| Message ID | 20200901090033.313997-1-ming.lei@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | block: release disk reference in hd_struct_free_work | expand |
On Tue, Sep 01, 2020 at 05:00:33PM +0800, Ming Lei wrote: > struct hd_struct *part = > container_of(to_rcu_work(work), struct hd_struct, rcu_work); > + struct gendisk *disk = part_to_disk(part); > + > + /* > + * Release disk reference grabbed in delete_partition, and it should > + * have been done in hd_struct_free(), however device's release > + * handler can't be run in percpu_ref's ->release() callback because > + * it is run via call_rcu(). > + */ > + put_device(disk_to_dev(disk)); The fix looks good, but the comment reads a little strange. What about: /* * Release the disk reference acquired in delete_partition here. * We can't release it in hd_struct_free because the final put_device * needs process context and thus can't be run directly from a * percpu_ref ->release handler. */
diff --git a/block/partitions/core.c b/block/partitions/core.c index e62a98a8eeb7..51376f1de8f8 100644 --- a/block/partitions/core.c +++ b/block/partitions/core.c @@ -278,6 +278,15 @@ static void hd_struct_free_work(struct work_struct *work) { struct hd_struct *part = container_of(to_rcu_work(work), struct hd_struct, rcu_work); + struct gendisk *disk = part_to_disk(part); + + /* + * Release disk reference grabbed in delete_partition, and it should + * have been done in hd_struct_free(), however device's release + * handler can't be run in percpu_ref's ->release() callback because + * it is run via call_rcu(). + */ + put_device(disk_to_dev(disk)); part->start_sect = 0; part->nr_sects = 0; @@ -293,7 +302,6 @@ static void hd_struct_free(struct percpu_ref *ref) rcu_dereference_protected(disk->part_tbl, 1); rcu_assign_pointer(ptbl->last_lookup, NULL); - put_device(disk_to_dev(disk)); INIT_RCU_WORK(&part->rcu_work, hd_struct_free_work); queue_rcu_work(system_wq, &part->rcu_work);
Commit e8c7d14ac6c3 ("block: revert back to synchronous request_queue removal") stops to release request queue from wq context because that commit supposed all blk_put_queue() is called in context which is allowed to sleep. However, this assumption isn't true because we release disk's reference in partition's percpu_ref's ->release() which doesn't allow to sleep, because the ->release() is run via call_rcu(). Fixes this issue by moving put disk reference into hd_struct_free_work() Signed-off-by: Ming Lei <ming.lei@redhat.com> Fixes: e8c7d14ac6c3 ("block: revert back to synchronous request_queue removal") Reported-by: Ilya Dryomov <idryomov@gmail.com> Tested-by: Ilya Dryomov <idryomov@gmail.com> Cc: Luis Chamberlain <mcgrof@kernel.org> Cc: Christoph Hellwig <hch@lst.de> Cc: Bart Van Assche <bvanassche@acm.org> --- block/partitions/core.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)