* [PATCH] blk-mq: clear q->mq_ops if init fail
@ 2016-05-26 6:23 Ming Lin
2016-05-26 7:09 ` Christoph Hellwig
2016-05-26 14:53 ` Jens Axboe
0 siblings, 2 replies; 3+ messages in thread
From: Ming Lin @ 2016-05-26 6:23 UTC (permalink / raw)
To: linux-kernel, linux-block; +Cc: Jens Axboe, Christoph Hellwig
From: Ming Lin <ming.l@samsung.com>
blk_mq_init_queue() calls blk_mq_init_allocated_queue(), but q->mq_ops
was not cleared when blk_mq_init_allocated_queue() fails.
Then blk_cleanup_queue() calls blk_mq_free_queue() which will crash because:
- q->all_q_node is not added to all_q_list yet
- q->tag_set is NULL
- hctx was not setup yet or already freed
Fixed it by clearing q->mq_ops on error path.
Signed-off-by: Ming Lin <ming.l@samsung.com>
---
block/blk-mq.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/block/blk-mq.c b/block/blk-mq.c
index 67bf8ed..86f08b1 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -2054,7 +2054,7 @@ struct request_queue *blk_mq_init_allocated_queue(struct blk_mq_tag_set *set,
q->queue_ctx = alloc_percpu(struct blk_mq_ctx);
if (!q->queue_ctx)
- return ERR_PTR(-ENOMEM);
+ goto err_exit;
q->queue_hw_ctx = kzalloc_node(nr_cpu_ids * sizeof(*(q->queue_hw_ctx)),
GFP_KERNEL, set->numa_node);
@@ -2118,6 +2118,8 @@ err_map:
kfree(q->queue_hw_ctx);
err_percpu:
free_percpu(q->queue_ctx);
+err_exit:
+ q->mq_ops = NULL;
return ERR_PTR(-ENOMEM);
}
EXPORT_SYMBOL(blk_mq_init_allocated_queue);
--
1.9.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] blk-mq: clear q->mq_ops if init fail
2016-05-26 6:23 [PATCH] blk-mq: clear q->mq_ops if init fail Ming Lin
@ 2016-05-26 7:09 ` Christoph Hellwig
2016-05-26 14:53 ` Jens Axboe
1 sibling, 0 replies; 3+ messages in thread
From: Christoph Hellwig @ 2016-05-26 7:09 UTC (permalink / raw)
To: Ming Lin; +Cc: linux-kernel, linux-block, Jens Axboe, Christoph Hellwig
On Wed, May 25, 2016 at 11:23:27PM -0700, Ming Lin wrote:
> From: Ming Lin <ming.l@samsung.com>
>
> blk_mq_init_queue() calls blk_mq_init_allocated_queue(), but q->mq_ops
> was not cleared when blk_mq_init_allocated_queue() fails.
> Then blk_cleanup_queue() calls blk_mq_free_queue() which will crash because:
> - q->all_q_node is not added to all_q_list yet
> - q->tag_set is NULL
> - hctx was not setup yet or already freed
>
> Fixed it by clearing q->mq_ops on error path.
Looks fine,
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] blk-mq: clear q->mq_ops if init fail
2016-05-26 6:23 [PATCH] blk-mq: clear q->mq_ops if init fail Ming Lin
2016-05-26 7:09 ` Christoph Hellwig
@ 2016-05-26 14:53 ` Jens Axboe
1 sibling, 0 replies; 3+ messages in thread
From: Jens Axboe @ 2016-05-26 14:53 UTC (permalink / raw)
To: Ming Lin, linux-kernel, linux-block; +Cc: Jens Axboe, Christoph Hellwig
On 05/26/2016 12:23 AM, Ming Lin wrote:
> From: Ming Lin <ming.l@samsung.com>
>
> blk_mq_init_queue() calls blk_mq_init_allocated_queue(), but q->mq_ops
> was not cleared when blk_mq_init_allocated_queue() fails.
> Then blk_cleanup_queue() calls blk_mq_free_queue() which will crash because:
> - q->all_q_node is not added to all_q_list yet
> - q->tag_set is NULL
> - hctx was not setup yet or already freed
>
> Fixed it by clearing q->mq_ops on error path.
Thanks Ming, applied for this series.
--
Jens Axboe
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-05-26 14:53 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-05-26 6:23 [PATCH] blk-mq: clear q->mq_ops if init fail Ming Lin
2016-05-26 7:09 ` Christoph Hellwig
2016-05-26 14:53 ` Jens Axboe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).