Skip to content

Commit fd9c40f

Browse files
bvanasscheaxboe
bvanassche
authored and
axboe
committed
block: Revert v5.0 blk_mq_request_issue_directly() changes
blk_mq_try_issue_directly() can return BLK_STS*_RESOURCE for requests that have been queued. If that happens when blk_mq_try_issue_directly() is called by the dm-mpath driver then dm-mpath will try to resubmit a request that is already queued and a kernel crash follows. Since it is nontrivial to fix blk_mq_request_issue_directly(), revert the blk_mq_request_issue_directly() changes that went into kernel v5.0. This patch reverts the following commits: * d6a51a9 ("blk-mq: replace and kill blk_mq_request_issue_directly") # v5.0. * 5b7a6f1 ("blk-mq: issue directly with bypass 'false' in blk_mq_sched_insert_requests") # v5.0. * 7f556a4 ("blk-mq: refactor the code of issue request directly") # v5.0. Cc: Christoph Hellwig <hch@infradead.org> Cc: Ming Lei <ming.lei@redhat.com> Cc: Jianchao Wang <jianchao.w.wang@oracle.com> Cc: Hannes Reinecke <hare@suse.com> Cc: Johannes Thumshirn <jthumshirn@suse.de> Cc: James Smart <james.smart@broadcom.com> Cc: Dongli Zhang <dongli.zhang@oracle.com> Cc: Laurence Oberman <loberman@redhat.com> Cc: <stable@vger.kernel.org> Reported-by: Laurence Oberman <loberman@redhat.com> Tested-by: Laurence Oberman <loberman@redhat.com> Fixes: 7f556a4 ("blk-mq: refactor the code of issue request directly") # v5.0. Signed-off-by: Bart Van Assche <bvanassche@acm.org> Signed-off-by: Jens Axboe <axboe@kernel.dk>
1 parent f0d1762 commit fd9c40f

File tree

4 files changed

+71
-69
lines changed

4 files changed

+71
-69
lines changed

block/blk-core.c

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1245,8 +1245,6 @@ static int blk_cloned_rq_check_limits(struct request_queue *q,
12451245
*/
12461246
blk_status_t blk_insert_cloned_request(struct request_queue *q, struct request *rq)
12471247
{
1248-
blk_qc_t unused;
1249-
12501248
if (blk_cloned_rq_check_limits(q, rq))
12511249
return BLK_STS_IOERR;
12521250

@@ -1262,7 +1260,7 @@ blk_status_t blk_insert_cloned_request(struct request_queue *q, struct request *
12621260
* bypass a potential scheduler on the bottom device for
12631261
* insert.
12641262
*/
1265-
return blk_mq_try_issue_directly(rq->mq_hctx, rq, &unused, true, true);
1263+
return blk_mq_request_issue_directly(rq, true);
12661264
}
12671265
EXPORT_SYMBOL_GPL(blk_insert_cloned_request);
12681266

block/blk-mq-sched.c

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -423,10 +423,12 @@ void blk_mq_sched_insert_requests(struct blk_mq_hw_ctx *hctx,
423423
* busy in case of 'none' scheduler, and this way may save
424424
* us one extra enqueue & dequeue to sw queue.
425425
*/
426-
if (!hctx->dispatch_busy && !e && !run_queue_async)
426+
if (!hctx->dispatch_busy && !e && !run_queue_async) {
427427
blk_mq_try_issue_list_directly(hctx, list);
428-
else
429-
blk_mq_insert_requests(hctx, ctx, list);
428+
if (list_empty(list))
429+
return;
430+
}
431+
blk_mq_insert_requests(hctx, ctx, list);
430432
}
431433

432434
blk_mq_run_hw_queue(hctx, run_queue_async);

block/blk-mq.c

Lines changed: 63 additions & 59 deletions
Original file line numberDiff line numberDiff line change
@@ -1801,103 +1801,107 @@ static blk_status_t __blk_mq_issue_directly(struct blk_mq_hw_ctx *hctx,
18011801
return ret;
18021802
}
18031803

