From: Ming Lei <ming.lei@redhat.com> mainline inclusion from mainline-5.10-rc2 commit 65ff5cd04551daf2c11c7928e48fc3483391c900 category: bugfix bugzilla: 45589 CVE: NA ------------------------------------------------- Mark flush request as IDLE in its .end_io(), aligning it with how normal requests behave. The flush request stays in in-flight tags if we're not using an IO scheduler, so we need to change its state into IDLE. Otherwise, we will hang in blk_mq_tagset_wait_completed_request() during error recovery because flush the request state is kept as COMPLETED. Reported-by: Yi Zhang <yi.zhang@redhat.com> Signed-off-by: Ming Lei <ming.lei@redhat.com> Tested-by: Yi Zhang <yi.zhang@redhat.com> Cc: Chao Leng <lengchao@huawei.com> Cc: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Jens Axboe <axboe@kernel.dk> Conflicts: block/blk-flush.c Signed-off-by: Baokun Li <libaokun1@huawei.com> Reviewed-by: Yufen Yu <yuyufen@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> --- block/blk-flush.c | 1 + 1 file changed, 1 insertion(+) diff --git a/block/blk-flush.c b/block/blk-flush.c index 2a8369eb6c1cb..c1ba915658a2c 100644 --- a/block/blk-flush.c +++ b/block/blk-flush.c @@ -233,6 +233,7 @@ static void flush_end_io(struct request *flush_rq, blk_status_t error) /* release the tag's ownership to the req cloned from */ spin_lock_irqsave(&fq->mq_flush_lock, flags); + WRITE_ONCE(flush_rq->state, MQ_RQ_IDLE); if (!refcount_dec_and_test(&flush_rq->ref)) { fq->rq_status = error; spin_unlock_irqrestore(&fq->mq_flush_lock, flags); -- 2.25.1