src/patches/suse-2.6.27.25/patches.suse/cfq-ioc-race

   1 From: Nikanth Karthikesan <knikanth@suse.de>
   2 Subject: [PATCH] Exiting queue and task might race to free cic
   3 References: bnc#444346
   4 Patch-Mainline: No. being discussed.
   5 Signed-off-by: Nikanth Karthikesan <knaikanth@suse.de>
   6
   7 When a queue exits the queue lock is taken and cfq_exit_queue() would
   8 free all the cic's associated with the queue. But when a task exits,
   9 cfq_exit_io_context() gets cic one by one and then locks the associated
  10 queue to call __cfq_exit_single_io_context. In the window between
  11 getting a cic from the ioc and locking the queue, the queue might have
  12 exited on another cpu.
  13
  14 Index: b/block/cfq-iosched.c
  15 ===================================================================
  16 --- a/block/cfq-iosched.c
  17 +++ b/block/cfq-iosched.c
  18 @@ -1310,7 +1310,15 @@ static void cfq_exit_single_io_context(s
  19                 unsigned long flags;
  20
  21                 spin_lock_irqsave(q->queue_lock, flags);
  22 -               __cfq_exit_single_io_context(cfqd, cic);
  23 +
  24 +               /*
  25 +                * Ensure we get a fresh copy of the ->key to prevent
  26 +                * race between exiting task and queue
  27 +                */
  28 +               smp_read_barrier_depends();
  29 +               if (likely(cic->key))
  30 +                       __cfq_exit_single_io_context(cfqd, cic);
  31 +
  32                 spin_unlock_irqrestore(q->queue_lock, flags);
  33         }
  34  }