On 7/14/22 7:10 AM, Ming Lei wrote: > On Thu, Jul 14, 2022 at 07:00:59AM -0600, Jens Axboe wrote: >> On 7/14/22 4:32 AM, Ming Lei wrote: >>> Call blk_cleanup_queue() in release code path for fixing request >>> queue leak. >>> >>> Also for-5.20/block has cleaned up blk_cleanup_queue(), which is >>> basically merged to del_gendisk() if blk_mq_alloc_disk() is used >>> for allocating disk and queue. >>> >>> However, ublk may not add disk in case of starting device failure, then >>> del_gendisk() won't be called when removing ublk device, so blk_mq_exit_queue >>> will not be callsed, and it can be bit hard to deal with this kind of >>> merge conflict. >>> >>> Turns out ublk's queue/disk use model is very similar with scsi, so switch >>> to scsi's model by allocating disk and queue independently, then it can be >>> quite easy to handle v5.20 merge conflict by replacing blk_cleanup_queue >>> with blk_mq_destroy_queue. >> >> Tried this with the below incremental added to make it compile with >> the core block changes too, and it still fails for me: >> >> [ 22.488660] WARNING: CPU: 0 PID: 11 at block/blk-mq.c:3880 blk_mq_release+0xa4/0xf0 >> [ 22.490797] Modules linked in: >> [ 22.491762] CPU: 0 PID: 11 Comm: kworker/0:1 Not tainted 5.19.0-rc6-00322-g42ed61fe42f3-dirty #1609 >> [ 22.494659] Hardware name: linux,dummy-virt (DT) >> [ 22.496171] Workqueue: events blkg_free_workfn >> [ 22.497652] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) >> [ 22.499965] pc : blk_mq_release+0xa4/0xf0 >> [ 22.501386] lr : blk_mq_release+0x44/0xf0 >> [ 22.502748] sp : ffff80000af73cb0 >> [ 22.503880] x29: ffff80000af73cb0 x28: 0000000000000000 x27: 0000000000000000 >> [ 22.506263] x26: 0000000000000000 x25: ffff00001fe47b05 x24: 0000000000000000 >> [ 22.508655] x23: ffff0000052b6cb8 x22: ffff0000031e1c38 x21: 0000000000000000 >> [ 22.511035] x20: ffff0000031e1cf0 x19: ffff0000031e1bf0 x18: 0000000000000000 >> [ 22.513427] x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffa8000b80 >> [ 22.515814] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000001 >> [ 22.518209] x11: ffff80000945b7e8 x10: 0000000000006cb9 x9 : 00000000ffffffff >> [ 22.520600] x8 : ffff800008fb5000 x7 : ffff80000860cf28 x6 : 0000000000000000 >> [ 22.522987] x5 : 0000000000000000 x4 : 0000000000000028 x3 : ffff80000af73c14 >> [ 22.525363] x2 : ffff0000071ccaa8 x1 : ffff0000071ccaa8 x0 : ffff0000071cc800 >> [ 22.527624] Call trace: >> [ 22.528473] blk_mq_release+0xa4/0xf0 >> [ 22.529724] blk_release_queue+0x58/0xa0 >> [ 22.530946] kobject_put+0x84/0xe0 >> [ 22.531821] blk_put_queue+0x10/0x18 >> [ 22.532716] blkg_free_workfn+0x58/0x84 >> [ 22.533681] process_one_work+0x2ac/0x438 >> [ 22.534872] worker_thread+0x1cc/0x264 >> [ 22.535829] kthread+0xd0/0xe0 >> [ 22.536598] ret_from_fork+0x10/0x20 >> >> >> diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c >> index eeeac43e1dc1..d818da818c00 100644 >> --- a/drivers/block/ublk_drv.c >> +++ b/drivers/block/ublk_drv.c >> @@ -1078,7 +1078,7 @@ static void ublk_cdev_rel(struct device *dev) >> { >> struct ublk_device *ub = container_of(dev, struct ublk_device, cdev_dev); >> >> - blk_cleanup_queue(ub->ub_queue); >> + blk_put_queue(ub->ub_queue); > > I guess you run test on for-next, and it should work by just replacing > two blk_cleanup_queue with blk_mq_destroy_queue(). Ah yes, that does the trick. I think I'll migrate the driver to the core branch instead to avoid these issues. -- Jens Axboe