| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFj5m9LOsj3dUYX5qHSGxekFMGTonsSxSoRczUO8jr4DW3wtew@mail.gmail.com> Date: Mon, 18 Aug 2025 11:12:47 +0800 From: Ming Lei <ming.lei@...hat.com> To: 余快 <yukuai1994@...il.com> Cc: Yu Kuai <yukuai@...nel.org>, Nilay Shroff <nilay@...ux.ibm.com>, Yu Kuai <yukuai1@...weicloud.com>, axboe@...nel.dk, hare@...e.de, linux-block@...r.kernel.org, linux-kernel@...r.kernel.org, yukuai3@...wei.com, yi.zhang@...wei.com, yangerkun@...wei.com, johnny.chenyi@...wei.com Subject: Re: [PATCH 08/10] blk-mq: fix blk_mq_tags double free while nr_requests grown On Mon, Aug 18, 2025 at 10:12 AM Ming Lei <ming.lei@...hat.com> wrote: > > On Sat, Aug 16, 2025 at 04:05:30PM +0800, 余快 wrote: ... > > one line patch for this merge window? just fix the first double free > > issue for now. > > > > diff --git a/block/blk-mq-tag.c b/block/blk-mq-tag.c > > index d880c50629d6..1e0ccf19295a 100644 > > --- a/block/blk-mq-tag.c > > +++ b/block/blk-mq-tag.c > > @@ -622,6 +622,7 @@ int blk_mq_tag_update_depth(struct blk_mq_hw_ctx *hctx, > > return -ENOMEM; > > > > blk_mq_free_map_and_rqs(set, *tagsptr, hctx->queue_num); > > + hctx->queue->elevator->et->tags[hctx->queue_num]= new; > > *tagsptr = new; > > It is fine if this way can work, however old elevator->et may has lower > depth, then: > > - the above change cause et->tags overflow > > - meantime memory leak is caused in blk_mq_free_sched_tags() oops, looks I misunderstoodd nr_hw_queues as queue depth, so this single line patch should fix the double free issue. Thanks, Ming
Powered by blists - more mailing lists