From: Seth Jennings Date: Tue, 20 Aug 2013 17:13:02 +0000 (-0500) Subject: drivers: base: remove improper get/put in add_memory_section() X-Git-Tag: Ubuntu-5.2.0-15.16~15046^2~56 X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=37171e3cb7a2f6fc594b524c940beb1ce85cc935;p=mirror_ubuntu-eoan-kernel.git drivers: base: remove improper get/put in add_memory_section() The path through add_memory_section() when the memory block already exists uses flawed refcounting logic. A get_device() is done on a memory block using a pointer that might not be valid as we dropped our previous reference and didn't obtain a new reference in the proper way. Lets stop pretending and just remove the get/put. The mem_sysfs_mutex, which we hold over the entire init loop now, will prevent the memory blocks from disappearing from under us. Signed-off-by: Seth Jennings Signed-off-by: Greg Kroah-Hartman --- diff --git a/drivers/base/memory.c b/drivers/base/memory.c index a9e9c0902cce..9438d541b5c3 100644 --- a/drivers/base/memory.c +++ b/drivers/base/memory.c @@ -613,14 +613,12 @@ static int add_memory_section(struct mem_section *section, if (scn_nr >= (*mem_p)->start_section_nr && scn_nr <= (*mem_p)->end_section_nr) { mem = *mem_p; - get_device(&mem->dev); } } - if (mem) { + if (mem) mem->section_count++; - put_device(&mem->dev); - } else { + else { ret = init_memory_block(&mem, section, MEM_ONLINE); /* store memory_block pointer for next loop */ if (!ret && mem_p)