drivers/fsi/fsi-core.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
fsi_slave_init() calls device_initialize() for slave->dev
unconditionally. However, in the error paths, put_device() is not
called, leading to an imbalance in the device reference count.
Although kfree(slave) eventually frees the memory, it does not
properly release the device initialized by device_initialize(). For
proper pairing of device_initialize()/put_device(), add put_device()
calls in both error paths.
Found by code review.
Cc: stable@vger.kernel.org
Fixes: d1dcd6782576 ("fsi: Add cfam char devices")
Signed-off-by: Ma Ke <make24@iscas.ac.cn>
---
drivers/fsi/fsi-core.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/fsi/fsi-core.c b/drivers/fsi/fsi-core.c
index c6c115993ebc..0d45e4442ca9 100644
--- a/drivers/fsi/fsi-core.c
+++ b/drivers/fsi/fsi-core.c
@@ -1075,7 +1075,7 @@ static int fsi_slave_init(struct fsi_master *master, int link, uint8_t id)
rc = __fsi_get_new_minor(slave, fsi_dev_cfam, &slave->dev.devt,
&slave->cdev_idx);
if (rc)
- goto err_free;
+ goto err_put_device;
trace_fsi_slave_init(slave);
@@ -1112,6 +1112,9 @@ static int fsi_slave_init(struct fsi_master *master, int link, uint8_t id)
err_free_ida:
fsi_free_minor(slave->dev.devt);
+err_put_device:
+ put_device(&slave->dev);
+ return rc;
err_free:
of_node_put(slave->dev.of_node);
kfree(slave);
--
2.17.1> fsi_slave_init() calls device_initialize() for slave->dev > unconditionally. However, in the error paths, put_device() is not > called, leading to an imbalance in the device reference count. … Would an other word wrapping be a bit nicer for such a change description? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.18-rc4#n658 Regards, Markus
© 2016 - 2025 Red Hat, Inc.