[PATCH] klist: Fix broken kref counting in find functions

[Greg KH]

[PATCH] klist: Fix broken kref counting in find functions

The klist reference counting in the find functions that use
klist_iter_init_node is broken.  If the function (for example
driver_find_device) is called with a NULL start object then everything is
fine, the first call to next_device()/klist_next increases the ref-count of
the first node on the list and does nothing for the start object which is
NULL.

If they are called with a valid start object then klist_next will decrement
the ref-count for the start object but nobody has incremented it.  Logical
place to fix this would be klist_iter_init_node because the function puts a
reference of the object into the klist_iter struct.

Signed-off-by: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>
Signed-off-by: Frank Pavlic <pavlic@xxxxxxxxxx>
Cc: Patrick Mochel <mochel@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
commit e22dafbcd7a579c29a424d5203b5b33b131948a7
tree 122969a87ba706be8374beb15bc03493e3601404
parent bf74ad5bc41727d5f2f1c6bedb2c1fac394de731
author Frank Pavlic <pavlic@xxxxxxxxxx> Sat, 26 Nov 2005 20:48:40 -0800
committer Greg Kroah-Hartman <gregkh@xxxxxxx> Wed, 04 Jan 2006 16:18:08 -0800

 lib/klist.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/lib/klist.c b/lib/klist.c
index bb2f355..9c94f0b 100644
--- a/lib/klist.c
+++ b/lib/klist.c
@@ -199,6 +199,8 @@ void klist_iter_init_node(struct klist *
 	i->i_klist = k;
 	i->i_head = &k->k_list;
 	i->i_cur = n;
+	if (n)
+		kref_get(&n->n_ref);
 }
 
 EXPORT_SYMBOL_GPL(klist_iter_init_node);

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/