* [PATCH 0/2] io_uring: fix locking in __io_run_local_work
@ 2022-10-27 14:44 Dylan Yudaken
2022-10-27 14:44 ` [PATCH 1/2] io_uring: use io_run_local_work_locked helper Dylan Yudaken
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Dylan Yudaken @ 2022-10-27 14:44 UTC (permalink / raw)
To: Jens Axboe, Pavel Begunkov; +Cc: io-uring, kernel-team, Dylan Yudaken
If locked was not set in __io_run_local_work, but some task work managed
to lock the context, it would leave things locked indefinitely. Fix that
by passing the pointer in.
Patch 1 is a tiny cleanup to simplify things
Patch 2 is the fix
Dylan Yudaken (2):
io_uring: use io_run_local_work_locked helper
io_uring: unlock if __io_run_local_work locked inside
io_uring/io_uring.c | 11 +++++------
io_uring/io_uring.h | 12 ++++++++++--
2 files changed, 15 insertions(+), 8 deletions(-)
base-commit: 247f34f7b80357943234f93f247a1ae6b6c3a740
--
2.30.2
^ permalink raw reply [flat|nested] 7+ messages in thread* [PATCH 1/2] io_uring: use io_run_local_work_locked helper 2022-10-27 14:44 [PATCH 0/2] io_uring: fix locking in __io_run_local_work Dylan Yudaken @ 2022-10-27 14:44 ` Dylan Yudaken 2022-10-27 14:44 ` [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside Dylan Yudaken 2022-10-27 15:52 ` [PATCH 0/2] io_uring: fix locking in __io_run_local_work Jens Axboe 2 siblings, 0 replies; 7+ messages in thread From: Dylan Yudaken @ 2022-10-27 14:44 UTC (permalink / raw) To: Jens Axboe, Pavel Begunkov; +Cc: io-uring, kernel-team, Dylan Yudaken prefer to use io_run_local_work_locked helper for consistency Signed-off-by: Dylan Yudaken <[email protected]> --- io_uring/io_uring.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c index 6cc16e39b27f..8a0ce7379e89 100644 --- a/io_uring/io_uring.c +++ b/io_uring/io_uring.c @@ -1446,8 +1446,7 @@ static int io_iopoll_check(struct io_ring_ctx *ctx, long min) io_task_work_pending(ctx)) { u32 tail = ctx->cached_cq_tail; - if (!llist_empty(&ctx->work_llist)) - __io_run_local_work(ctx, true); + (void) io_run_local_work_locked(ctx); if (task_work_pending(current) || wq_list_empty(&ctx->iopoll_list)) { -- 2.30.2 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside 2022-10-27 14:44 [PATCH 0/2] io_uring: fix locking in __io_run_local_work Dylan Yudaken 2022-10-27 14:44 ` [PATCH 1/2] io_uring: use io_run_local_work_locked helper Dylan Yudaken @ 2022-10-27 14:44 ` Dylan Yudaken 2022-10-27 15:38 ` Jens Axboe 2022-10-27 15:52 ` [PATCH 0/2] io_uring: fix locking in __io_run_local_work Jens Axboe 2 siblings, 1 reply; 7+ messages in thread From: Dylan Yudaken @ 2022-10-27 14:44 UTC (permalink / raw) To: Jens Axboe, Pavel Begunkov; +Cc: io-uring, kernel-team, Dylan Yudaken It is possible for tw to lock the ring, and this was not propogated out to io_run_local_work. This can cause an unlock to be missed. Instead pass a pointer to locked into __io_run_local_work. Fixes: 8ac5d85a89b4 ("io_uring: add local task_work run helper that is entered locked") Signed-off-by: Dylan Yudaken <[email protected]> --- io_uring/io_uring.c | 8 ++++---- io_uring/io_uring.h | 12 ++++++++++-- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c index 8a0ce7379e89..ac8c488e3077 100644 --- a/io_uring/io_uring.c +++ b/io_uring/io_uring.c @@ -1173,7 +1173,7 @@ static void __cold