block: prevent possible io_context->refcount overflow

[pandora-kernel.git] / block / cfq-iosched.c

diff --git a/block/cfq-iosched.c b/block/cfq-iosched.c
index 0d3b70d..ef2f72d 100644 (file)
--- a/block/cfq-iosched.c
+++ b/block/cfq-iosched.c
@@ -154,6 +154,8 @@ struct cfq_queue {
        unsigned long rb_key;
        /* prio tree member */
        struct rb_node p_node;
+       /* prio tree root we belong to, if any */
+       struct rb_root *p_root;
        /* sorted list of pending requests */
        struct rb_root sort_list;
        /* if fifo isn't expired, next request to serve */
@@ -347,8 +349,8 @@ cfq_choose_req(struct cfq_data *cfqd, struct request *rq1, struct request *rq2)
        else if (rq_is_meta(rq2) && !rq_is_meta(rq1))
                return rq2;
 
-       s1 = rq1->sector;
-       s2 = rq2->sector;
+       s1 = blk_rq_pos(rq1);
+       s2 = blk_rq_pos(rq2);
 
        last = cfqd->last_position;
 
@@ -558,10 +560,10 @@ static void cfq_service_tree_add(struct cfq_data *cfqd, struct cfq_queue *cfqq,
 }
 
 static struct cfq_queue *
-cfq_prio_tree_lookup(struct cfq_data *cfqd, int ioprio, sector_t sector,
-                    struct rb_node **ret_parent, struct rb_node ***rb_link)
+cfq_prio_tree_lookup(struct cfq_data *cfqd, struct rb_root *root,
+                    sector_t sector, struct rb_node **ret_parent,
+                    struct rb_node ***rb_link)
 {
-       struct rb_root *root = &cfqd->prio_trees[ioprio];
        struct rb_node **p, *parent;
        struct cfq_queue *cfqq = NULL;
 
@@ -577,41 +579,45 @@ cfq_prio_tree_lookup(struct cfq_data *cfqd, int ioprio, sector_t sector,
                 * Sort strictly based on sector.  Smallest to the left,
                 * largest to the right.
                 */
-               if (sector > cfqq->next_rq->sector)
+               if (sector > blk_rq_pos(cfqq->next_rq))
                        n = &(*p)->rb_right;
-               else if (sector < cfqq->next_rq->sector)
+               else if (sector < blk_rq_pos(cfqq->next_rq))
                        n = &(*p)->rb_left;
                else
                        break;
                p = n;
+               cfqq = NULL;
        }
 
        *ret_parent = parent;
        if (rb_link)
                *rb_link = p;
-       return NULL;
+       return cfqq;
 }
 
 static void cfq_prio_tree_add(struct cfq_data *cfqd, struct cfq_queue *cfqq)
 {
-       struct rb_root *root = &cfqd->prio_trees[cfqq->ioprio];
        struct rb_node **p, *parent;
        struct cfq_queue *__cfqq;
 
-       if (!RB_EMPTY_NODE(&cfqq->p_node))
-               rb_erase_init(&cfqq->p_node, root);
+       if (cfqq->p_root) {
+               rb_erase(&cfqq->p_node, cfqq->p_root);
+               cfqq->p_root = NULL;
+       }
 
        if (cfq_class_idle(cfqq))
                return;
        if (!cfqq->next_rq)
                return;
 
-       __cfqq = cfq_prio_tree_lookup(cfqd, cfqq->ioprio, cfqq->next_rq->sector,
-                                        &parent, &p);
-       BUG_ON(__cfqq);
-
-       rb_link_node(&cfqq->p_node, parent, p);
-       rb_insert_color(&cfqq->p_node, root);
+       cfqq->p_root = &cfqd->prio_trees[cfqq->org_ioprio];
+       __cfqq = cfq_prio_tree_lookup(cfqd, cfqq->p_root,
+                                     blk_rq_pos(cfqq->next_rq), &parent, &p);
+       if (!__cfqq) {
+               rb_link_node(&cfqq->p_node, parent, p);
+               rb_insert_color(&cfqq->p_node, cfqq->p_root);
+       } else
+               cfqq->p_root = NULL;
 }
 
