On 18/12/2020 07:26, Xiaoguang Wang wrote: > For the first time a req punted to io-wq, we'll initialize io_wq_work's > list to be NULL, then insert req to io_wqe->work_list. If this req is not > inserted into tail of io_wqe->work_list, this req's io_wq_work list will > point to another req's io_wq_work. For splitted bio case, this req maybe > inserted to io_wqe->work_list repeatedly, once we insert it to tail of > io_wqe->work_list for the second time, now io_wq_work->list->next will be > invalid pointer, which then result in many strang error, panic, kernel > soft-lockup, rcu stall, etc. [...] > To fix this corruption, if a req is inserted into tail of io_wqe->work_list, > initialize req->io_wq_work->list->next to bu NULL. Looks fine, and the function is cold to not care about overhead. Reviewed-by: Pavel Begunkov <asml.silence@xxxxxxxxx> -- Pavel Begunkov
