On 8/2/18 4:23 AM, Ming Lei wrote: > The passed 'nr' from userspace represents the total depth, meantime > inside 'struct blk_mq_tags', 'nr_tags' stores the total tag depth, > and 'nr_reserved_tags' stores the reserved part. > > There are two issues in blk_mq_tag_update_depth() now: > > 1) for growing tags, we should have used the passed 'nr', and keep the > number of reserved tags not changed. > > 2) the passed 'nr' should have been used for checking against > 'tags->nr_tags', instead of number of the normal part. > > This patch fixes the above two cases, and avoids kernel crash caused > by wrong resizing sbitmap queue. Applied, thanks. -- Jens Axboe
