On Fri, Feb 18 2005, Philip R Auld wrote: > Hi, > I think there are some potential issues with the reference > counting of bios as used in 2.6.10. The __make_request function > which is the default block device routine accesses the bio structure > after issuing the call to add_request. This means that the bio could > have completed before __make_request uses it. > > The submit_bh path takes an extra reference with an explicit > bio_get/put pair around the submit_bio, but many other users of > submit_bio do not. Given that most of the end_io routines remove a > reference and hence could free the bio this can lead at the least to > __make_request mis-reading the sync flag. In more extreme cases it can > cause an oops when run with CONFIG_DEBUG_PAGEALLOC. > > The question is what is the preferred fix? I think it may be to simply > have submit_bio take its own reference (and remove the extra one from > submit_bh). > > Alternatively __make_request could be adjusted so that it does not > access the bio after calling add_request. All it is doing is checking > the bi_rw field for the sync bit. > > Or make all users of submit_bio take and release and extra reference > like submit_bh.
The queue lock is still held at that point, so the driver hasn't had a chance to process the request yet. -- Jens Axboe - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
