diff options
author | Vivek Goyal <vgoyal@redhat.com> | 2009-12-07 13:37:15 -0500 |
---|---|---|
committer | Jens Axboe <axboe@carl.(none)> | 2009-12-07 13:37:15 -0500 |
commit | 878eaddd05d251cefa9632c2b8046833c5eead66 (patch) | |
tree | a5bf9b6c1856969ff7a7cd0d676ea2b419072103 | |
parent | accee7854b378a8ab5995d8f5dc5d8abc3b3d23a (diff) |
cfq-iosched: Do not access cfqq after freeing it
Fix a crash during boot reported by Jeff Moyer. Fix the issue of accessing
cfqq after freeing it.
Reported-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Jens Axboe <axboe@carl.(none)>
-rw-r--r-- | block/cfq-iosched.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/block/cfq-iosched.c b/block/cfq-iosched.c index 3815f9789b6a..cfb0b2f5f63d 100644 --- a/block/cfq-iosched.c +++ b/block/cfq-iosched.c | |||
@@ -2368,7 +2368,7 @@ static int cfq_dispatch_requests(struct request_queue *q, int force) | |||
2368 | static void cfq_put_queue(struct cfq_queue *cfqq) | 2368 | static void cfq_put_queue(struct cfq_queue *cfqq) |
2369 | { | 2369 | { |
2370 | struct cfq_data *cfqd = cfqq->cfqd; | 2370 | struct cfq_data *cfqd = cfqq->cfqd; |
2371 | struct cfq_group *cfqg; | 2371 | struct cfq_group *cfqg, *orig_cfqg; |
2372 | 2372 | ||
2373 | BUG_ON(atomic_read(&cfqq->ref) <= 0); | 2373 | BUG_ON(atomic_read(&cfqq->ref) <= 0); |
2374 | 2374 | ||
@@ -2379,6 +2379,7 @@ static void cfq_put_queue(struct cfq_queue *cfqq) | |||
2379 | BUG_ON(rb_first(&cfqq->sort_list)); | 2379 | BUG_ON(rb_first(&cfqq->sort_list)); |
2380 | BUG_ON(cfqq->allocated[READ] + cfqq->allocated[WRITE]); | 2380 | BUG_ON(cfqq->allocated[READ] + cfqq->allocated[WRITE]); |
2381 | cfqg = cfqq->cfqg; | 2381 | cfqg = cfqq->cfqg; |
2382 | orig_cfqg = cfqq->orig_cfqg; | ||
2382 | 2383 | ||
2383 | if (unlikely(cfqd->active_queue == cfqq)) { | 2384 | if (unlikely(cfqd->active_queue == cfqq)) { |
2384 | __cfq_slice_expired(cfqd, cfqq, 0); | 2385 | __cfq_slice_expired(cfqd, cfqq, 0); |
@@ -2388,8 +2389,8 @@ static void cfq_put_queue(struct cfq_queue *cfqq) | |||
2388 | BUG_ON(cfq_cfqq_on_rr(cfqq)); | 2389 | BUG_ON(cfq_cfqq_on_rr(cfqq)); |
2389 | kmem_cache_free(cfq_pool, cfqq); | 2390 | kmem_cache_free(cfq_pool, cfqq); |
2390 | cfq_put_cfqg(cfqg); | 2391 | cfq_put_cfqg(cfqg); |
2391 | if (cfqq->orig_cfqg) | 2392 | if (orig_cfqg) |
2392 | cfq_put_cfqg(cfqq->orig_cfqg); | 2393 | cfq_put_cfqg(orig_cfqg); |
2393 | } | 2394 | } |
2394 | 2395 | ||
2395 | /* | 2396 | /* |