On Mar 29, 2021 / 02:00, Bart Van Assche wrote: > Hi Jens, > > This patch series fixes the race between iterating over requests and > freeing requests that has been reported by multiple different users over > the past two years. Please consider this patch series for kernel v5.13. I suggest to pick this up for v5.12. The blktests block/005 test case always fails with the use-after-free message, when it is run with KASAN enabled kernel v5.12-rcX and HDDs behind SAS HBA (Broadcom 9400 in my environment). I confirmed that this series fixes the problem. Also, no regression was observed with my test set. So, for the whole series, Tested-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@xxxxxxx> -- Best Regards, Shin'ichiro Kawasaki > > Thank you, > > Bart. > > Changes between v3 and v4: > - Fixed support for tag sets shared across hardware queues. > - Renamed blk_mq_wait_for_tag_readers() into blk_mq_wait_for_tag_iter(). > - Removed the fourth argument of blk_mq_queue_tag_busy_iter() again. > > Changes between v2 and v3: > - Converted the single v2 patch into a series of three patches. > - Switched from SRCU to a combination of RCU and semaphores. > > Changes between v1 and v2: > - Reformatted patch description. > - Added Tested-by/Reviewed-by tags. > - Changed srcu_barrier() calls into synchronize_srcu() calls. > > Bart Van Assche (3): > blk-mq: Move the elevator_exit() definition > blk-mq: Introduce atomic variants of the tag iteration functions > blk-mq: Fix a race between iterating over requests and freeing > requests > > block/blk-core.c | 34 ++++++++++++++++- > block/blk-mq-tag.c | 79 ++++++++++++++++++++++++++++++++++----- > block/blk-mq-tag.h | 6 ++- > block/blk-mq.c | 23 +++++++++--- > block/blk-mq.h | 1 + > block/blk.h | 11 +----- > block/elevator.c | 9 +++++ > drivers/scsi/hosts.c | 16 ++++---- > drivers/scsi/ufs/ufshcd.c | 4 +- > include/linux/blk-mq.h | 2 + > 10 files changed, 149 insertions(+), 36 deletions(-) >
