Re: [PATCH 1/3] driver core: generalize driver_override in struct device
From: Danilo Krummrich
Date: Mon Mar 02 2026 - 05:12:10 EST
On Mon Mar 2, 2026 at 9:36 AM CET, Gui-Dong Han wrote:
> Applying the following diff fixes the KASAN issue. It was just a minor bug.
>
> diff --git a/drivers/base/core.c b/drivers/base/core.c
> index a8cb90577d10..09b98f02f559 100644
> --- a/drivers/base/core.c
> +++ b/drivers/base/core.c
> @@ -2556,6 +2556,7 @@ static void device_release(struct kobject *kobj)
> devres_release_all(dev);
>
> kfree(dev->dma_range_map);
> + kfree(dev->driver_override.name);
>
> if (dev->release)
> dev->release(dev);
> @@ -2566,7 +2567,6 @@ static void device_release(struct kobject *kobj)
> else
> WARN(1, KERN_ERR "Device '%s' does not have a
> release() function, it is broken and must be fixed. See
> Documentation/core-api/kobject.rst.\n",
> dev_name(dev));
> - kfree(dev->driver_override.name);
> kfree(p);
> }
Yes, we must not access dev after the release callbacks has been called; no idea
how this kfree() ended up below. Thanks for catching!
> With this applied, along with the PCI driver diff from the WIP patch,
> the issue is resolved. I tested this on PCI and both PoCs no longer
> trigger KASAN. I also ran with other debug options enabled (lockdep,
> sleep inside atomic, etc.) and hit no warnings.
>
> I was working on a similar patch recently, but your version is better.
> Not returning the string directly provides better encapsulation and
> makes the API much harder to misuse.
Ah, right, I remember you mentioned that! If you want I can add your
Co-developed-by: to this patch to account for your work.
> Tested-by: Gui-Dong Han <hanguidong02@xxxxxxxxx>
> Reviewed-by: Gui-Dong Han <hanguidong02@xxxxxxxxx>