https://github.com/torvalds/linux
Revision aa6df8dd28c01d9a3d2cfcfe9dd0a4a334d1cd81 authored by Mike Snitzer on 29 April 2015, 14:48:09 UTC, committed by Mike Snitzer on 30 April 2015, 14:25:21 UTC
Commit 022333427a ("dm: optimize dm_mq_queue_rq to _not_ use kthread if using pure blk-mq") mistakenly removed free_rq_clone()'s clone->q check before testing clone->q->mq_ops. It was an oversight to discontinue that check for 1 of the 2 use-cases for free_rq_clone(): 1) free_rq_clone() called when an unmapped original request is requeued 2) free_rq_clone() called in the request-based IO completion path The clone->q check made sense for case #1 but not for #2. However, we cannot just reinstate the check as it'd mask a serious bug in the IO completion case #2 -- no in-flight request should have an uninitialized request_queue (basic block layer refcounting _should_ ensure this). The NULL pointer seen for case #1 is detailed here: https://www.redhat.com/archives/dm-devel/2015-April/msg00160.html Fix this free_rq_clone() NULL pointer by simply checking if the mapped_device's type is DM_TYPE_MQ_REQUEST_BASED (clone's queue is blk-mq) rather than checking clone->q->mq_ops. This avoids the need to dereference clone->q, but a WARN_ON_ONCE is added to let us know if an uninitialized clone request is being completed. Reported-by: Bart Van Assche <bart.vanassche@sandisk.com> Signed-off-by: Mike Snitzer <snitzer@redhat.com>
1 parent 3e6180f
Tip revision: aa6df8dd28c01d9a3d2cfcfe9dd0a4a334d1cd81 authored by Mike Snitzer on 29 April 2015, 14:48:09 UTC
dm: fix free_rq_clone() NULL pointer when requeueing unmapped request
dm: fix free_rq_clone() NULL pointer when requeueing unmapped request
Tip revision: aa6df8d
File | Mode | Size |
---|---|---|
Documentation | ||
arch | ||
block | ||
crypto | ||
drivers | ||
firmware | ||
fs | ||
include | ||
init | ||
ipc | ||
kernel | ||
lib | ||
mm | ||
net | ||
samples | ||
scripts | ||
security | ||
sound | ||
tools | ||
usr | ||
virt | ||
.gitignore | -rw-r--r-- | 1.2 KB |
.mailmap | -rw-r--r-- | 4.9 KB |
COPYING | -rw-r--r-- | 18.3 KB |
CREDITS | -rw-r--r-- | 94.5 KB |
Kbuild | -rw-r--r-- | 2.1 KB |
Kconfig | -rw-r--r-- | 252 bytes |
MAINTAINERS | -rw-r--r-- | 301.9 KB |
Makefile | -rw-r--r-- | 53.1 KB |
README | -rw-r--r-- | 18.2 KB |
REPORTING-BUGS | -rw-r--r-- | 7.3 KB |
Computing file changes ...