io_move_task_work_from_local(struct io_ring_ctx *ctx) } } -int __io_run_local_work(struct io_ring_ctx *ctx, bool locked) +int __io_run_local_work(struct io_ring_ctx *ctx, bool *locked) { struct llist_node *node; struct llist_node fake; @@ -1192,7 +1192,7 @@ int __io_run_local_work(struct io_ring_ctx *ctx, bool locked) struct io_kiocb *req = container_of(node, struct io_kiocb, io_task_work.node); prefetch(container_of(next, struct io_kiocb, io_task_work.node)); - req->io_task_work.func(req, &locked); + req->io_task_work.func(req, locked); ret++; node = next; } @@ -1208,7 +1208,7 @@ int __io_run_local_work(struct io_ring_ctx *ctx, bool locked) goto again; } - if (locked) + if (*locked) io_submit_flush_completions(ctx); trace_io_uring_local_work_run(ctx, ret, loops); return ret; @@ -1225,7 +1225,7 @@ int io_run_local_work(struct io_ring_ctx *ctx) __set_current_state(TASK_RUNNING); locked = mutex_trylock(&ctx->uring_lock); - ret = __io_run_local_work(ctx, locked); + ret = __io_run_local_work(ctx, &locked); if (locked) mutex_unlock(&ctx->uring_lock); diff --git a/io_uring/io_uring.h b/io_uring/io_uring.h index ef77d2aa3172..331ec2869212 100644 --- a/io_uring/io_uring.h +++ b/io_uring/io_uring.h @@ -27,7 +27,7 @@ enum { struct io_uring_cqe *__io_get_cqe(struct io_ring_ctx *ctx, bool overflow); bool io_req_cqe_overflow(struct io_kiocb *req); int io_run_task_work_sig(struct io_ring_ctx *ctx); -int __io_run_local_work(struct io_ring_ctx *ctx, bool locked); +int __io_run_local_work(struct io_ring_ctx *ctx, bool *locked); int io_run_local_work(struct io_ring_ctx *ctx); void io_req_complete_failed(struct io_kiocb *req, s32 res); void __io_req_complete(struct io_kiocb *req, unsigned issue_flags); @@ -277,9 +277,17 @@ static inline int io_run_task_work_ctx(struct io_ring_ctx *ctx) static inline int io_run_local_work_locked(struct io_ring_ctx *ctx) { + bool locked; + int ret; + if (llist_empty(&ctx->work_llist)) return 0; - return __io_run_local_work(ctx, true); + + locked = true; + ret = __io_run_local_work(ctx, &locked); + if (WARN_ON(!locked)) + mutex_lock(&ctx->uring_lock); + return ret; } static inline void io_tw_lock(struct io_ring_ctx *ctx, bool *locked) -- 2.30.2 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside 2022-10-27 14:44 ` [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside Dylan Yudaken @ 2022-10-27 15:38 ` Jens Axboe 2022-10-27 15:50 ` Dylan Yudaken 0 siblings, 1 reply; 7+ messages in thread From: Jens Axboe @ 2022-10-27 15:38 UTC (permalink / raw) To: Dylan Yudaken, Pavel Begunkov; +Cc: io-uring, kernel-team On 10/27/22 8:44 AM, Dylan Yudaken wrote: > It is possible for tw to lock the ring, and this was not propogated out to > io_run_local_work. This can cause an unlock to be missed. > > Instead pass a pointer to locked into __io_run_local_work. > > Fixes: 8ac5d85a89b4 ("io_uring: add local task_work run helper that is entered locked") > Signed-off-by: Dylan Yudaken <[email protected]> > --- > io_uring/io_uring.c | 8 ++++---- > io_uring/io_uring.h | 12 ++++++++++-- > 2 files changed, 14 insertions(+), 6 deletions(-) > > diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c > index 8a0ce7379e89..ac8c488e3077 100644 > --- a/io_uring/io_uring.c > +++ b/io_uring/io_uring.c > @@ -1173,7 +1173,7 @@ static void __cold io_move_task_work_from_local(struct io_ring_ctx *ctx) > } > } > > -int __io_run_local_work(struct io_ring_ctx *ctx, bool locked) > +int __io_run_local_work(struct io_ring_ctx *ctx, bool *locked) > { > struct llist_node *node; > struct llist_node fake; > @@ -1192,7 +1192,7 @@ int __io_run_local_work(struct io_ring_ctx *ctx, bool locked) > struct io_kiocb *req = container_of(node, struct io_kiocb, > io_task_work.node); > prefetch(container_of(next, struct io_kiocb, io_task_work.node)); > - req->io_task_work.func(req, &locked); > + req->io_task_work.func(req, locked); > ret++; > node = next; > } > @@ -1208,7 +1208,7 @@ int __io_run_local_work(struct io_ring_ctx *ctx, bool locked) > goto again; > } > > - if (locked) > + if (*locked) > io_submit_flush_completions(ctx); > trace_io_uring_local_work_run(ctx, ret, loops); > return ret; > @@ -1225,7 +1225,7 @@ int io_run_local_work(struct io_ring_ctx *ctx) > > __set_current_state(TASK_RUNNING); > locked = mutex_trylock(&ctx->uring_lock); > - ret = __io_run_local_work(ctx, locked); > + ret = __io_run_local_work(ctx, &locked); > if (locked) > mutex_unlock(&ctx->uring_lock); > > diff --git a/io_uring/io_uring.h b/io_uring/io_uring.h > index ef77d2aa3172..331ec2869212 100644 > --- a/io_uring/io_uring.h > +++ b/io_uring/io_uring.h > @@ -27,7 +27,7 @@ enum { > struct io_uring_cqe *__io_get_cqe(struct io_ring_ctx *ctx, bool overflow); > bool io_req_cqe_overflow(struct io_kiocb *req); > int io_run_task_work_sig(struct io_ring_ctx *ctx); > -int __io_run_local_work(struct io_ring_ctx *ctx, bool locked); > +int __io_run_local_work(struct io_ring_ctx *ctx, bool *locked); > int io_run_local_work(struct io_ring_ctx *ctx); > void io_req_complete_failed(struct io_kiocb *req, s32 res); > void __io_req_complete(struct io_kiocb *req, unsigned issue_flags); > @@ -277,9 +277,17 @@ static inline int io_run_task_work_ctx(struct io_ring_ctx *ctx) > > static inline int io_run_local_work_locked(struct io_ring_ctx *ctx) > { > + bool locked; > + int ret; > + > if (llist_empty(&ctx->work_llist)) > return 0; > - return __io_run_local_work(ctx, true); > + > + locked = true; > + ret = __io_run_local_work(ctx, &locked); > + if (WARN_ON(!locked)) > + mutex_lock(&ctx->uring_lock); > + return ret; > } If you think warning on !locked is a good idea, it should be a WARN_ON_ONCE(). Or is this leftover debugging? -- Jens Axboe ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside 2022-10-27 15:38 ` Jens Axboe @ 2022-10-27 15:50 ` Dylan Yudaken 0 siblings, 0 replies; 7+ messages in thread From: Dylan Yudaken @ 2022-10-27 15:50 UTC (permalink / raw) To: Dylan Yudaken, [email protected], [email protected] Cc: Kernel Team, [email protected] On Thu, 2022-10-27 at 09:38 -0600, Jens Axboe wrote: > On 10/27/22 8:44 AM, Dylan Yudaken wrote: > > It is possible for tw to lock the ring, and this was not propogated > > out to > > io_run_local_work. This can cause an unlock to be missed. > > > > Instead pass a pointer to locked into __io_run_local_work. > > > > Fixes: 8ac5d85a89b4 ("io_uring: add local task_work run helper that > > is entered locked") > > Signed-off-by: Dylan Yudaken <[email protected]> > > --- > > > > + if (WARN_ON(!locked)) > > + mutex_lock(&ctx->uring_lock); > > + return ret; > > } > > If you