Commit a5181c8
scsi: ufs: core: Fix race between force complete and ISR
While error handler force complete command (Thread A) and completion IRQ
raising (Thread B) of the same command, it may cause race condition.
Below is racing step (from 1 to 6):
ufshcd_mcq_compl_pending_transfer (Thread A)
1 if (cmd && !test_bit(SCMD_STATE_COMPLETE, &cmd->state)) {
5 spin_lock_irqsave(&hwq->cq_lock, flags); // wait lock release
set_host_byte(cmd, DID_REQUEUE);
6 ufshcd_release_scsi_cmd(hba, lrbp); // access null pointer
scsi_done(cmd);
spin_unlock_irqrestore(&hwq->cq_lock, flags);
}
ufshcd_mcq_poll_cqe_lock (Thread B)
2 spin_lock_irqsave(&hwq->cq_lock, flags);
ufshcd_mcq_poll_cqe_nolock()
ufshcd_compl_one_cqe()
3 ufshcd_release_scsi_cmd() // lrbp->cmd = NULL;
4 spin_unlock_irqrestore(&hwq->cq_lock, flags);
Signed-off-by: Alice Chao <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Reviewed-by: Bart Van Assche <[email protected]>
Signed-off-by: Martin K. Petersen <[email protected]>1 parent f2d79aa commit a5181c8
1 file changed
+2
-2
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5615 | 5615 | | |
5616 | 5616 | | |
5617 | 5617 | | |
| 5618 | + | |
5618 | 5619 | | |
5619 | | - | |
5620 | 5620 | | |
5621 | 5621 | | |
5622 | 5622 | | |
5623 | | - | |
5624 | 5623 | | |
| 5624 | + | |
5625 | 5625 | | |
5626 | 5626 | | |
5627 | 5627 | | |
| |||
0 commit comments