On Wed, Apr 03, 2019 at 08:21:11AM -0700, Bart Van Assche wrote: > On Wed, 2019-04-03 at 18:26 +0800, Ming Lei wrote: > > However, if request is staggered into plug list, and finally queued > > from plug code path, the refcount in submission side is actually missed. > > And we may start to run queue after queue is removed, then kernel oops > > is triggered. > > I don't think that this patch is necessary. blk_mq_get_request() increases > q_usage_counter. In other words, as long as at least one request has been > allocated that has not finished it is guaranteed that q_usage_counter > 0. > So there is no need for additional protection in blk_mq_flush_plug_list(). blk_mq_flush_plug_list(): blk_mq_sched_insert_requests() insert requests to sw queue or scheduler queue blk_mq_run_hw_queue Because of concurrent run queue, all requests inserted above may be completed before calling the above blk_mq_run_hw_queue. Then queue can be freed during the above blk_mq_run_hw_queue(). Thanks, Ming