think warning on !locked is a good idea, it should be a > WARN_ON_ONCE(). Or is this leftover debugging? > It's not leftover. Basically it should not be (afaik) that tw will unlock the mutex, but I didn't want to leave a dangling unlocked mutex. Maybe that is being too conservative and we can just kill both lines - we never used to check for this. Happy for either way Dylan ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 0/2] io_uring: fix locking in __io_run_local_work 2022-10-27 14:44 [PATCH 0/2] io_uring: fix locking in __io_run_local_work Dylan Yudaken 2022-10-27 14:44 ` [PATCH 1/2] io_uring: use io_run_local_work_locked helper Dylan Yudaken 2022-10-27 14:44 ` [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside Dylan Yudaken @ 2022-10-27 15:52 ` Jens Axboe 2022-10-27 15:57 ` Jens Axboe 2 siblings, 1 reply; 7+ messages in thread From: Jens Axboe @ 2022-10-27 15:52 UTC (permalink / raw) To: Pavel Begunkov, Dylan Yudaken; +Cc: kernel-team, io-uring On Thu, 27 Oct 2022 07:44:27 -0700, Dylan Yudaken wrote: > If locked was not set in __io_run_local_work, but some task work managed > to lock the context, it would leave things locked indefinitely. Fix that > by passing the pointer in. > > Patch 1 is a tiny cleanup to simplify things > Patch 2 is the fix > > [...] Applied, thanks! [1/2] io_uring: use io_run_local_work_locked helper commit: 8de11cdc96bf58b324c59a28512eb9513fd02553 [2/2] io_uring: unlock if __io_run_local_work locked inside commit: b3026767e15b488860d4bbf1649d69612bab2c25 Best regards, -- Jens Axboe ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 0/2] io_uring: fix locking in __io_run_local_work 2022-10-27 15:52 ` [PATCH 0/2] io_uring: fix locking in __io_run_local_work Jens Axboe @ 2022-10-27 15:57 ` Jens Axboe 0 siblings, 0 replies; 7+ messages in thread From: Jens Axboe @ 2022-10-27 15:57 UTC (permalink / raw) To: Pavel Begunkov, Dylan Yudaken; +Cc: kernel-team, io-uring On 10/27/22 9:52 AM, Jens Axboe wrote: > On Thu, 27 Oct 2022 07:44:27 -0700, Dylan Yudaken wrote: >> If locked was not set in __io_run_local_work, but some task work managed >> to lock the context, it would leave things locked indefinitely. Fix that >> by passing the pointer in. >> >> Patch 1 is a tiny cleanup to simplify things >> Patch 2 is the fix >> >> [...] > > Applied, thanks! > > [1/2] io_uring: use io_run_local_work_locked helper > commit: 8de11cdc96bf58b324c59a28512eb9513fd02553 > [2/2] io_uring: unlock if __io_run_local_work locked inside > commit: b3026767e15b488860d4bbf1649d69612bab2c25 I made the WARN_ON() -> WARN_ON_ONCE() edit and added a small comment as well, while applying. -- Jens Axboe ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2022-10-27 15:57 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-10-27 14:44 [PATCH 0/2] io_uring: fix locking in __io_run_local_work Dylan Yudaken 2022-10-27 14:44 ` [PATCH 1/2] io_uring: use io_run_local_work_locked helper Dylan Yudaken 2022-10-27 14:44 ` [PATCH 2/2] io_uring: unlock if __io_run_local_work locked inside Dylan Yudaken 2022-10-27 15:38 ` Jens Axboe 2022-10-27 15:50 ` Dylan Yudaken 2022-10-27 15:52 ` [PATCH 0/2] io_uring: fix locking in __io_run_local_work Jens Axboe 2022-10-27 15:57 ` Jens Axboe
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox