From: Chao Leng <lengchao@huawei.com> To: Hannes Reinecke <hare@suse.de>, Christoph Hellwig <hch@lst.de> Cc: <axboe@kernel.dk>, <axboe@fb.com>, <sagi@grimberg.me>, <linux-nvme@lists.infradead.org>, <linux-block@vger.kernel.org>, <kbusch@kernel.org> Subject: Re: [PATCH v3 3/5] nvme-fabrics: avoid double request completion for nvmf_fail_nonready_command Date: Fri, 22 Jan 2021 09:50:16 +0800 [thread overview] Message-ID: <3bcd337b-3ab3-03ab-f9e6-a461cd8ee127@huawei.com> (raw) In-Reply-To: <467a43b0-82cc-69b7-460a-413ddc8cf574@suse.de> On 2021/1/21 17:27, Hannes Reinecke wrote: > On 1/21/21 10:00 AM, Christoph Hellwig wrote: >> On Thu, Jan 21, 2021 at 09:58:37AM +0100, Hannes Reinecke wrote: >>> On 1/21/21 8:03 AM, Chao Leng wrote: >>>> When reconnect, the request may be completed with NVME_SC_HOST_PATH_ERROR >>>> in nvmf_fail_nonready_command. The state of request will be changed to >>>> MQ_RQ_IN_FLIGHT before call nvme_complete_rq. If free the request >>>> asynchronously such as in nvme_submit_user_cmd, in extreme scenario >>>> the request may be completed again in tear down process. >>>> nvmf_fail_nonready_command do not need calling blk_mq_start_request >>>> before complete the request. nvmf_fail_nonready_command should set >>>> the state of request to MQ_RQ_COMPLETE before complete the request. >>>> >>> >>> So what you are saying is that there is a race condition between >>> blk_mq_start_request() >>> and >>> nvme_complete_request() >> >> Between those to a teardown that cancels all requests can come in. >> > Doesn't nvme_complete_request() insulate against a double completion? nvme_complete_request can not insulate against double completion. Setting the state of request to MQ_RQ_COMPLETE avoid double completion. tear down(nvme_cancel_request) check the state of the request, if the state is MQ_RQ_COMPLETE, it will skip completion. > I seem to remember we've gone through great lengths ensuring that. > > And if this is just about setting the correct error code on completion I'd really prefer to stick with the current code. Moving that into a helper is fine, but I'd rather not introduce our own code modifying request state. > > If there really is a race condition this feels like a more generic problem; calling blk_mq_start_request() followed by blk_mq_end_request() is a quite common pattern, and from my impression the recommended way. > So if there is an issue it would need to be addressed for all drivers, not just some nvme-specific way. Currently, it is not safe for nvme. The probability is very low. I am not sure whether similar occurs in other scenarios. > Plus I'd like to have Jens' opinion here. > > Cheers, > > Hannes
WARNING: multiple messages have this Message-ID (diff)
From: Chao Leng <lengchao@huawei.com> To: Hannes Reinecke <hare@suse.de>, Christoph Hellwig <hch@lst.de> Cc: axboe@kernel.dk, linux-block@vger.kernel.org, sagi@grimberg.me, linux-nvme@lists.infradead.org, axboe@fb.com, kbusch@kernel.org Subject: Re: [PATCH v3 3/5] nvme-fabrics: avoid double request completion for nvmf_fail_nonready_command Date: Fri, 22 Jan 2021 09:50:16 +0800 [thread overview] Message-ID: <3bcd337b-3ab3-03ab-f9e6-a461cd8ee127@huawei.com> (raw) In-Reply-To: <467a43b0-82cc-69b7-460a-413ddc8cf574@suse.de> On 2021/1/21 17:27, Hannes Reinecke wrote: > On 1/21/21 10:00 AM, Christoph Hellwig wrote: >> On Thu, Jan 21, 2021 at 09:58:37AM +0100, Hannes Reinecke wrote: >>> On 1/21/21 8:03 AM, Chao Leng wrote: >>>> When reconnect, the request may be completed with NVME_SC_HOST_PATH_ERROR >>>> in nvmf_fail_nonready_command. The state of request will be changed to >>>> MQ_RQ_IN_FLIGHT before call nvme_complete_rq. If