On Wed, Sep 15, 2021 at 05:25:47PM +0800, Ming Lei wrote:
> gendisk instance has to be released after request queue is cleaned up
> because bdi is referred from gendisk since commit edb0872f44ec ("block:
> move the bdi from the request_queue to the gendisk").
>
> For sd and sr, gendisk can be removed in the release handler(sd_remove/
> sr_remove) of sdev->sdev_gendev, which is triggered in device_del(sdev->sdev_gendev)
> in __scsi_remove_device(), when the request queue isn't cleaned up yet.
>
> So kernel oops could be triggered when referring bdi via gendisk.
>
> Fix the issue by moving blk_cleanup_queue() into sd_remove() and
> sr_remove().
This looks like a bit of a bandaid to me. I think the proper fix
is to move the parts of blk_cleanup_queue that need a disk or bdi
to del_gendisk.
