Hi, We can't run allocating driver tag and updating tags->rqs[tag] atomically, so stale request may be retrieved from tags->rqs[tag]. More seriously, the stale request may have been freed via updating nr_requests or switching elevator or other use cases. It is one long-term issue, and Jianchao previous worked towards using static_rqs[] for iterating request, one problem is that it can be hard to use when iterating over tagset. This patchset takes another different approach for fixing the issue: cache freed rqs pages and release them until all tags->rqs[] references on these pages are gone. Please review and comment. [1] https://lore.kernel.org/linux-block/1553492318-1810-1-git-send-email-jianchao.w.wang@xxxxxxxxxx/ [2] https://marc.info/?t=154526200600007&r=2&w=2 Ming Lei (5): blk-mq: define max_order for allocating rqs pages as macro blk-mq: add helper of blk_mq_get_hw_queue_node blk-mq: add helpers for allocating/freeing pages of request pool blk-mq: cache freed request pool pages blk-mq: check and shrink freed request pool page block/blk-mq.c | 236 +++++++++++++++++++++++++++++++++-------- include/linux/blk-mq.h | 4 + 2 files changed, 198 insertions(+), 42 deletions(-) Cc: Hannes Reinecke <hare@xxxxxxx> Cc: Bart Van Assche <bvanassche@xxxxxxx> Cc: John Garry <john.garry@xxxxxxxxxx> Cc: Christoph Hellwig <hch@xxxxxx> -- 2.25.2