free the request >>>> asynchronously such as in nvme_submit_user_cmd, in extreme scenario >>>> the request may be completed again in tear down process. >>>> nvmf_fail_nonready_command do not need calling blk_mq_start_request >>>> before complete the request. nvmf_fail_nonready_command should set >>>> the state of request to MQ_RQ_COMPLETE before complete the request. >>>> >>> >>> So what you are saying is that there is a race condition between >>> blk_mq_start_request() >>> and >>> nvme_complete_request() >> >> Between those to a teardown that cancels all requests can come in. >> > Doesn't nvme_complete_request() insulate against a double completion? nvme_complete_request can not insulate against double completion. Setting the state of request to MQ_RQ_COMPLETE avoid double completion. tear down(nvme_cancel_request) check the state of the request, if the state is MQ_RQ_COMPLETE, it will skip completion. > I seem to remember we've gone through great lengths ensuring that. > > And if this is just about setting the correct error code on completion I'd really prefer to stick with the current code. Moving that into a helper is fine, but I'd rather not introduce our own code modifying request state. > > If there really is a race condition this feels like a more generic problem; calling blk_mq_start_request() followed by blk_mq_end_request() is a quite common pattern, and from my impression the recommended way. > So if there is an issue it would need to be addressed for all drivers, not just some nvme-specific way. Currently, it is not safe for nvme. The probability is very low. I am not sure whether similar occurs in other scenarios. > Plus I'd like to have Jens' opinion here. > > Cheers, > > Hannes _______________________________________________ Linux-nvme mailing list Linux-nvme@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-nvme
next prev parent reply other threads:[~2021-01-22 1:51 UTC|newest] Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-01-21 7:03 [PATCH v3 0/5] avoid double request completion and IO error Chao Leng 2021-01-21 7:03 ` Chao Leng 2021-01-21 7:03 ` [PATCH v3 1/5] blk-mq: introduce blk_mq_set_request_complete Chao Leng 2021-01-21 7:03 ` Chao Leng 2021-01-21 8:40 ` Christoph Hellwig 2021-01-21 8:40 ` Christoph Hellwig 2021-01-22 1:46 ` Chao Leng 2021-01-22 1:46 ` Chao Leng 2021-01-21 7:03 ` [PATCH v3 2/5] nvme-core: introduce complete failed request Chao Leng 2021-01-21 7:03 ` Chao Leng 2021-01-21 8:41 ` Christoph Hellwig 2021-01-21 8:41 ` Christoph Hellwig 2021-01-22 1:46 ` Chao Leng 2021-01-22 1:46 ` Chao Leng 2021-01-21 7:03 ` [PATCH v3 3/5] nvme-fabrics: avoid double request completion for nvmf_fail_nonready_command Chao Leng 2021-01-21 7:03 ` Chao Leng 2021-01-21 8:58 ` Hannes Reinecke 2021-01-21 8:58 ` Hannes Reinecke 2021-01-21 9:00 ` Christoph Hellwig 2021-01-21 9:00 ` Christoph Hellwig 2021-01-21 9:27 ` Hannes Reinecke 2021-01-21 9:27 ` Hannes Reinecke 2021-01-22 1:50 ` Chao Leng [this message] 2021-01-22 1:50 ` Chao Leng 2021-01-22 1:48 ` Chao Leng 2021-01-22 1:48 ` Chao Leng 2021-01-21 7:03 ` [PATCH v3 4/5] nvme-rdma: avoid IO error for nvme native multipath Chao Leng 2021-01-21 7:03 ` Chao Leng 2021-01-21 7:03 ` [PATCH v3 5/5] nvme-fc: " Chao Leng 2021-01-21 7:03 ` Chao Leng
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=3bcd337b-3ab3-03ab-f9e6-a461cd8ee127@huawei.com \ --to=lengchao@huawei.com \ --cc=axboe@fb.com \ --cc=axboe@kernel.dk \ --cc=hare@suse.de \ --cc=hch@lst.de \ --cc=kbusch@kernel.org \ --cc=linux-block@vger.kernel.org \ --cc=linux-nvme@lists.infradead.org \ --cc=sagi@grimberg.me \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.