On Mon, Jul 01 2013, majianpeng wrote: > Thare's a race between elevator switching and normal io operation. > Because the allocation of struct elevator_queue and struct elevator_data > don't in a atomic operation.So there are have chance to use NULL > ->elevator_data. > For example: > Thread A: Thread B > blk_queu_bio elevator_switch > spin_lock_irq(q->queue_block) elevator_alloc > elv_merge elevator_init_fn > > Because call elevator_alloc, it can't hold queue_lock and the > ->elevator_data is NULL.So at the same time, threadA call elv_merge and > nedd some info of elevator_data.So the crash happened. > > Move the elevator_alloc into func elevator_init_fn, it make the > operations in a atomic operation. > > Using the follow method can easy reproduce this bug > 1:dd if=/dev/sdb of=/dev/null > 2:while true;do echo noop > scheduler;echo deadline > scheduler;done > > The test method also use this method.
Applied, thanks. -- Jens Axboe -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
