[PATCH openEuler-5.10-LTS 08/10] nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed

19 Jul 2022

From: Yu Kuai yukuai3@huawei.com
mainline inclusion
from mainline-v5.19-rc1
commit 2895f1831e911ca87d4efdf43e35eb72a0c7e66e
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5H32C
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
Otherwise io will hung because request will only be completed if the
cmd has the flag 'NBD_CMD_INFLIGHT'.
Fixes: 07175cb1baf4 ("nbd: make sure request completion won't concurrent")
Signed-off-by: Yu Kuai yukuai3@huawei.com
Link: https://lore.kernel.org/r/20220521073749.3146892-4-yukuai3@huawei.com
Signed-off-by: Jens Axboe axboe@kernel.dk
Reviewed-by: Jason Yan yanaijie@huawei.com
Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com
---
 drivers/block/nbd.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
index 873ce6f71d85..f7bc67e74390 100644
--- a/drivers/block/nbd.c
+++ b/drivers/block/nbd.c
@@ -395,13 +395,14 @@ static enum blk_eh_timer_return nbd_xmit_timeout(struct request *req,
    if (!mutex_trylock(&cmd->lock))
    	return BLK_EH_RESET_TIMER;
-	if (!__test_and_clear_bit(NBD_CMD_INFLIGHT, &cmd->flags)) {
+	if (!test_bit(NBD_CMD_INFLIGHT, &cmd->flags)) {
    	mutex_unlock(&cmd->lock);
    	return BLK_EH_DONE;
    }
if (!refcount_inc_not_zero(&nbd->config_refs)) {
    	cmd->status = BLK_STS_TIMEOUT;
+		__clear_bit(NBD_CMD_INFLIGHT, &cmd->flags);
    	mutex_unlock(&cmd->lock);
    	goto done;
    }
@@ -470,6 +471,7 @@ static enum blk_eh_timer_return nbd_xmit_timeout(struct request *req,
    dev_err_ratelimited(nbd_to_dev(nbd), "Connection timed out\n");
    set_bit(NBD_RT_TIMEDOUT, &config->runtime_flags);
    cmd->status = BLK_STS_IOERR;
+	__clear_bit(NBD_CMD_INFLIGHT, &cmd->flags);
    mutex_unlock(&cmd->lock);
    sock_shutdown(nbd);
    nbd_config_put(nbd);
@@ -737,7 +739,7 @@ static struct nbd_cmd *nbd_handle_reply(struct nbd_device *nbd, int index,
    cmd = blk_mq_rq_to_pdu(req);
mutex_lock(&cmd->lock);
-	if (!__test_and_clear_bit(NBD_CMD_INFLIGHT, &cmd->flags)) {
+	if (!test_bit(NBD_CMD_INFLIGHT, &cmd->flags)) {
    	dev_err(disk_to_dev(nbd->disk), "Suspicious reply %d (status %u flags %lu)",
    		tag, cmd->status, cmd->flags);
    	ret = -ENOENT;
@@ -844,8 +846,16 @@ static void recv_work(struct work_struct *work)
    	}
rq = blk_mq_rq_from_pdu(cmd);
-		if (likely(!blk_should_fake_timeout(rq->q)))
-			blk_mq_complete_request(rq);
+		if (likely(!blk_should_fake_timeout(rq->q))) {
+			bool complete;
+
+			mutex_lock(&cmd->lock);
+			complete = __test_and_clear_bit(NBD_CMD_INFLIGHT,
+							&cmd->flags);
+			mutex_unlock(&cmd->lock);
+			if (complete)
+				blk_mq_complete_request(rq);
+		}
    	percpu_ref_put(&q->q_usage_counter);
    }
-- 
2.20.1

    

2024

2023

2022

2021

2020

2019

[PATCH openEuler-5.10-LTS 08/10] nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed