aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHannes Reinecke <hare@suse.de>2011-09-28 10:07:01 -0400
committerJens Axboe <axboe@kernel.dk>2011-09-28 10:07:01 -0400
commit777eb1bf15b8532c396821774bf6451e563438f5 (patch)
tree8363e63bae76eb049f4c8d0460ef8e1f74f0ca91
parenta102a9ece5489e1718cd7543aa079082450ac3a2 (diff)
block: Free queue resources at blk_release_queue()
A kernel crash is observed when a mounted ext3/ext4 filesystem is physically removed. The problem is that blk_cleanup_queue() frees up some resources eg by calling elevator_exit(), which are not checked for in normal operation. So we should rather move these calls to the destructor function blk_release_queue() as at that point all remaining references are gone. However, in doing so we have to ensure that any externally supplied queue_lock is disconnected as the driver might free up the lock after the call of blk_cleanup_queue(), Signed-off-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Jens Axboe <axboe@kernel.dk>
-rw-r--r--block/blk-core.c13
-rw-r--r--block/blk-sysfs.c5
2 files changed, 11 insertions, 7 deletions
diff --git a/block/blk-core.c b/block/blk-core.c
index b2ed78afd9f0..d34433ae7917 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -348,9 +348,10 @@ void blk_put_queue(struct request_queue *q)
348EXPORT_SYMBOL(blk_put_queue); 348EXPORT_SYMBOL(blk_put_queue);
349 349
350/* 350/*
351 * Note: If a driver supplied the queue lock, it should not zap that lock 351 * Note: If a driver supplied the queue lock, it is disconnected
352 * unexpectedly as some queue cleanup components like elevator_exit() and 352 * by this function. The actual state of the lock doesn't matter
353 * blk_throtl_exit() need queue lock. 353 * here as the request_queue isn't accessible after this point
354 * (QUEUE_FLAG_DEAD is set) and no other requests will be queued.
354 */ 355 */
355void blk_cleanup_queue(struct request_queue *q) 356void blk_cleanup_queue(struct request_queue *q)
356{ 357{
@@ -367,10 +368,8 @@ void blk_cleanup_queue(struct request_queue *q)
367 queue_flag_set_unlocked(QUEUE_FLAG_DEAD, q); 368 queue_flag_set_unlocked(QUEUE_FLAG_DEAD, q);
368 mutex_unlock(&q->sysfs_lock); 369 mutex_unlock(&q->sysfs_lock);
369 370
370 if (q->elevator) 371 if (q->queue_lock != &q->__queue_lock)
371 elevator_exit(q->elevator); 372 q->queue_lock = &q->__queue_lock;
372
373 blk_throtl_exit(q);
374 373
375 blk_put_queue(q); 374 blk_put_queue(q);
376} 375}
diff --git a/block/blk-sysfs.c b/block/blk-sysfs.c
index e681805cdb47..60fda88c57f0 100644
--- a/block/blk-sysfs.c
+++ b/block/blk-sysfs.c
@@ -479,6 +479,11 @@ static void blk_release_queue(struct kobject *kobj)
479 479
480 blk_sync_queue(q); 480 blk_sync_queue(q);
481 481
482 if (q->elevator)
483 elevator_exit(q->elevator);
484
485 blk_throtl_exit(q);
486
482 if (rl->rq_pool) 487 if (rl->rq_pool)
483 mempool_destroy(rl->rq_pool); 488 mempool_destroy(rl->rq_pool);
484 489