On Mar 05, 2021 / 23:14, John Garry wrote: > This series aims to tackle the various UAF reports, like: > [0] https://lore.kernel.org/linux-block/8376443a-ec1b-0cef-8244-ed584b96fa96@xxxxxxxxxx/ > [1] https://lore.kernel.org/linux-block/5c3ac5af-ed81-11e4-fee3-f92175f14daf@xxxxxxx/T/#m6c1ac11540522716f645d004e2a5a13c9f218908 > [2] https://lore.kernel.org/linux-block/04e2f9e8-79fa-f1cb-ab23-4a15bf3f64cc@xxxxxxxxx/ > [3] https://lore.kernel.org/linux-block/b859618aeac58bd9bb620d7ebdb24b90@xxxxxxxxxxxxxx/ > > Details are in the commit messages. > > The issue addressed in patch 1/3 is pretty easy to reproduce, 2+3/3 not so > much, and I had to add mdelays in the iters functions to recreate in > sane timeframes. I also observe the KASAN UAF in blk_mq_queue_tag_busy_iter during blktests run with kernel version 5.12-rc2 and 5.12-rc3. When the test case block/005 is run for HDDs behind SAS HBA (Broadcom 9400), the UAF message is always reported and it makes the test case fail. This failure was not observed with kernel v5.11. I suppose the failure was rare until v5.11, but changes between 5.11 and 5.12-rcX made this failure happen more frequent. I tried the patch 1/3 by John, and saw that it avoids the UAF message and the block/005 failure. I also tried the patch Bart suggested in this discussion thread [1], and confirmed that it also avoids the UAF message. I appreciate these fix work and discussion. [1] https://marc.info/?l=linux-kernel&m=161559032606201&w=2 -- Best Regards, Shin'ichiro Kawasaki