1. Patchew
  2. linux
  3. View series

[PATCH-next 0/2] dm: fix quiesce asymmetry and null pointer in suspend/load race

Zheng Qixing posted 2 patches 1 month, 1 week ago 
drivers/md/dm-core.h |  1 +
drivers/md/dm.c      | 13 ++++++++-----
2 files changed, 9 insertions(+), 5 deletions(-)
[PATCH-next 0/2] dm: fix quiesce asymmetry and null pointer in suspend/load race
Posted by Zheng Qixing 1 month, 1 week ago 
From: Zheng Qixing <zhengqixing@huawei.com>

Hello,

During reliability testing of the dm module, we discovered two bugs when
performing create/remove and suspend/resume operations at high frequency.

Analysis revealed that race conditions between suspend and table load
operations cause asymmetric handling of q->quiesce_depth and null pointer
dereference issues with q->tag_set.

To address the q->tag_set null pointer issue, patch 2 determines whether
to perform certain suspend actions for request-based devices based on the
existence of the table (map).

For detailed information, please refer to the patch commits.

Additionally, since modern Linux kernels have indeed transitioned to
multi-queue as the default (and single-queue is largely deprecated),
is using queue_is_mq() to determine dm_request_based() obsolete?

Zheng Qixing (2):
  dm: fix queue start/stop imbalance under suspend/load/resume races
  dm: fix NULL pointer dereference in __dm_suspend()

 drivers/md/dm-core.h |  1 +
 drivers/md/dm.c      | 13 ++++++++-----
 2 files changed, 9 insertions(+), 5 deletions(-)

-- 
2.39.2
Re: [PATCH-next 0/2] dm: fix quiesce asymmetry and null pointer in suspend/load race
Posted by Mikulas Patocka 1 month, 1 week ago 

On Tue, 26 Aug 2025, Zheng Qixing wrote:

> From: Zheng Qixing <zhengqixing@huawei.com>
> 
> Hello,
> 
> During reliability testing of the dm module, we discovered two bugs when
> performing create/remove and suspend/resume operations at high frequency.
> 
> Analysis revealed that race conditions between suspend and table load
> operations cause asymmetric handling of q->quiesce_depth and null pointer
> dereference issues with q->tag_set.
> 
> To address the q->tag_set null pointer issue, patch 2 determines whether
> to perform certain suspend actions for request-based devices based on the
> existence of the table (map).
> 
> For detailed information, please refer to the patch commits.
> 
> Additionally, since modern Linux kernels have indeed transitioned to
> multi-queue as the default (and single-queue is largely deprecated),
> is using queue_is_mq() to determine dm_request_based() obsolete?
> 
> Zheng Qixing (2):
>   dm: fix queue start/stop imbalance under suspend/load/resume races
>   dm: fix NULL pointer dereference in __dm_suspend()
> 
>  drivers/md/dm-core.h |  1 +
>  drivers/md/dm.c      | 13 ++++++++-----
>  2 files changed, 9 insertions(+), 5 deletions(-)
> 
> -- 
> 2.39.2

Both patches applied, thanks.

Mikulas

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.