The SCSI error handler calls scsi_unjam_host() which can call the queue
function ufshcd_queuecommand() indirectly. The error handler changes the
state to UFSHCD_STATE_RESET while running, but error interrupts that
happen while the error handler is running could change the state to
UFSHCD_STATE_EH_SCHEDULED_NON_FATAL which would allow requests to go
through ufshcd_queuecommand() even though the error handler is running.
Block that hole by checking whether the error handler is in progress.
Link: https://lore.kernel.org/r/20211008084048.257498-1-adrian.hunter@intel.com
Reviewed-by: Asutosh Das <asutoshd@codeaurora.org>
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
 
        switch (hba->ufshcd_state) {
        case UFSHCD_STATE_OPERATIONAL:
+               break;
        case UFSHCD_STATE_EH_SCHEDULED_NON_FATAL:
+               /*
+                * SCSI error handler can call ->queuecommand() while UFS error
+                * handler is in progress. Error interrupts could change the
+                * state from UFSHCD_STATE_RESET to
+                * UFSHCD_STATE_EH_SCHEDULED_NON_FATAL. Prevent requests
+                * being issued in that case.
+                */
+               if (ufshcd_eh_in_progress(hba)) {
+                       err = SCSI_MLQUEUE_HOST_BUSY;
+                       goto out;
+               }
                break;
        case UFSHCD_STATE_EH_SCHEDULED_FATAL:
                /*