From: Christoph Hellwig <hch@lst.de>
To: Ming Lei <ming.lei@redhat.com>
Cc: Christoph Hellwig <hch@lst.de>, Jens Axboe <axboe@kernel.dk>,
Damien Le Moal <dlemoal@kernel.org>,
Nilay Shroff <nilay@linux.ibm.com>,
linux-block@vger.kernel.org, linux-nvme@lists.infradead.org,
nbd@other.debian.org, linux-scsi@vger.kernel.org,
usb-storage@lists.one-eyed-alien.net
Subject: Re: [PATCH 03/10] block: don't update BLK_FEAT_POLL in __blk_mq_update_nr_hw_queues
Date: Wed, 8 Jan 2025 16:27:05 +0100 [thread overview]
Message-ID: <20250108152705.GA24792@lst.de> (raw)
In-Reply-To: <Z35T8xeLxhXe-zAS@fedora>
On Wed, Jan 08, 2025 at 06:31:15PM +0800, Ming Lei wrote:
> > - if (!(q->limits.features & BLK_FEAT_POLL) &&
> > - (bio->bi_opf & REQ_POLLED)) {
> > + if ((bio->bi_opf & REQ_POLLED) && !bdev_can_poll(bdev)) {
>
> submit_bio_noacct() is called without grabbing .q_usage_counter,
> so tagset may be freed now, then use-after-free on q->tag_set?
Indeed. That also means the previous check wasn't reliable either.
I think we can simple move the check into
blk_mq_submit_bio/__submit_bio which means we'll do a bunch more
checks before we eventually fail, but otherwise it'll work the
same.
next prev parent reply other threads:[~2025-01-08 15:27 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-08 9:24 fix queue freeze and limit locking order v2 Christoph Hellwig
2025-01-08 9:24 ` [PATCH 01/10] block: fix docs for freezing of queue limits updates Christoph Hellwig
2025-01-08 10:19 ` Ming Lei
2025-01-13 7:19 ` Hannes Reinecke
2025-01-08 9:24 ` [PATCH 02/10] block: add a queue_limits_commit_update_frozen helper Christoph Hellwig
2025-01-08 10:20 ` Ming Lei
2025-01-13 7:20 ` Hannes Reinecke
2025-01-08 9:25 ` [PATCH 03/10] block: don't update BLK_FEAT_POLL in __blk_mq_update_nr_hw_queues Christoph Hellwig
2025-01-08 10:17 ` Damien Le Moal
2025-01-08 10:31 ` Ming Lei
2025-01-08 15:27 ` Christoph Hellwig [this message]
2025-01-09 0:05 ` Damien Le Moal
2025-01-09 2:18 ` Ming Lei
2025-01-08 10:54 ` Nilay Shroff
2025-01-13 7:23 ` Hannes Reinecke
2025-01-08 9:25 ` [PATCH 04/10] block: add a store_limit operations for sysfs entries Christoph Hellwig
2025-01-08 10:33 ` Ming Lei
2025-01-13 7:24 ` Hannes Reinecke
2025-01-08 9:25 ` [PATCH 05/10] block: fix queue freeze vs limits lock order in sysfs store methods Christoph Hellwig
2025-01-08 10:18 ` Damien Le Moal
2025-01-08 10:38 ` Ming Lei
2025-01-08 15:29 ` Christoph Hellwig
2025-01-13 7:25 ` Hannes Reinecke
2025-01-08 9:25 ` [PATCH 06/10] nvme: fix queue freeze vs limits lock order Christoph Hellwig
2025-01-08 10:39 ` Ming Lei
2025-01-08 9:25 ` [PATCH 07/10] nbd: " Christoph Hellwig
2025-01-08 10:40 ` Ming Lei
2025-01-08 9:25 ` [PATCH 08/10] usb-storage: " Christoph Hellwig
2025-01-08 10:41 ` Ming Lei
2025-01-08 9:25 ` [PATCH 09/10] loop: refactor queue limits updates Christoph Hellwig
2025-01-08 10:20 ` Damien Le Moal
2025-01-08 10:42 ` Ming Lei
2025-01-08 10:56 ` Nilay Shroff
2025-01-08 9:25 ` [PATCH 10/10] loop: fix queue freeze vs limits lock order Christoph Hellwig
2025-01-08 10:20 ` Damien Le Moal
2025-01-08 10:44 ` Ming Lei
2025-01-08 10:57 ` Nilay Shroff
2025-01-08 10:51 ` fix queue freeze and limit locking order v2 Johannes Thumshirn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250108152705.GA24792@lst.de \
--to=hch@lst.de \
--cc=axboe@kernel.dk \
--cc=dlemoal@kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=linux-scsi@vger.kernel.org \
--cc=ming.lei@redhat.com \
--cc=nbd@other.debian.org \
--cc=nilay@linux.ibm.com \
--cc=usb-storage@lists.one-eyed-alien.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.