On Tue, Mar 01, 2022 at 08:39:19PM +0800, Laibin Qiu wrote: > 1.In current process, all bio will set the BIO_THROTTLED flag > after __blk_throtl_bio(). > > 2.If bio needs to be throttled, it will start the timer and > stop submit bio directly. Bio will submit in > blk_throtl_dispatch_work_fn() when the timer expires.But in > the current process, if bio is throttled. The BIO_THROTTLED > will be set to bio after timer start. If the bio has been > completed, it may cause use-after-free blow. > > BUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70 > Read of size 2 at addr ffff88801b8902d4 by task fio/26380 After the queue lock is released, the bio can be dispatched & completed, so it shouldn't be touched after lock release: Reviewed-by: Ming Lei <ming.lei@xxxxxxxxxx> Thanks, Ming
