xen-blkfront: fix mq start/stop race
authorJunxiao Bi <junxiao.bi@oracle.com>
Thu, 20 Jul 2017 01:26:21 +0000 (09:26 +0800)
committerKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tue, 25 Jul 2017 15:30:59 +0000 (11:30 -0400)
When ring buf full, hw queue will be stopped. While blkif interrupt consume
request and make free space in ring buf, hw queue will be started again.
But since start queue is protected by spin lock while stop not, that will
cause a race.

interrupt:                                      process:
blkif_interrupt()                               blkif_queue_rq()
 kick_pending_request_queues_locked()
   blk_mq_start_stopped_hw_queues()
      clear_bit(BLK_MQ_S_STOPPED, &hctx->state)
                                             blk_mq_stop_hw_queue(hctx)
  blk_mq_run_hw_queue(hctx, async)

If ring buf is made empty in this case, interrupt will never come, then the
hw queue will be stopped forever, all processes waiting for the pending io
in the queue will hung.

Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com>
Reviewed-by: Ankur Arora <ankur.a.arora@oracle.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
drivers/block/xen-blkfront.c

index 1799bba7439059d518a57db76de69b21e9acd040..04eeb540490f39c32de88cbd19ee6ed43ad27d7e 100644 (file)
@@ -906,8 +906,8 @@ out_err:
        return BLK_STS_IOERR;
 
 out_busy:
-       spin_unlock_irqrestore(&rinfo->ring_lock, flags);
        blk_mq_stop_hw_queue(hctx);
+       spin_unlock_irqrestore(&rinfo->ring_lock, flags);
        return BLK_STS_RESOURCE;
 }