2015-04-23 09:23:55

by Chao Yu

[permalink] [raw]
Subject: [PATCH] elevator: fix double release for elevator module

Our issue is descripted in below call path:
->elevator_init
->elevator_init_fn
->{cfq,deadline,noop}_init_queue
->elevator_alloc
->kzalloc_node
fail to call kzalloc_node and then put module in elevator_alloc;
fail to call elevator_init_fn and then put module again in elevator_init.

Remove elevator_put invoking in error path of elevator_alloc to avoid
double release issue.

Signed-off-by: Chao Yu <[email protected]>
---
block/elevator.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/block/elevator.c b/block/elevator.c
index d146a5e..8985038 100644
--- a/block/elevator.c
+++ b/block/elevator.c
@@ -157,7 +157,7 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,

eq = kzalloc_node(sizeof(*eq), GFP_KERNEL, q->node);
if (unlikely(!eq))
- goto err;
+ return NULL;

eq->type = e;
kobject_init(&eq->kobj, &elv_ktype);
@@ -165,9 +165,6 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
hash_init(eq->hash);

return eq;
-err:
- elevator_put(e);
- return NULL;
}
EXPORT_SYMBOL(elevator_alloc);

--
2.3.3


2015-04-23 14:59:25

by Jeff Moyer

[permalink] [raw]
Subject: Re: [PATCH] elevator: fix double release for elevator module

Chao Yu <[email protected]> writes:

> Our issue is descripted in below call path:
> ->elevator_init
> ->elevator_init_fn
> ->{cfq,deadline,noop}_init_queue
> ->elevator_alloc
> ->kzalloc_node
> fail to call kzalloc_node and then put module in elevator_alloc;
> fail to call elevator_init_fn and then put module again in elevator_init.
>
> Remove elevator_put invoking in error path of elevator_alloc to avoid
> double release issue.
>
> Signed-off-by: Chao Yu <[email protected]>
> ---
> block/elevator.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/block/elevator.c b/block/elevator.c
> index d146a5e..8985038 100644
> --- a/block/elevator.c
> +++ b/block/elevator.c
> @@ -157,7 +157,7 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
>
> eq = kzalloc_node(sizeof(*eq), GFP_KERNEL, q->node);
> if (unlikely(!eq))
> - goto err;
> + return NULL;
>
> eq->type = e;
> kobject_init(&eq->kobj, &elv_ktype);
> @@ -165,9 +165,6 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
> hash_init(eq->hash);
>
> return eq;
> -err:
> - elevator_put(e);
> - return NULL;
> }
> EXPORT_SYMBOL(elevator_alloc);

You could have posted the two patches together, as they are related.
Anyway, looks good to me.

Reviewed-by: Jeff Moyer <[email protected]>

2015-04-23 16:49:15

by Jens Axboe

[permalink] [raw]
Subject: Re: [PATCH] elevator: fix double release for elevator module

On 04/23/2015 08:59 AM, Jeff Moyer wrote:
> Chao Yu <[email protected]> writes:
>
>> Our issue is descripted in below call path:
>> ->elevator_init
>> ->elevator_init_fn
>> ->{cfq,deadline,noop}_init_queue
>> ->elevator_alloc
>> ->kzalloc_node
>> fail to call kzalloc_node and then put module in elevator_alloc;
>> fail to call elevator_init_fn and then put module again in elevator_init.
>>
>> Remove elevator_put invoking in error path of elevator_alloc to avoid
>> double release issue.
>>
>> Signed-off-by: Chao Yu <[email protected]>
>> ---
>> block/elevator.c | 5 +----
>> 1 file changed, 1 insertion(+), 4 deletions(-)
>>
>> diff --git a/block/elevator.c b/block/elevator.c
>> index d146a5e..8985038 100644
>> --- a/block/elevator.c
>> +++ b/block/elevator.c
>> @@ -157,7 +157,7 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
>>
>> eq = kzalloc_node(sizeof(*eq), GFP_KERNEL, q->node);
>> if (unlikely(!eq))
>> - goto err;
>> + return NULL;
>>
>> eq->type = e;
>> kobject_init(&eq->kobj, &elv_ktype);
>> @@ -165,9 +165,6 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
>> hash_init(eq->hash);
>>
>> return eq;
>> -err:
>> - elevator_put(e);
>> - return NULL;
>> }
>> EXPORT_SYMBOL(elevator_alloc);
>
> You could have posted the two patches together, as they are related.
> Anyway, looks good to me.
>
> Reviewed-by: Jeff Moyer <[email protected]>

Agree, it should be one patch. I've combined them, and applied the fix
for 4.1. Thanks.

--
Jens Axboe

2015-04-24 01:29:44

by Chao Yu

[permalink] [raw]
Subject: RE: [PATCH] elevator: fix double release for elevator module

Hi Jens and Jeff,

Thanks for your review and help! :)

Regards,

> -----Original Message-----
> From: Jens Axboe [mailto:[email protected]]
> Sent: Friday, April 24, 2015 12:49 AM
> To: Jeff Moyer; Chao Yu
> Cc: [email protected]
> Subject: Re: [PATCH] elevator: fix double release for elevator module
>
> On 04/23/2015 08:59 AM, Jeff Moyer wrote:
> > Chao Yu <[email protected]> writes:
> >
> >> Our issue is descripted in below call path:
> >> ->elevator_init
> >> ->elevator_init_fn
> >> ->{cfq,deadline,noop}_init_queue
> >> ->elevator_alloc
> >> ->kzalloc_node
> >> fail to call kzalloc_node and then put module in elevator_alloc;
> >> fail to call elevator_init_fn and then put module again in elevator_init.
> >>
> >> Remove elevator_put invoking in error path of elevator_alloc to avoid
> >> double release issue.
> >>
> >> Signed-off-by: Chao Yu <[email protected]>
> >> ---
> >> block/elevator.c | 5 +----
> >> 1 file changed, 1 insertion(+), 4 deletions(-)
> >>
> >> diff --git a/block/elevator.c b/block/elevator.c
> >> index d146a5e..8985038 100644
> >> --- a/block/elevator.c
> >> +++ b/block/elevator.c
> >> @@ -157,7 +157,7 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
> >>
> >> eq = kzalloc_node(sizeof(*eq), GFP_KERNEL, q->node);
> >> if (unlikely(!eq))
> >> - goto err;
> >> + return NULL;
> >>
> >> eq->type = e;
> >> kobject_init(&eq->kobj, &elv_ktype);
> >> @@ -165,9 +165,6 @@ struct elevator_queue *elevator_alloc(struct request_queue *q,
> >> hash_init(eq->hash);
> >>
> >> return eq;
> >> -err:
> >> - elevator_put(e);
> >> - return NULL;
> >> }
> >> EXPORT_SYMBOL(elevator_alloc);
> >
> > You could have posted the two patches together, as they are related.
> > Anyway, looks good to me.
> >
> > Reviewed-by: Jeff Moyer <[email protected]>
>
> Agree, it should be one patch. I've combined them, and applied the fix
> for 4.1. Thanks.
>
> --
> Jens Axboe