NVMe induced NULL deref in bt_iter()
Sagi Grimberg
sagi at grimberg.me
Mon Jul 3 03:07:44 PDT 2017
Hi Ming,
> Yeah, the above change is correct, for any canceling requests in this
> way we should use blk_mq_quiesce_queue().
I still don't understand why should blk_mq_flush_busy_ctxs hit a NULL
deref if we don't touch the tagset...
Also, I'm wandering in what case we shouldn't use
blk_mq_quiesce_queue()? Maybe we should unexport blk_mq_stop_hw_queues()
and blk_mq_start_stopped_hw_queues() and use the quiesce/unquiesce
equivalent always?
The only fishy usage is in nvme_fc_start_fcp_op() where if submission
failed the code stop the hw queues and delays it, but I think it should
be handled differently..
More information about the Linux-nvme
mailing list