Hi Mike,
On 05/26/2010 01:34 AM +0900, Mike Snitzer wrote:
> Mike Snitzer <snitzer@xxxxxxxxxx> wrote:
>> Kiyoshi Ueda <k-ueda@xxxxxxxxxxxxx> wrote:
>>>> +/*
>>>> + * Fully initialize a request-based queue (->elevator, ->request_fn, etc).
>>>> + */
>>>> +static int dm_init_request_based_queue(struct mapped_device *md)
>>>> +{
>>>> + struct request_queue *q = NULL;
>>>> +
>>>> + /* Avoid re-initializing the queue if already fully initialized */
>>>> + if (!md->queue->elevator) {
>>>> + /* Fully initialize the queue */
>>>> + q = blk_init_allocated_queue(md->queue, dm_request_fn, NULL);
>>>> + if (!q)
>>>> + return 0;
>>>
>>> When blk_init_allocated_queue() fails, the block-layer seems not to
>>> guarantee that the queue is still available.
>>
>> Ouch, yes this portion of blk_init_allocated_queue_node() is certainly
>> problematic:
>>
>> if (blk_init_free_list(q)) {
>> kmem_cache_free(blk_requestq_cachep, q);
>> return NULL;
>> }
Not only that. The blk_put_queue() in blk_init_allocated_queue_node()
will also free the queue:
if (!elevator_init(q, NULL)) {
blk_queue_congestion_threshold(q);
return q;
}
blk_put_queue(q);
return NULL;
Thanks,
Kiyoshi Ueda
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
