From: Jens Axboe <axboe@suse.de>
Date: Mon, 27 Jun 2005 12:49:39 +0000 (+0200)
Subject: [PATCH] CFQ io scheduler: scheduler switch oops
X-Git-Tag: v2.6.13-rc1~45^2~49
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=96c51ce94e8415d2dfb08358bbd50e1589111f33;p=profile%2Fivi%2Fkernel-x86-ivi.git

[PATCH] CFQ io scheduler: scheduler switch oops

If cfq is managing a queue and a new scheduler is later selected, it is
possible for the cfqd unplug_work work to be queued after the kblockd
work struct has been flushed.  The problem is the ordering of
cfq_shutdown_timer_wq() and blk_put_queue() in cfq_put_cfqd().  The
latter may rearm the work, leaving cfq_kick_queue() with dead data.

Signed-off-by: Jens Axboe <axboe@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---

diff --git a/drivers/block/cfq-iosched.c b/drivers/block/cfq-iosched.c
index 1ecb179..ff1cc96 100644
--- a/drivers/block/cfq-iosched.c
+++ b/drivers/block/cfq-iosched.c
@@ -2249,10 +2249,11 @@ static void cfq_put_cfqd(struct cfq_data *cfqd)
 	if (!atomic_dec_and_test(&cfqd->ref))
 		return;
 
-	cfq_shutdown_timer_wq(cfqd);
-
 	blk_put_queue(q);
 
+	cfq_shutdown_timer_wq(cfqd);
+	q->elevator->elevator_data = NULL;
+
 	mempool_destroy(cfqd->crq_pool);
 	kfree(cfqd->crq_hash);
 	kfree(cfqd->cfq_hash);