From: Dave Jones Date: Thu, 20 Mar 2014 21:03:58 +0000 (-0600) Subject: block: free q->flush_rq in blk_init_allocated_queue error paths X-Git-Tag: firefly_0821_release~176^2~4266 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=708f04d2abf4e90abee61d9ffb1f165038017ecf;p=firefly-linux-kernel-4.4.55.git block: free q->flush_rq in blk_init_allocated_queue error paths Commit 7982e90c3a57 ("block: fix q->flush_rq NULL pointer crash on dm-mpath flush") moved an allocation to blk_init_allocated_queue(), but neglected to free that allocation on the error paths that follow. Signed-off-by: Dave Jones Acked-by: Mike Snitzer Signed-off-by: Jens Axboe Signed-off-by: Linus Torvalds --- diff --git a/block/blk-core.c b/block/blk-core.c index 4cd5ffc18442..bfe16d5af9f9 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -713,7 +713,7 @@ blk_init_allocated_queue(struct request_queue *q, request_fn_proc *rfn, return NULL; if (blk_init_rl(&q->root_rl, q, GFP_KERNEL)) - return NULL; + goto fail; q->request_fn = rfn; q->prep_rq_fn = NULL; @@ -737,12 +737,16 @@ blk_init_allocated_queue(struct request_queue *q, request_fn_proc *rfn, /* init elevator */ if (elevator_init(q, NULL)) { mutex_unlock(&q->sysfs_lock); - return NULL; + goto fail; } mutex_unlock(&q->sysfs_lock); return q; + +fail: + kfree(q->flush_rq); + return NULL; } EXPORT_SYMBOL(blk_init_allocated_queue);