From 675e170adc0eb470949cc11bb482b52b5dddadda Mon Sep 17 00:00:00 2001 From: Ming Lei Date: Wed, 16 Nov 2016 18:07:05 +0800 Subject: [PATCH] UPSTREAM: block: deal with stale req count of plug list In both legacy and mq path, req count of plug list is computed before allocating request, so the number can be stale when falling back to slept allocation, also the new introduced wbt can sleep too. This patch deals with the case by checking if plug list becomes empty, and fixes the KASAN report of 'BUG: KASAN: stack-out-of-bounds' which is introduced by Shaohua's patches of dispatching big request. Change-Id: I00cdd180e44574aeb7167266b3aa04a28cf4cdc6 Fixes: 600271d900002(blk-mq: immediately dispatch big size request) Fixes: 50d24c34403c6(block: immediately dispatch big size request) Cc: Shaohua Li Signed-off-by: Ming Lei Signed-off-by: Jens Axboe Signed-off-by: Shawn Lin (cherry pick from 0a6219a95f0b0690fb7094acb26002e7a4791197) --- block/blk-core.c | 5 ++++- block/blk-mq.c | 7 +++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/block/blk-core.c b/block/blk-core.c index b3c48aaa6dc0..80a33af0050d 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -1796,8 +1796,11 @@ static blk_qc_t blk_queue_bio(struct request_queue *q, struct bio *bio) /* * If this is the first request added after a plug, fire * of a plug trace. + * + * @request_count may become stale because of schedule + * out, so check plug list again. */ - if (!request_count) + if (!request_count || list_empty(&plug->list)) trace_block_plug(q); else { struct request *last = list_entry_rq(plug->list.prev); diff --git a/block/blk-mq.c b/block/blk-mq.c index aaea6ea66fac..434cb5f7d9ae 100644 --- a/block/blk-mq.c +++ b/block/blk-mq.c @@ -1380,6 +1380,13 @@ static blk_qc_t blk_sq_make_request(struct request_queue *q, struct bio *bio) struct request *last = NULL; blk_mq_bio_to_request(rq, bio); + + /* + * @request_count may become stale because of schedule + * out, so check the list again. + */ + if (list_empty(&plug->mq_list)) + request_count = 0; if (!request_count) trace_block_plug(q); else