Count module references correctly: after instance_destroy() there
might be timer pending and holding a reference for this netlink instance.
Signed-off-by: Michał Mirosław <[EMAIL PROTECTED]>
--- linux-2.6.20/net/netfilter/nfnetlink_log.c.5 2007-02-11
22:24:56.000000000 +0100
+++ linux-2.6.20/net/netfilter/nfnetlink_log.c 2007-02-11 22:31:19.000000000
+0100
@@ -133,6 +133,7 @@ instance_put(struct nfulnl_instance *ins
if (inst && atomic_dec_and_test(&inst->use)) {
UDEBUG("kfree(inst=%p)\n", inst);
kfree(inst);
+ module_put(THIS_MODULE);
}
}
@@ -146,9 +147,13 @@ instance_create(u_int16_t group_num, int
UDEBUG("entering (group_num=%u, pid=%d)\n", group_num,
pid);
+ if (!try_module_get(THIS_MODULE)) {
+ UDEBUG("aborting, could not reference own module (module
unloading?)\n");
+ goto out_modunload;
+ }
+
write_lock_bh(&instances_lock);
if (__instance_lookup(group_num)) {
- inst = NULL;
UDEBUG("aborting, instance already exists\n");
goto out_unlock;
}
@@ -176,9 +181,6 @@ instance_create(u_int16_t group_num, int
inst->copy_mode = NFULNL_COPY_PACKET;
inst->copy_range = 0xffff;
- if (!try_module_get(THIS_MODULE))
- goto out_free;
-
hlist_add_head(&inst->hlist,
&instance_table[instance_hashfn(group_num)]);
@@ -189,10 +191,10 @@ instance_create(u_int16_t group_num, int
return inst;
-out_free:
- instance_put(inst);
out_unlock:
write_unlock_bh(&instances_lock);
+ module_put(THIS_MODULE);
+out_modunload:
return NULL;
}
@@ -228,8 +230,6 @@ _instance_destroy2(struct nfulnl_instanc
/* and finally put the refcount */
instance_put(inst);
-
- module_put(THIS_MODULE);
}
static inline void
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
