On 2024/04/22 16:23, Christoph Hellwig wrote: > On Sat, Apr 20, 2024 at 04:58:10PM +0900, Damien Le Moal wrote: >> Avoid this by calling flush_work() from disk_free_zone_wplug_rcu(). > > Calling flush_work from a rcu callback is just asking for nasty > deadlocks. > > What prevents you from just holding an extra zwplug reference while > blk_zone_wplug_bio_work is running? Problem is that this extra reference needs to be released in blk_zone_wplug_bio_work(), before that function returns, and that is still the work thread context using zwplug->bio_work. So we always have a small window between the ref drop and the zone BIO work thread completing (context switch). If we get a BIO completion in that window and free the plug, then the BIO work struct may go away while the work thread is still referencing it. Given that freeing of plugs will happen only after the RCU grace periods elapses, I think this is all very unlikely to happen, but at the same time, I do not see any guarantee that this cannot happen... -- Damien Le Moal Western Digital Research
