[PATCH] nvme-rdma: flush async events before freeing qe
David Milburn
dmilburn at redhat.com
Mon Aug 31 17:39:32 EDT 2020
Hi Sagi,
On 08/31/2020 03:52 PM, Sagi Grimberg wrote:
>
>> Flush async event workqueue in case async event has been
>> queued up before freeing qe and setting ctrl->async_event_sqe.data
>> to NULL. Otherwise, we can get into a state were nvme_rdma_submit_
>> async_event() runs with sqe->data set to NULL leading to crash.
>>
>> Signed-off-by: David Milburn <dmilburn at redhat.com>
>> ---
>> drivers/nvme/host/rdma.c | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git a/drivers/nvme/host/rdma.c b/drivers/nvme/host/rdma.c
>> index 8e5ffe2f117d..76f117462d5b 100644
>> --- a/drivers/nvme/host/rdma.c
>> +++ b/drivers/nvme/host/rdma.c
>> @@ -835,6 +835,7 @@ static void nvme_rdma_destroy_admin_queue(struct
>> nvme_rdma_ctrl *ctrl,
>> blk_mq_free_tag_set(ctrl->ctrl.admin_tagset);
>> }
>> if (ctrl->async_event_sqe.data) {
>> + flush_work(&ctrl->ctrl.async_event_work);
>> nvme_rdma_free_qe(ctrl->device->dev, &ctrl->async_event_sqe,
>> sizeof(struct nvme_command), DMA_TO_DEVICE);
>> ctrl->async_event_sqe.data = NULL;
>
> Why not cancel the work?
Ok, cancel_work_sync would have been a better choice.
>
> I also think that we will want to have this in nvme-core, not
> specifically to nvme-rdma?
>
I see how tcp.c may run into the same problem with
nvme_tcp_free_admin_queue(), but since we queue err_work
from rdma.c, tcp.c, fc.c, not sure how to move the
change to core.c?
Each calls nvme_complete_async_event(), but doesn't
look like we could check there.
Thanks,
David
More information about the Linux-nvme
mailing list