When engine->kref.refcount becomes zero, engine is freed. No rcu, no
other delays. This means that if we see .refcount < 1 we already have
a bug: we are reading the freed (and perhaps unmapped) memory.
Perhaps it makes sense to use BUG_ON() but "return -EINVAL" just hides
the problem and looks misleading, kill this check.
Also remove the comment, the comment above get_utrace_lock() explains
that the caller has to hold a ref on the engine.
Signed-off-by: Oleg Nesterov <o...@redhat.com>
--- xxx/kernel/utrace.c~WRONG_REFCNT_CK 2009-03-03 20:46:09.000000000 +0100
+++ xxx/kernel/utrace.c 2009-03-03 22:30:05.000000000 +0100
@@ -479,14 +479,6 @@ static struct utrace *get_utrace_lock(st
{
struct utrace *utrace;
- /*
- * You must hold a ref to be making a call. A call from within
- * a report_* callback in @target might only have the ref for
- * being attached, not a second one of its own.
- */
- if (unlikely(atomic_read(&engine->kref.refcount) < 1))
- return ERR_PTR(-EINVAL);
-
rcu_read_lock();
/*