1804-
blk_status_t blk_mq_try_issue_directly(struct blk_mq_hw_ctx *hctx,
1804+
static blk_status_t __blk_mq_try_issue_directly(struct blk_mq_hw_ctx *hctx,
18051805
struct request *rq,
18061806
blk_qc_t *cookie,
1807-
bool bypass, bool last)
1807+
bool bypass_insert, bool last)
18081808
{
18091809
struct request_queue *q = rq->q;
18101810
bool run_queue = true;
1811-
blk_status_t ret = BLK_STS_RESOURCE;
1812-
int srcu_idx;
1813-
bool force = false;
18141811

1815-
hctx_lock(hctx, &srcu_idx);
18161812
/*
1817-
* hctx_lock is needed before checking quiesced flag.
1813+
* RCU or SRCU read lock is needed before checking quiesced flag.
18181814
*
1819-
* When queue is stopped or quiesced, ignore 'bypass', insert
1820-
* and return BLK_STS_OK to caller, and avoid driver to try to
1821-
* dispatch again.
1815+
* When queue is stopped or quiesced, ignore 'bypass_insert' from
1816+
* blk_mq_request_issue_directly(), and return BLK_STS_OK to caller,
1817+
* and avoid driver to try to dispatch again.
18221818
*/
1823-
if (unlikely(blk_mq_hctx_stopped(hctx) || blk_queue_quiesced(q))) {
1819+
if (blk_mq_hctx_stopped(hctx) || blk_queue_quiesced(q)) {
18241820
run_queue = false;
1825-
bypass = false;
1826-
goto out_unlock;
1821+
bypass_insert = false;
1822+
goto insert;
18271823
}
18281824

1829-
if (unlikely(q->elevator && !bypass))
1830-
goto out_unlock;
1825+
if (q->elevator && !bypass_insert)
1826+
goto insert;
18311827

18321828
if (!blk_mq_get_dispatch_budget(hctx))
1833-
goto out_unlock;
1829+
goto insert;
18341830

18351831
if (!blk_mq_get_driver_tag(rq)) {
18361832
blk_mq_put_dispatch_budget(hctx);
1837-
goto out_unlock;
1833+
goto insert;
18381834
}
18391835

1840-
/*
1841-
* Always add a request that has been through
1842-
*.queue_rq() to the hardware dispatch list.
1843-
*/
1844-
force = true;
1845-
ret = __blk_mq_issue_directly(hctx, rq, cookie, last);
1846-
out_unlock:
1836+
return __blk_mq_issue_directly(hctx, rq, cookie, last);
1837+
insert:
1838+
if (bypass_insert)
1839+
return BLK_STS_RESOURCE;
1840+
1841+
blk_mq_request_bypass_insert(rq, run_queue);
1842+
return BLK_STS_OK;
1843+
}
1844+
1845+
static void blk_mq_try_issue_directly(struct blk_mq_hw_ctx *hctx,
1846+
struct request *rq, blk_qc_t *cookie)
1847+
{
1848+
blk_status_t ret;
1849+
int srcu_idx;
1850+
1851+
might_sleep_if(hctx->flags & BLK_MQ_F_BLOCKING);
1852+
1853+
hctx_lock(hctx, &srcu_idx);
1854+
1855+
ret = __blk_mq_try_issue_directly(hctx, rq, cookie, false, true);
1856+
if (ret == BLK_STS_RESOURCE || ret == BLK_STS_DEV_RESOURCE)
1857+
blk_mq_request_bypass_insert(rq, true);
1858+
else if (ret != BLK_STS_OK)
1859+
blk_mq_end_request(rq, ret);
1860+
1861+
hctx_unlock(hctx, srcu_idx);
1862+
}
1863+
1864+
blk_status_t blk_mq_request_issue_directly(struct request *rq, bool last)
1865+
{
1866+
blk_status_t ret;
1867+
int srcu_idx;
1868+
blk_qc_t unused_cookie;
1869+
struct blk_mq_hw_ctx *hctx = rq->mq_hctx;
1870+
1871+
hctx_lock(hctx, &srcu_idx);
1872+
ret = __blk_mq_try_issue_directly(hctx, rq, &unused_cookie, true, last);
18471873
hctx_unlock(hctx, srcu_idx);
1848-
switch (ret) {
1849-
case BLK_STS_OK:
1850-
break;
1851-
case BLK_STS_DEV_RESOURCE:
1852-
case BLK_STS_RESOURCE:
1853-
if (force) {
1854-
blk_mq_request_bypass_insert(rq, run_queue);
1855-
/*
1856-
* We have to return BLK_STS_OK for the DM
1857-
* to avoid livelock. Otherwise, we return
1858-
* the real result to indicate whether the
1859-
* request is direct-issued successfully.
1860-
*/
1861-
ret = bypass ? BLK_STS_OK : ret;
1862-
} else if (!bypass) {
1863-
blk_mq_sched_insert_request(rq, false,
1864-
run_queue, false);
1865-
}
1866-
break;
1867-
default:
1868-
if (!bypass)
1869-
blk_mq_end_request(rq, ret);
1870-
break;
1871-
}
18721874

