block: Fix race triggered by blk_set_queue_dying()
authorBart Van Assche <bart.vanassche@sandisk.com>
Tue, 16 Aug 2016 23:48:36 +0000 (16:48 -0700)
committerJens Axboe <axboe@fb.com>
Wed, 17 Aug 2016 01:36:14 +0000 (19:36 -0600)
blk_set_queue_dying() can be called while another thread is
submitting I/O or changing queue flags, e.g. through dm_stop_queue().
Hence protect the QUEUE_FLAG_DYING flag change with locking.

Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Mike Snitzer <snitzer@redhat.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Jens Axboe <axboe@fb.com>
block/blk-core.c

index 999442ec4601487a35c76dad156dfa438a2a35b3..36c7ac328d8c17bd1967f898c91ff49f7a9b050d 100644 (file)
@@ -515,7 +515,9 @@ EXPORT_SYMBOL_GPL(blk_queue_bypass_end);
 
 void blk_set_queue_dying(struct request_queue *q)
 {
-       queue_flag_set_unlocked(QUEUE_FLAG_DYING, q);
+       spin_lock_irq(q->queue_lock);
+       queue_flag_set(QUEUE_FLAG_DYING, q);
+       spin_unlock_irq(q->queue_lock);
 
        if (q->mq_ops)
                blk_mq_wake_waiters(q);