| Message ID | 1445458449-22858-1-git-send-email-mrochs@linux.vnet.ibm.com (mailing list archive) |
|---|---|
| State | Accepted, archived |
| Headers | show |
On 21.10.2015 22:14, Matthew R. Ochs wrote: > Currently, scsi_host_put() is being called prematurely in the > remove path and is missing entirely in an error cleanup path. > The former can lead to memory being freed too early with > subsequent access potentially corrupting data whilst the former > would result in a memory leak. > > Move the usage on remove to be the last cleanup action taken > and introduce a call to scsi_host_put() in the one initialization > error path that does not use remove to cleanup. > > Signed-off-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> > Signed-off-by: Manoj N. Kumar <manoj@linux.vnet.ibm.com> > Reviewed-by: Brian King <brking@linux.vnet.ibm.com> Reviewed-by: Tomas Henzl <thenzl@redhat.com> Tomas -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/scsi/cxlflash/main.c b/drivers/scsi/cxlflash/main.c index c1d5c88..6b8b159 100644 --- a/drivers/scsi/cxlflash/main.c +++ b/drivers/scsi/cxlflash/main.c @@ -733,7 +733,6 @@ static void cxlflash_remove(struct pci_dev *pdev) case INIT_STATE_SCSI: cxlflash_term_local_luns(cfg); scsi_remove_host(cfg->host); - scsi_host_put(cfg->host); /* Fall through */ case INIT_STATE_AFU: term_afu(cfg); @@ -743,6 +742,7 @@ static void cxlflash_remove(struct pci_dev *pdev) case INIT_STATE_NONE: flush_work(&cfg->work_q); free_mem(cfg); + scsi_host_put(cfg->host); break; } @@ -2404,6 +2404,7 @@ static int cxlflash_probe(struct pci_dev *pdev, dev_err(&pdev->dev, "%s: call to scsi_host_alloc failed!\n", __func__); rc = -ENOMEM; + scsi_host_put(cfg->host); goto out; }