From 8669aafdb5a46a57366dd1540fc475544071a9c9 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 18 Mar 2006 13:50:00 -0500 Subject: [PATCH] [PATCH] fix double-free in blk_init_queue_node() Signed-off-by: Al Viro --- block/ll_rw_blk.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/block/ll_rw_blk.c b/block/ll_rw_blk.c index 0ef2971a9e82..5fac138a5be1 100644 --- a/block/ll_rw_blk.c +++ b/block/ll_rw_blk.c @@ -1854,8 +1854,10 @@ blk_init_queue_node(request_fn_proc *rfn, spinlock_t *lock, int node_id) return NULL; q->node = node_id; - if (blk_init_free_list(q)) - goto out_init; + if (blk_init_free_list(q)) { + kmem_cache_free(requestq_cachep, q); + return NULL; + } /* * if caller didn't supply a lock, they get per-queue locking with @@ -1891,9 +1893,7 @@ blk_init_queue_node(request_fn_proc *rfn, spinlock_t *lock, int node_id) return q; } - blk_cleanup_queue(q); -out_init: - kmem_cache_free(requestq_cachep, q); + blk_put_queue(q); return NULL; } EXPORT_SYMBOL(blk_init_queue_node);