|
Gabriel Krisman Bertazi |
db70dd |
From 78a780602075d8b00c98070fa26e389b3b3efa72 Mon Sep 17 00:00:00 2001
|
|
Gabriel Krisman Bertazi |
db70dd |
From: Jens Axboe <axboe@kernel.dk>
|
|
Gabriel Krisman Bertazi |
db70dd |
Date: Thu, 9 Dec 2021 08:54:29 -0700
|
|
Gabriel Krisman Bertazi |
db70dd |
Subject: [PATCH] io_uring: ensure task_work gets run as part of cancelations
|
|
Gabriel Krisman Bertazi |
db70dd |
Git-commit: 78a780602075d8b00c98070fa26e389b3b3efa72
|
|
Gabriel Krisman Bertazi |
db70dd |
Patch-mainline: v5.16-rc5
|
|
Gabriel Krisman Bertazi |
db70dd |
References: bsc#1205205
|
|
Gabriel Krisman Bertazi |
db70dd |
|
|
Gabriel Krisman Bertazi |
db70dd |
If we successfully cancel a work item but that work item needs to be
|
|
Gabriel Krisman Bertazi |
db70dd |
processed through task_work, then we can be sleeping uninterruptibly
|
|
Gabriel Krisman Bertazi |
db70dd |
in io_uring_cancel_generic() and never process it. Hence we don't
|
|
Gabriel Krisman Bertazi |
db70dd |
make forward progress and we end up with an uninterruptible sleep
|
|
Gabriel Krisman Bertazi |
db70dd |
warning.
|
|
Gabriel Krisman Bertazi |
db70dd |
|
|
Gabriel Krisman Bertazi |
db70dd |
While in there, correct a comment that should be IFF, not IIF.
|
|
Gabriel Krisman Bertazi |
db70dd |
|
|
Gabriel Krisman Bertazi |
db70dd |
Reported-and-tested-by: syzbot+21e6887c0be14181206d@syzkaller.appspotmail.com
|
|
Gabriel Krisman Bertazi |
db70dd |
Cc: stable@vger.kernel.org
|
|
Gabriel Krisman Bertazi |
db70dd |
Signed-off-by: Jens Axboe <axboe@kernel.dk>
|
|
Gabriel Krisman Bertazi |
db70dd |
Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de>
|
|
Gabriel Krisman Bertazi |
db70dd |
---
|
|
Gabriel Krisman Bertazi |
db70dd |
fs/io_uring.c | 6 ++++--
|
|
Gabriel Krisman Bertazi |
db70dd |
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
Gabriel Krisman Bertazi |
db70dd |
|
|
Gabriel Krisman Bertazi |
db70dd |
diff --git a/fs/io_uring.c b/fs/io_uring.c
|
|
Gabriel Krisman Bertazi |
db70dd |
index c4f217613f56..d5ab0e9a3f29 100644
|
|
Gabriel Krisman Bertazi |
db70dd |
--- a/fs/io_uring.c
|
|
Gabriel Krisman Bertazi |
db70dd |
+++ b/fs/io_uring.c
|
|
Gabriel Krisman Bertazi |
db70dd |
@@ -9824,7 +9824,7 @@ static __cold void io_uring_drop_tctx_refs(struct task_struct *task)
|
|
Gabriel Krisman Bertazi |
db70dd |
|
|
Gabriel Krisman Bertazi |
db70dd |
/*
|
|
Gabriel Krisman Bertazi |
db70dd |
* Find any io_uring ctx that this task has registered or done IO on, and cancel
|
|
Gabriel Krisman Bertazi |
db70dd |
- * requests. @sqd should be not-null IIF it's an SQPOLL thread cancellation.
|
|
Gabriel Krisman Bertazi |
db70dd |
+ * requests. @sqd should be not-null IFF it's an SQPOLL thread cancellation.
|
|
Gabriel Krisman Bertazi |
db70dd |
*/
|
|
Gabriel Krisman Bertazi |
db70dd |
static __cold void io_uring_cancel_generic(bool cancel_all,
|
|
Gabriel Krisman Bertazi |
db70dd |
struct io_sq_data *sqd)
|
|
Gabriel Krisman Bertazi |
db70dd |
@@ -9866,8 +9866,10 @@ static __cold void io_uring_cancel_generic(bool cancel_all,
|
|
Gabriel Krisman Bertazi |
db70dd |
cancel_all);
|
|
Gabriel Krisman Bertazi |
db70dd |
}
|
|
Gabriel Krisman Bertazi |
db70dd |
|
|
Gabriel Krisman Bertazi |
db70dd |
- prepare_to_wait(&tctx->wait, &wait, TASK_UNINTERRUPTIBLE);
|
|
Gabriel Krisman Bertazi |
db70dd |
+ prepare_to_wait(&tctx->wait, &wait, TASK_INTERRUPTIBLE);
|
|
Gabriel Krisman Bertazi |
db70dd |
+ io_run_task_work();
|
|
Gabriel Krisman Bertazi |
db70dd |
io_uring_drop_tctx_refs(current);
|
|
Gabriel Krisman Bertazi |
db70dd |
+
|
|
Gabriel Krisman Bertazi |
db70dd |
/*
|
|
Gabriel Krisman Bertazi |
db70dd |
* If we've seen completions, retry without waiting. This
|
|
Gabriel Krisman Bertazi |
db70dd |
* avoids a race where a completion comes in before we did
|
|
Gabriel Krisman Bertazi |
db70dd |
--
|
|
Gabriel Krisman Bertazi |
db70dd |
2.35.3
|
|
Gabriel Krisman Bertazi |
db70dd |
|