[PATCH] CFQ io scheduler: scheduler switch oops

If cfq is managing a queue and a new scheduler is later selected, it is
possible for the cfqd unplug_work work to be queued after the kblockd
work struct has been flushed.  The problem is the ordering of
cfq_shutdown_timer_wq() and blk_put_queue() in cfq_put_cfqd().  The
latter may rearm the work, leaving cfq_kick_queue() with dead data.

Signed-off-by: Jens Axboe <axboe@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/drivers/block/cfq-iosched.c b/drivers/block/cfq-iosched.c
index 1ecb179b86042e826521241a9cfc9da473c95e8c..ff1cc968f96d12a573f84dbe77fcc2cf547460c3 100644 (file)
--- a/drivers/block/cfq-iosched.c
+++ b/drivers/block/cfq-iosched.c
@@ -2249,10 +2249,11 @@ static void cfq_put_cfqd(struct cfq_data *cfqd)
        if (!atomic_dec_and_test(&cfqd->ref))
                return;
 
-       cfq_shutdown_timer_wq(cfqd);
-
        blk_put_queue(q);
 
+       cfq_shutdown_timer_wq(cfqd);
+       q->elevator->elevator_data = NULL;
+
        mempool_destroy(cfqd->crq_pool);
        kfree(cfqd->crq_hash);
        kfree(cfqd->cfq_hash);