From 47a1dcfc75d57ba7e0ebc82c86e51068bf0d799e Mon Sep 17 00:00:00 2001 From: Bart Van Assche Date: Wed, 30 Sep 2015 22:23:15 +0000 Subject: [PATCH] scst_lib: Fix a recently introduced regression Due to patch "scst_lib: Fix a stack overflow" (r6500) there is a small chance that not every scst_put_acg() call decreases the acg reference count. Fix this. git-svn-id: http://svn.code.sf.net/p/scst/svn/trunk@6524 d57e44dd-8a1f-0410-8b47-8ef2f437770f --- scst/include/scst.h | 2 -- scst/src/scst_lib.c | 24 +++++++++++++++++++++--- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/scst/include/scst.h b/scst/include/scst.h index ac581a097..0d19a44c3 100644 --- a/scst/include/scst.h +++ b/scst/include/scst.h @@ -3307,8 +3307,6 @@ struct scst_acg { /* One more than the number of sessions in acg_sess_list */ struct kref acg_kref; - struct work_struct put_work; - /* Owner target */ struct scst_tgt *tgt; diff --git a/scst/src/scst_lib.c b/scst/src/scst_lib.c index a3b689a81..251c46945 100644 --- a/scst/src/scst_lib.c +++ b/scst/src/scst_lib.c @@ -4294,7 +4294,6 @@ struct scst_acg *scst_alloc_add_acg(struct scst_tgt *tgt, } kref_init(&acg->acg_kref); - INIT_WORK(&acg->put_work, scst_put_acg_work); acg->tgt = tgt; INIT_LIST_HEAD(&acg->acg_dev_list); INIT_LIST_HEAD(&acg->acg_sess_list); @@ -4430,20 +4429,39 @@ static void scst_release_acg(struct kref *kref) scst_free_acg(acg); } +struct scst_acg_put_work { + struct work_struct work; + struct scst_acg *acg; +}; + static void scst_put_acg_work(struct work_struct *work) { - struct scst_acg *acg = container_of(work, typeof(*acg), put_work); + struct scst_acg_put_work *put_work = + container_of(work, typeof(*put_work), work); + struct scst_acg *acg = put_work->acg; + kfree(work); kref_put(&acg->acg_kref, scst_release_acg); } void scst_put_acg(struct scst_acg *acg) { + struct scst_acg_put_work *put_work; + + put_work = kmalloc(sizeof(*put_work), GFP_KERNEL | __GFP_NOFAIL); + if (WARN_ON_ONCE(!put_work)) { + kref_put(&acg->acg_kref, scst_release_acg); + return; + } + + INIT_WORK(&put_work->work, scst_put_acg_work); + put_work->acg = acg; + /* * Schedule the kref_put() call instead of invoking it directly to * avoid deep recursion and a stack overflow. */ - queue_work(scst_release_acg_wq, &acg->put_work); + WARN_ON_ONCE(!queue_work(scst_release_acg_wq, &put_work->work)); } void scst_get_acg(struct scst_acg *acg)