> void blk_mq_update_nr_hw_queues(struct blk_mq_tag_set *set, int nr_hw_queues) Are you sure this patch is sufficient? What prevents that blk_mq_run_hw_queues() gets called after the blk_mq_quiesce() and blk_sync_queue() calls have finished and before the queue is unfrozen? Ba...
> However, even though blk_mq_freeze_queue() is returned, there might be > run queue activity not completed, then use-after-free may be triggered > on hctx and its fields. > > Fix this issue by really quiescing queue via blk_mq_quiesce_queue() and > blk_sync_queue() for making ...