From: Ming Lei ming.lei@redhat.com
mainline inclusion from mainline-5.10-rc2 commit 65ff5cd04551daf2c11c7928e48fc3483391c900 category: bugfix bugzilla: 45589 CVE: NA
-------------------------------------------------
Mark flush request as IDLE in its .end_io(), aligning it with how normal requests behave. The flush request stays in in-flight tags if we're not using an IO scheduler, so we need to change its state into IDLE. Otherwise, we will hang in blk_mq_tagset_wait_completed_request() during error recovery because flush the request state is kept as COMPLETED.
Reported-by: Yi Zhang yi.zhang@redhat.com Signed-off-by: Ming Lei ming.lei@redhat.com Tested-by: Yi Zhang yi.zhang@redhat.com Cc: Chao Leng lengchao@huawei.com Cc: Sagi Grimberg sagi@grimberg.me Signed-off-by: Jens Axboe axboe@kernel.dk
Conflicts: block/blk-flush.c
Signed-off-by: Baokun Li libaokun1@huawei.com Reviewed-by: Yufen Yu yuyufen@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com --- block/blk-flush.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/block/blk-flush.c b/block/blk-flush.c index 2a8369eb6c1cb..c1ba915658a2c 100644 --- a/block/blk-flush.c +++ b/block/blk-flush.c @@ -233,6 +233,7 @@ static void flush_end_io(struct request *flush_rq, blk_status_t error) /* release the tag's ownership to the req cloned from */ spin_lock_irqsave(&fq->mq_flush_lock, flags);
+ WRITE_ONCE(flush_rq->state, MQ_RQ_IDLE); if (!refcount_dec_and_test(&flush_rq->ref)) { fq->rq_status = error; spin_unlock_irqrestore(&fq->mq_flush_lock, flags);