[PATCH] fix double-free in blk_init_queue_node()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

[PATCH] fix double-free in blk_init_queue_node()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
8669aafd · Al Viro · afc847b7 · 8669aafd
Commit 8669aafd authored Mar 18, 2006 by Al Viro
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 5 deletions

block/ll_rw_blk.c block/ll_rw_blk.c +5 -5

No files found.
--- a/block/ll_rw_blk.c
+++ b/block/ll_rw_blk.c
@@ -1854,8 +1854,10 @@ blk_init_queue_node(request_fn_proc *rfn, spinlock_t *lock, int node_id)
 		return NULL;

 	q->node = node_id;
-	if (blk_init_free_list(q))
-		goto out_init;
+	if (blk_init_free_list(q)) {
+		kmem_cache_free(requestq_cachep, q);
+		return NULL;
+	}

 	/*
 	 * if caller didn't supply a lock, they get per-queue locking with
@@ -1891,9 +1893,7 @@ blk_init_queue_node(request_fn_proc *rfn, spinlock_t *lock, int node_id)
 		return q;
 	}

-	blk_cleanup_queue(q);
-out_init:
-	kmem_cache_free(requestq_cachep, q);
+	blk_put_queue(q);
 	return NULL;
 }
 EXPORT_SYMBOL(blk_init_queue_node);