Commit b7f5a0bf authored by Pavel Begunkov's avatar Pavel Begunkov Committed by Jens Axboe

io_uring: fix sqpoll cancellation via task_work

Running sqpoll cancellations via task_work_run() is a bad idea because
it depends on other task works to be run, but those may be locked in
currently running task_work_run() because of how it's (splicing the list
in batches).

Enqueue and run them through a separate callback head, namely
struct io_sq_data::park_task_work. As a nice bonus we now precisely
control where it's run, that's much safer than guessing where it can
happen as it was before.
Reported-by: default avatarJens Axboe <axboe@kernel.dk>
Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 9b465711
...@@ -274,6 +274,7 @@ struct io_sq_data { ...@@ -274,6 +274,7 @@ struct io_sq_data {
unsigned long state; unsigned long state;
struct completion exited; struct completion exited;
struct callback_head *park_task_work;
}; };
#define IO_IOPOLL_BATCH 8 #define IO_IOPOLL_BATCH 8
...@@ -6727,6 +6728,7 @@ static int io_sq_thread(void *data) ...@@ -6727,6 +6728,7 @@ static int io_sq_thread(void *data)
cond_resched(); cond_resched();
mutex_lock(&sqd->lock); mutex_lock(&sqd->lock);
io_run_task_work(); io_run_task_work();
io_run_task_work_head(&sqd->park_task_work);
timeout = jiffies + sqd->sq_thread_idle; timeout = jiffies + sqd->sq_thread_idle;
continue; continue;
} }
...@@ -6781,6 +6783,7 @@ static int io_sq_thread(void *data) ...@@ -6781,6 +6783,7 @@ static int io_sq_thread(void *data)
} }
finish_wait(&sqd->wait, &wait); finish_wait(&sqd->wait, &wait);
io_run_task_work_head(&sqd->park_task_work);
timeout = jiffies + sqd->sq_thread_idle; timeout = jiffies + sqd->sq_thread_idle;
} }
...@@ -6792,6 +6795,7 @@ static int io_sq_thread(void *data) ...@@ -6792,6 +6795,7 @@ static int io_sq_thread(void *data)
mutex_unlock(&sqd->lock); mutex_unlock(&sqd->lock);
io_run_task_work(); io_run_task_work();
io_run_task_work_head(&sqd->park_task_work);
complete(&sqd->exited); complete(&sqd->exited);
do_exit(0); do_exit(0);
} }
...@@ -8890,7 +8894,7 @@ static void io_sqpoll_cancel_sync(struct io_ring_ctx *ctx) ...@@ -8890,7 +8894,7 @@ static void io_sqpoll_cancel_sync(struct io_ring_ctx *ctx)
if (task) { if (task) {
init_completion(&work.completion); init_completion(&work.completion);
init_task_work(&work.task_work, io_sqpoll_cancel_cb); init_task_work(&work.task_work, io_sqpoll_cancel_cb);
WARN_ON_ONCE(task_work_add(task, &work.task_work, TWA_SIGNAL)); io_task_work_add_head(&sqd->park_task_work, &work.task_work);
wake_up_process(task); wake_up_process(task);
} }
io_sq_thread_unpark(sqd); io_sq_thread_unpark(sqd);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment