From: Ming Lei <ming.lei@redhat.com>
To: Christoph Hellwig <hch@lst.de>
Cc: Jens Axboe <axboe@kernel.dk>,
Jeffle Xu <jefflexu@linux.alibaba.com>,
Damien Le Moal <Damien.LeMoal@wdc.com>,
Keith Busch <kbusch@kernel.org>, Sagi Grimberg <sagi@grimberg.me>,
"Wunderlich, Mark" <mark.wunderlich@intel.com>,
"Vasudevan, Anil" <anil.vasudevan@intel.com>,
linux-block@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-nvme@lists.infradead.org
Subject: Re: [PATCH 13/16] block: switch polling to be bio based
Date: Mon, 21 Jun 2021 16:35:29 +0800 [thread overview]
Message-ID: <YNBPUUVtxSb6/gv1@T590> (raw)
In-Reply-To: <20210621072005.GA6651@lst.de>
On Mon, Jun 21, 2021 at 09:20:05AM +0200, Christoph Hellwig wrote:
> On Fri, Jun 18, 2021 at 10:27:20PM +0800, Ming Lei wrote:
> > > How? On a block device the caller needs to hold the block device open
> > > to read/write from it. On a file systems the file systems needs to
> > > be mounted, which also holds a bdev reference.
> >
> > + rcu_read_lock();
> > + bio = READ_ONCE(kiocb->private);
> > + if (bio && bio->bi_bdev)
> >
> > The bio may be ended now from another polling job, then the disk is
> > closed & deleted, and released. Then request queue & hctxs are released.
> >
> > + ret = bio_poll(bio, flags);
> >
> > But disk & request queue & hctx can still be referred in above bio_poll().
>
> I don't see how this can happen. A bio stashed into kiocb->private needs
> to belong to the correct device initially. For it to point to the "wrong"
> device it needs to have been completed on the correct one, and then be
> reused for a different device. At the point it is reused that device
> must obviously have been alive, and for it to be freed a RCU grace
> period must have been passed. And that grace period can't have started
> earlier than when iocb_bio_iopoll was called.
gendisk isn't freed after a RCU grace period, so even though bio->bi_bdev
may not be freed really, but the gendisk may have been freed already.
+ rcu_read_lock();
+ bio = READ_ONCE(kiocb->private);
+ if (bio && bio->bi_bdev)
The bio may be ended now from another polling job, and it is freed
and re-allocated & freed, then bio->bi_bdev->bd_disk is freed too, which
will be observed in the following bio_poll().
+ ret = bio_poll(bio, flags);
Thanks,
Ming
WARNING: multiple messages have this Message-ID (diff)
From: Ming Lei <ming.lei@redhat.com>
To: Christoph Hellwig <hch@lst.de>
Cc: Jens Axboe <axboe@kernel.dk>,
Jeffle Xu <jefflexu@linux.alibaba.com>,
Damien Le Moal <Damien.LeMoal@wdc.com>,
Keith Busch <kbusch@kernel.org>, Sagi Grimberg <sagi@grimberg.me>,
"Wunderlich, Mark" <mark.wunderlich@intel.com>,
"Vasudevan, Anil" <anil.vasudevan@intel.com>,
linux-block@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-nvme@lists.infradead.org
Subject: Re: [PATCH 13/16] block: switch polling to be bio based
Date: Mon, 21 Jun 2021 16:35:29 +0800 [thread overview]
Message-ID: <YNBPUUVtxSb6/gv1@T590> (raw)
In-Reply-To: <20210621072005.GA6651@lst.de>
On Mon, Jun 21, 2021 at 09:20:05AM +0200, Christoph Hellwig wrote:
> On Fri, Jun 18, 2021 at 10:27:20PM +0800, Ming Lei wrote:
> > > How? On a block device the caller needs to hold the block device open
> > > to read/write from it. On a file systems the file systems needs to
> > > be mounted, which also holds a bdev reference.
> >
> > + rcu_read_lock();
> > + bio = READ_ONCE(kiocb->private);
> > + if (bio && bio->bi_bdev)
> >
> > The bio may be ended now from another polling job, then the disk is
> > closed & deleted, and released. Then request queue & hctxs are released.
> >
> > + ret = bio_poll(bio, flags);
> >
> > But disk & request queue & hctx can still be referred in above bio_poll().
>
> I don't see how this can happen. A bio stashed into kiocb->private needs
> to belong to the correct device initially. For it to point to the "wrong"
> device it needs to have been completed on the correct one, and then be
> reused for a different device. At the point it is reused that device
> must obviously have been alive, and for it to be freed a RCU grace
> period must have been passed. And that grace period can't have started
> earlier than when iocb_bio_iopoll was called.
gendisk isn't freed after a RCU grace period, so even though bio->bi_bdev
may not be freed really, but the gendisk may have been freed already.
+ rcu_read_lock();
+ bio = READ_ONCE(kiocb->private);
+ if (bio && bio->bi_bdev)
The bio may be ended now from another polling job, and it is freed
and re-allocated & freed, then bio->bi_bdev->bd_disk is freed too, which
will be observed in the following bio_poll().
+ ret = bio_poll(bio, flags);
Thanks,
Ming
_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme
next prev parent reply other threads:[~2021-06-21 8:35 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-15 13:10 switch block layer polling to a bio based model v4 Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 01/16] direct-io: remove blk_poll support Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 02/16] block: don't try to poll multi-bio I/Os in __blkdev_direct_IO Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 03/16] iomap: don't try to poll multi-bio I/Os in __iomap_dio_rw Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 04/16] blk-mq: factor out a blk_qc_to_hctx helper Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 05/16] blk-mq: factor out a "classic" poll helper Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 06/16] blk-mq: remove blk_qc_t_to_tag and blk_qc_t_is_internal Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 07/16] blk-mq: remove blk_qc_t_valid Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 08/16] block: replace the spin argument to blk_iopoll with a flags argument Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 09/16] io_uring: don't sleep when polling for I/O Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 10/16] block: rename REQ_HIPRI to REQ_POLLED Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 11/16] block: use SLAB_TYPESAFE_BY_RCU for the bio slab Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 12/16] block: define 'struct bvec_iter' as packed Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 13/16] block: switch polling to be bio based Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-16 2:30 ` Ming Lei
2021-06-16 2:30 ` Ming Lei
2021-06-18 14:01 ` Christoph Hellwig
2021-06-18 14:01 ` Christoph Hellwig
2021-06-18 14:27 ` Ming Lei
2021-06-18 14:27 ` Ming Lei
2021-06-21 7:20 ` Christoph Hellwig
2021-06-21 7:20 ` Christoph Hellwig
2021-06-21 8:35 ` Ming Lei [this message]
2021-06-21 8:35 ` Ming Lei
2021-06-15 13:10 ` [PATCH 14/16] block: don't allow writing to the poll queue attribute Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 15/16] nvme-multipath: set QUEUE_FLAG_NOWAIT Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 13:10 ` [PATCH 16/16] nvme-multipath: enable polled I/O Christoph Hellwig
2021-06-15 13:10 ` Christoph Hellwig
2021-06-15 14:37 ` switch block layer polling to a bio based model v4 Keith Busch
2021-06-15 14:37 ` Keith Busch
2021-06-15 16:06 ` Christoph Hellwig
2021-06-15 16:06 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YNBPUUVtxSb6/gv1@T590 \
--to=ming.lei@redhat.com \
--cc=Damien.LeMoal@wdc.com \
--cc=anil.vasudevan@intel.com \
--cc=axboe@kernel.dk \
--cc=hch@lst.de \
--cc=jefflexu@linux.alibaba.com \
--cc=kbusch@kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=mark.wunderlich@intel.com \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.