to fix this up, against the latest -bk tree.
Applied, thanks,
-pat