 /*
@@ -656,8 +662,10 @@ static void cfq_del_cfqq_rr(struct cfq_data *cfqd, struct cfq_queue *cfqq)
 
        if (!RB_EMPTY_NODE(&cfqq->rb_node))
                cfq_rb_erase(&cfqq->rb_node, &cfqd->service_tree);
-       if (!RB_EMPTY_NODE(&cfqq->p_node))
-               rb_erase_init(&cfqq->p_node, &cfqd->prio_trees[cfqq->ioprio]);
+       if (cfqq->p_root) {
+               rb_erase(&cfqq->p_node, cfqq->p_root);
+               cfqq->p_root = NULL;
+       }
 
        BUG_ON(!cfqd->busy_queues);
        cfqd->busy_queues--;
@@ -752,7 +760,7 @@ static void cfq_activate_request(struct request_queue *q, struct request *rq)
        cfq_log_cfqq(cfqd, RQ_CFQQ(rq), "activate rq, drv=%d",
                                                cfqd->rq_in_driver);
 
-       cfqd->last_position = rq->hard_sector + rq->hard_nr_sectors;
+       cfqd->last_position = blk_rq_pos(rq) + blk_rq_sectors(rq);
 }
 
 static void cfq_deactivate_request(struct request_queue *q, struct request *rq)
@@ -941,26 +949,30 @@ static struct cfq_queue *cfq_set_active_queue(struct cfq_data *cfqd,
 static inline sector_t cfq_dist_from_last(struct cfq_data *cfqd,
                                          struct request *rq)
 {
-       if (rq->sector >= cfqd->last_position)
-               return rq->sector - cfqd->last_position;
+       if (blk_rq_pos(rq) >= cfqd->last_position)
+               return blk_rq_pos(rq) - cfqd->last_position;
        else
-               return cfqd->last_position - rq->sector;
+               return cfqd->last_position - blk_rq_pos(rq);
 }
 
+#define CIC_SEEK_THR   8 * 1024
+#define CIC_SEEKY(cic) ((cic)->seek_mean > CIC_SEEK_THR)
+
 static inline int cfq_rq_close(struct cfq_data *cfqd, struct request *rq)
 {
        struct cfq_io_context *cic = cfqd->active_cic;
+       sector_t sdist = cic->seek_mean;
 
        if (!sample_valid(cic->seek_samples))
-               return 0;
+               sdist = CIC_SEEK_THR;
 
-       return cfq_dist_from_last(cfqd, rq) <= cic->seek_mean;
+       return cfq_dist_from_last(cfqd, rq) <= sdist;
 }
 
 static struct cfq_queue *cfqq_close(struct cfq_data *cfqd,
                                    struct cfq_queue *cur_cfqq)
 {
-       struct rb_root *root = &cfqd->prio_trees[cur_cfqq->ioprio];
+       struct rb_root *root = &cfqd->prio_trees[cur_cfqq->org_ioprio];
        struct rb_node *parent, *node;
        struct cfq_queue *__cfqq;
        sector_t sector = cfqd->last_position;
@@ -972,8 +984,7 @@ static struct cfq_queue *cfqq_close(struct cfq_data *cfqd,
         * First, if we find a request starting at the end of the last
         * request, choose it.
         */
-       __cfqq = cfq_prio_tree_lookup(cfqd, cur_cfqq->ioprio,
-                                     sector, &parent, NULL);
+       __cfqq = cfq_prio_tree_lookup(cfqd, root, sector, &parent, NULL);
        if (__cfqq)
                return __cfqq;
 
@@ -985,7 +996,7 @@ static struct cfq_queue *cfqq_close(struct cfq_data *cfqd,
        if (cfq_rq_close(cfqd, __cfqq->next_rq))
                return __cfqq;
 
-       if (__cfqq->next_rq->sector < sector)
+       if (blk_rq_pos(__cfqq->next_rq) < sector)
                node = rb_next(&__cfqq->p_node);
        else
                node = rb_prev(&__cfqq->p_node);
@@ -1039,9 +1050,6 @@ static struct cfq_queue *cfq_close_cooperator(struct cfq_data *cfqd,
        return cfqq;
 }
 