18731875
return ret;
18741876
}
18751877

18761878
void blk_mq_try_issue_list_directly(struct blk_mq_hw_ctx *hctx,
18771879
struct list_head *list)
18781880
{
1879-
blk_qc_t unused;
1880-
blk_status_t ret = BLK_STS_OK;
1881-
18821881
while (!list_empty(list)) {
1882+
blk_status_t ret;
18831883
struct request *rq = list_first_entry(list, struct request,
18841884
queuelist);
18851885

18861886
list_del_init(&rq->queuelist);
1887-
if (ret == BLK_STS_OK)
1888-
ret = blk_mq_try_issue_directly(hctx, rq, &unused,
1889-
false,
1887+
ret = blk_mq_request_issue_directly(rq, list_empty(list));
1888+
if (ret != BLK_STS_OK) {
1889+
if (ret == BLK_STS_RESOURCE ||
1890+
ret == BLK_STS_DEV_RESOURCE) {
1891+
blk_mq_request_bypass_insert(rq,
18901892
list_empty(list));
1891-
else
1892-
blk_mq_sched_insert_request(rq, false, true, false);
1893+
break;
1894+
}
1895+
blk_mq_end_request(rq, ret);
1896+
}
18931897
}
18941898

18951899
/*
18961900
* If we didn't flush the entire list, we could have told
18971901
* the driver there was more coming, but that turned out to
18981902
* be a lie.
18991903
*/
1900-
if (ret != BLK_STS_OK && hctx->queue->mq_ops->commit_rqs)
1904+
if (!list_empty(list) && hctx->queue->mq_ops->commit_rqs)
19011905
hctx->queue->mq_ops->commit_rqs(hctx);
19021906
}
19031907

@@ -2012,13 +2016,13 @@ static blk_qc_t blk_mq_make_request(struct request_queue *q, struct bio *bio)
20122016
data.hctx = same_queue_rq->mq_hctx;
20132017
trace_block_unplug(q, 1, true);
20142018
blk_mq_try_issue_directly(data.hctx, same_queue_rq,
2015-
&cookie, false, true);
2019+
&cookie);
20162020
}
20172021
} else if ((q->nr_hw_queues > 1 && is_sync) || (!q->elevator &&
20182022
!data.hctx->dispatch_busy)) {
20192023
blk_mq_put_ctx(data.ctx);
20202024
blk_mq_bio_to_request(rq, bio);
2021-
blk_mq_try_issue_directly(data.hctx, rq, &cookie, false, true);
2025+
blk_mq_try_issue_directly(data.hctx, rq, &cookie);
20222026
} else {
20232027
blk_mq_put_ctx(data.ctx);
20242028
blk_mq_bio_to_request(rq, bio);

block/blk-mq.h

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -70,10 +70,8 @@ void blk_mq_request_bypass_insert(struct request *rq, bool run_queue);
7070
void blk_mq_insert_requests(struct blk_mq_hw_ctx *hctx, struct blk_mq_ctx *ctx,
7171
struct list_head *list);
7272

73-
blk_status_t blk_mq_try_issue_directly(struct blk_mq_hw_ctx *hctx,
74-
struct request *rq,
75-
blk_qc_t *cookie,
76-
bool bypass, bool last);
73+
/* Used by blk_insert_cloned_request() to issue request directly */
74+
blk_status_t blk_mq_request_issue_directly(struct request *rq, bool last);
7775
void blk_mq_try_issue_list_directly(struct blk_mq_hw_ctx *hctx,
7876
struct list_head *list);
7977

0 commit comments

Comments
 (0)