search for: __blk_mq_free_request

...it not being set within blk_mq_rq_ctx_init). > > > 0. That should already be sufficient to hinder blk_mq_tag_to_rq and the calling > > method to do the wrong thing. > > Yes, clearing rq->cmd_flags should be enough. > > And looks better to move rq initialization to __blk_mq_free_request() > too, otherwise timeout still may see old cmd_flags and rq->q before > rq's new initialization. Yes, __blk_mq_free_request() should also reset at least rq->cmd_flags, and I think we can remove the initialization from __blk_mq_alloc_request(). David > > > Thanks,

...it not being set within blk_mq_rq_ctx_init). > > > 0. That should already be sufficient to hinder blk_mq_tag_to_rq and the calling > > method to do the wrong thing. > > Yes, clearing rq->cmd_flags should be enough. > > And looks better to move rq initialization to __blk_mq_free_request() > too, otherwise timeout still may see old cmd_flags and rq->q before > rq's new initialization. Yes, __blk_mq_free_request() should also reset at least rq->cmd_flags, and I think we can remove the initialization from __blk_mq_alloc_request(). David > > > Thanks,

On 2014-09-17 07:52, Ming Lei wrote: > On Wed, 17 Sep 2014 14:00:34 +0200 > David Hildenbrand <dahi at linux.vnet.ibm.com> wrote: > >>>>>> Does anyone have an idea? >>>>>> The request itself is completely filled with cc >>>>> >>>>> That is very weird, the 'rq' is got from hctx->tags, and rq should be

On 2014-09-17 07:52, Ming Lei wrote: > On Wed, 17 Sep 2014 14:00:34 +0200 > David Hildenbrand <dahi at linux.vnet.ibm.com> wrote: > >>>>>> Does anyone have an idea? >>>>>> The request itself is completely filled with cc >>>>> >>>>> That is very weird, the 'rq' is got from hctx->tags, and rq should be

This patch should fix the bug reported in https://lkml.org/lkml/2014/9/11/249. Test is still pending. David Hildenbrand (1): blk-mq: Avoid race condition with uninitialized requests block/blk-mq.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 1.8.5.5

This patch should fix the bug reported in https://lkml.org/lkml/2014/9/11/249. Test is still pending. David Hildenbrand (1): blk-mq: Avoid race condition with uninitialized requests block/blk-mq.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 1.8.5.5

...simple patch that just sets cmd_flags and action_flags to What is action_flags? > 0. That should already be sufficient to hinder blk_mq_tag_to_rq and the calling > method to do the wrong thing. Yes, clearing rq->cmd_flags should be enough. And looks better to move rq initialization to __blk_mq_free_request() too, otherwise timeout still may see old cmd_flags and rq->q before rq's new initialization. Thanks, -- Ming Lei

...blk_mq_alloc_data *data, int rw) if (tag != BLK_MQ_TAG_FAIL) { rq = data->hctx->tags->rqs[tag]; - rq->cmd_flags = 0; if (blk_mq_tag_busy(data->hctx)) { rq->cmd_flags = REQ_MQ_INFLIGHT; atomic_inc(&data->hctx->nr_active); @@ -258,6 +257,7 @@ static void __blk_mq_free_request(struct blk_mq_hw_ctx *hctx, if (rq->cmd_flags & REQ_MQ_INFLIGHT) atomic_dec(&hctx->nr_active); + rq->cmd_flags = 0; clear_bit(REQ_ATOM_STARTED, &rq->atomic_flags); blk_mq_put_tag(hctx, tag, &ctx->last_tag); @@ -1404,6 +1404,8 @@ static struct blk_mq_tags...

...if (tag != BLK_MQ_TAG_FAIL) { > rq = data->hctx->tags->rqs[tag]; > > - rq->cmd_flags = 0; > if (blk_mq_tag_busy(data->hctx)) { > rq->cmd_flags = REQ_MQ_INFLIGHT; > atomic_inc(&data->hctx->nr_active); > @@ -258,6 +257,7 @@ static void __blk_mq_free_request(struct blk_mq_hw_ctx *hctx, > > if (rq->cmd_flags & REQ_MQ_INFLIGHT) > atomic_dec(&hctx->nr_active); > + rq->cmd_flags = 0; > > clear_bit(REQ_ATOM_STARTED, &rq->atomic_flags); > blk_mq_put_tag(hctx, tag, &ctx->last_tag); > @@ -1404,6...

...if (tag != BLK_MQ_TAG_FAIL) { > rq = data->hctx->tags->rqs[tag]; > > - rq->cmd_flags = 0; > if (blk_mq_tag_busy(data->hctx)) { > rq->cmd_flags = REQ_MQ_INFLIGHT; > atomic_inc(&data->hctx->nr_active); > @@ -258,6 +257,7 @@ static void __blk_mq_free_request(struct blk_mq_hw_ctx *hctx, > > if (rq->cmd_flags & REQ_MQ_INFLIGHT) > atomic_dec(&hctx->nr_active); > + rq->cmd_flags = 0; > > clear_bit(REQ_ATOM_STARTED, &rq->atomic_flags); > blk_mq_put_tag(hctx, tag, &ctx->last_tag); > @@ -1404,6...