git.maquefel.me Git - linux.git/commit

author	Bart Van Assche <bvanassche@acm.org>
	Tue, 18 Oct 2022 20:29:49 +0000 (13:29 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 31 Dec 2022 12:14:21 +0000 (13:14 +0100)
commit	8d50ccfbe27b424693b71592d0aa5ae923094552
tree	79f3df0aee2368be461d4d6931203f3ae8e937b8	tree \| snapshot
parent	9bdf3a59b3dd3e89592f5ad98b958e063388025c	commit \| diff

scsi: core: Fix a race between scsi_done() and scsi_timeout()

[ Upstream commit 978b7922d3dca672b41bb4b8ce6c06ab77112741 ]

If there is a race between scsi_done() and scsi_timeout() and if
scsi_timeout() loses the race, scsi_timeout() should not reset the request
timer. Hence change the return value for this case from BLK_EH_RESET_TIMER
into BLK_EH_DONE.

Although the block layer holds a reference on a request (req->ref) while
calling a timeout handler, restarting the timer (blk_add_timer()) while a
request is being completed is racy.

Reviewed-by: Mike Christie <michael.christie@oracle.com>
Cc: Keith Busch <kbusch@kernel.org>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Ming Lei <ming.lei@redhat.com>
Cc: John Garry <john.garry@huawei.com>
Cc: Hannes Reinecke <hare@suse.de>
Reported-by: Adrian Hunter <adrian.hunter@intel.com>
Fixes: 15f73f5b3e59 ("blk-mq: move failure injection out of blk_mq_complete_request")
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Link: https://lore.kernel.org/r/20221018202958.1902564-2-bvanassche@acm.org
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>