summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatias Bjorling <m@bjorling.me>2013-12-10 16:50:38 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2013-12-15 12:17:16 -0800
commit57053d8c5c59562cac156513740c10b502a40968 (patch)
tree0e71310912a1004760561540bc7e665957468ee5
parente4158f1b1090d362a7c998bd654cc3fe8f5c863c (diff)
downloadlinux-57053d8c5c59562cac156513740c10b502a40968.tar.bz2
null_blk: mem garbage on NUMA systems during init
For NUMA systems, initializing the blk-mq layer and using per node hctx. We initialize submit queues to 1, while blk-mq nr_hw_queues is initialized to the number of NUMA nodes. This makes the null_init_hctx function overwrite memory outside of what it allocated. In my case it lead to writing garbage into struct request_queue's mq_map. Signed-off-by: Matias Bjorling <m@bjorling.me> Cc: Jens Axboe <axboe@kernel.dk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--drivers/block/null_blk.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/drivers/block/null_blk.c b/drivers/block/null_blk.c
index ea192ec029c4..f370fc13aea5 100644
--- a/drivers/block/null_blk.c
+++ b/drivers/block/null_blk.c
@@ -495,23 +495,23 @@ static int null_add_dev(void)
spin_lock_init(&nullb->lock);
+ if (queue_mode == NULL_Q_MQ && use_per_node_hctx)
+ submit_queues = nr_online_nodes;
+
if (setup_queues(nullb))
goto err;
if (queue_mode == NULL_Q_MQ) {
null_mq_reg.numa_node = home_node;
null_mq_reg.queue_depth = hw_queue_depth;
+ null_mq_reg.nr_hw_queues = submit_queues;
if (use_per_node_hctx) {
null_mq_reg.ops->alloc_hctx = null_alloc_hctx;
null_mq_reg.ops->free_hctx = null_free_hctx;
-
- null_mq_reg.nr_hw_queues = nr_online_nodes;
} else {
null_mq_reg.ops->alloc_hctx = blk_mq_alloc_single_hw_queue;
null_mq_reg.ops->free_hctx = blk_mq_free_single_hw_queue;
-
- null_mq_reg.nr_hw_queues = submit_queues;
}
nullb->q = blk_mq_init_queue(&null_mq_reg, nullb);