-
-#define CIC_SEEKY(cic) ((cic)->seek_mean > (8 * 1024))
-
 static void cfq_arm_slice_timer(struct cfq_data *cfqd)
 {
        struct cfq_queue *cfqq = cfqd->active_queue;
@@ -1274,7 +1282,7 @@ static void cfq_dispatch_request(struct cfq_data *cfqd, struct cfq_queue *cfqq)
        if (!cfqd->active_cic) {
                struct cfq_io_context *cic = RQ_CIC(rq);
 
-               atomic_inc(&cic->ioc->refcount);
+               atomic_long_inc(&cic->ioc->refcount);
                cfqd->active_cic = cic;
        }
 }
@@ -1908,10 +1916,12 @@ cfq_update_io_seektime(struct cfq_data *cfqd, struct cfq_io_context *cic,
        sector_t sdist;
        u64 total;
 
-       if (cic->last_request_pos < rq->sector)
-               sdist = rq->sector - cic->last_request_pos;
+       if (!cic->last_request_pos)
+               sdist = 0;
+       else if (cic->last_request_pos < blk_rq_pos(rq))
+               sdist = blk_rq_pos(rq) - cic->last_request_pos;
        else
-               sdist = cic->last_request_pos - rq->sector;
+               sdist = cic->last_request_pos - blk_rq_pos(rq);
 
        /*
         * Don't allow the seek distance to get too large from the
@@ -2061,7 +2071,7 @@ cfq_rq_enqueued(struct cfq_data *cfqd, struct cfq_queue *cfqq,
        cfq_update_io_seektime(cfqd, cic, rq);
        cfq_update_idle_window(cfqd, cfqq, cic);
 
-       cic->last_request_pos = rq->sector + rq->nr_sectors;
+       cic->last_request_pos = blk_rq_pos(rq) + blk_rq_sectors(rq);
 
        if (cfqq == cfqd->active_queue) {
                /*
@@ -2078,7 +2088,7 @@ cfq_rq_enqueued(struct cfq_data *cfqd, struct cfq_queue *cfqq,
                        if (blk_rq_bytes(rq) > PAGE_CACHE_SIZE ||
                            cfqd->busy_queues > 1) {
                                del_timer(&cfqd->idle_slice_timer);
-                               blk_start_queueing(cfqd->queue);
+                       __blk_run_queue(cfqd->queue);
                        }
                        cfq_mark_cfqq_must_dispatch(cfqq);
                }
@@ -2090,7 +2100,7 @@ cfq_rq_enqueued(struct cfq_data *cfqd, struct cfq_queue *cfqq,
                 * this new queue is RT and the current one is BE
                 */
                cfq_preempt_queue(cfqd, cfqq);
-               blk_start_queueing(cfqd->queue);
+               __blk_run_queue(cfqd->queue);
        }
 }
 
@@ -2335,7 +2345,7 @@ static void cfq_kick_queue(struct work_struct *work)
        struct request_queue *q = cfqd->queue;
 
        spin_lock_irq(q->queue_lock);
-       blk_start_queueing(q);
+       __blk_run_queue(cfqd->queue);
        spin_unlock_irq(q->queue_lock);
 }
 
@@ -2443,12 +2453,22 @@ static void cfq_exit_queue(struct elevator_queue *e)
 static void *cfq_init_queue(struct request_queue *q)
 {
        struct cfq_data *cfqd;
+       int i;
 
        cfqd = kmalloc_node(sizeof(*cfqd), GFP_KERNEL | __GFP_ZERO, q->node);
        if (!cfqd)
                return NULL;
 
        cfqd->service_tree = CFQ_RB_ROOT;
+
+       /*
+        * Not strictly needed (since RB_ROOT just clears the node and we
+        * zeroed cfqd on alloc), but better be safe in case someone decides
+        * to add magic to the rb code
+        */
+       for (i = 0; i < CFQ_PRIO_LISTS; i++)
+               cfqd->prio_trees[i] = RB_ROOT;
+
        INIT_LIST_HEAD(&cfqd->cic_list);
 
        cfqd->queue = q;