Alan Stern wrote: > On Thu, 10 May 2007, Tejun Heo wrote: > >> Currently, devt_attr for the "dev" file is freed immediately on device >> removal, but if the "dev" sysfs file is open when a device is removed, >> sysfs will access its attribute structure for further access including >> close resulting in jumping to garbled address. Fix it by postponing >> freeing devt_attr to device release time. >> >> Note that devt_attr for class_device is already freed on release. >> >> This bug is reported by Chris Rankin as bugzilla bug#8198. >> >> Signed-off-by: Tejun Heo <[EMAIL PROTECTED]> >> Cc: Chris Rankin <[EMAIL PROTECTED]> >> --- >> Applies well to 2.6.20 and 21. As sysfs-immediate-disconnect doesn't >> seem to be included in 2.6.22, this should be included in linus#master >> too (applies well there as well). > > Although sysfs-immediate-disconnect may not be included in 2.6.22, the old > attribute-orphan code by Oliver Neukum is present there and also in > 2.6.21. Shouldn't that suffice?
sysfs_release() still needs to deference attr->owner to put it, so I think there's the same problem even with attribute-orphan. We end up calling module_put() on garbage. -- tejun - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
