Re: [PATCH] ublk_drv: fix request queue leak

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/14/22 7:10 AM, Ming Lei wrote:
> On Thu, Jul 14, 2022 at 07:00:59AM -0600, Jens Axboe wrote:
>> On 7/14/22 4:32 AM, Ming Lei wrote:
>>> Call blk_cleanup_queue() in release code path for fixing request
>>> queue leak.
>>>
>>> Also for-5.20/block has cleaned up blk_cleanup_queue(), which is
>>> basically merged to del_gendisk() if blk_mq_alloc_disk() is used
>>> for allocating disk and queue.
>>>
>>> However, ublk may not add disk in case of starting device failure, then
>>> del_gendisk() won't be called when removing ublk device, so blk_mq_exit_queue
>>> will not be callsed, and it can be bit hard to deal with this kind of
>>> merge conflict.
>>>
>>> Turns out ublk's queue/disk use model is very similar with scsi, so switch
>>> to scsi's model by allocating disk and queue independently, then it can be
>>> quite easy to handle v5.20 merge conflict by replacing blk_cleanup_queue
>>> with blk_mq_destroy_queue.
>>
>> Tried this with the below incremental added to make it compile with
>> the core block changes too, and it still fails for me:
>>
>> [   22.488660] WARNING: CPU: 0 PID: 11 at block/blk-mq.c:3880 blk_mq_release+0xa4/0xf0
>> [   22.490797] Modules linked in:
>> [   22.491762] CPU: 0 PID: 11 Comm: kworker/0:1 Not tainted 5.19.0-rc6-00322-g42ed61fe42f3-dirty #1609
>> [   22.494659] Hardware name: linux,dummy-virt (DT)
>> [   22.496171] Workqueue: events blkg_free_workfn
>> [   22.497652] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
>> [   22.499965] pc : blk_mq_release+0xa4/0xf0
>> [   22.501386] lr : blk_mq_release+0x44/0xf0
>> [   22.502748] sp : ffff80000af73cb0
>> [   22.503880] x29: ffff80000af73cb0 x28: 0000000000000000 x27: 0000000000000000
>> [   22.506263] x26: 0000000000000000 x25: ffff00001fe47b05 x24: 0000000000000000
>> [   22.508655] x23: ffff0000052b6cb8 x22: ffff0000031e1c38 x21: 0000000000000000
>> [   22.511035] x20: ffff0000031e1cf0 x19: ffff0000031e1bf0 x18: 0000000000000000
>> [   22.513427] x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffa8000b80
>> [   22.515814] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000001
>> [   22.518209] x11: ffff80000945b7e8 x10: 0000000000006cb9 x9 : 00000000ffffffff
>> [   22.520600] x8 : ffff800008fb5000 x7 : ffff80000860cf28 x6 : 0000000000000000
>> [   22.522987] x5 : 0000000000000000 x4 : 0000000000000028 x3 : ffff80000af73c14
>> [   22.525363] x2 : ffff0000071ccaa8 x1 : ffff0000071ccaa8 x0 : ffff0000071cc800
>> [   22.527624] Call trace:
>> [   22.528473]  blk_mq_release+0xa4/0xf0
>> [   22.529724]  blk_release_queue+0x58/0xa0
>> [   22.530946]  kobject_put+0x84/0xe0
>> [   22.531821]  blk_put_queue+0x10/0x18
>> [   22.532716]  blkg_free_workfn+0x58/0x84
>> [   22.533681]  process_one_work+0x2ac/0x438
>> [   22.534872]  worker_thread+0x1cc/0x264
>> [   22.535829]  kthread+0xd0/0xe0
>> [   22.536598]  ret_from_fork+0x10/0x20
>>
>>
>> diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c
>> index eeeac43e1dc1..d818da818c00 100644
>> --- a/drivers/block/ublk_drv.c
>> +++ b/drivers/block/ublk_drv.c
>> @@ -1078,7 +1078,7 @@ static void ublk_cdev_rel(struct device *dev)
>>  {
>>  	struct ublk_device *ub = container_of(dev, struct ublk_device, cdev_dev);
>>  
>> -	blk_cleanup_queue(ub->ub_queue);
>> +	blk_put_queue(ub->ub_queue);
> 
> I guess you run test on for-next, and it should work by just replacing
> two blk_cleanup_queue with blk_mq_destroy_queue().

Ah yes, that does the trick. I think I'll migrate the driver to the core
branch instead to avoid these issues.

-- 
Jens Axboe




[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux