| Message ID | 77966bc104e25b0534995d5dbb152332bc8f31c0.1718196953.git.asml.silence@gmail.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | io_uring/rsrc: don't lock while !TASK_RUNNING | expand |
On 6/12/24 13:56, Pavel Begunkov wrote: > There is a report of io_rsrc_ref_quiesce() locking a mutex while not > TASK_RUNNING, which is due to forgetting restoring the state back after > io_run_task_work_sig() and attempts to break out of the waiting loop. Jens, can you add while applying please? Reported-by: Li Shi <sl1589472800@gmail.com> > do not call blocking ops when !TASK_RUNNING; state=1 set at > [<ffffffff815d2494>] prepare_to_wait+0xa4/0x380 > kernel/sched/wait.c:237 > WARNING: CPU: 2 PID: 397056 at kernel/sched/core.c:10099 > __might_sleep+0x114/0x160 kernel/sched/core.c:10099 > RIP: 0010:__might_sleep+0x114/0x160 kernel/sched/core.c:10099 > Call Trace: > <TASK> > __mutex_lock_common kernel/locking/mutex.c:585 [inline] > __mutex_lock+0xb4/0x940 kernel/locking/mutex.c:752 > io_rsrc_ref_quiesce+0x590/0x940 io_uring/rsrc.c:253 > io_sqe_buffers_unregister+0xa2/0x340 io_uring/rsrc.c:799 > __io_uring_register io_uring/register.c:424 [inline] > __do_sys_io_uring_register+0x5b9/0x2400 io_uring/register.c:613 > do_syscall_x64 arch/x86/entry/common.c:52 [inline] > do_syscall_64+0xd8/0x270 arch/x86/entry/common.c:83 > entry_SYSCALL_64_after_hwframe+0x6f/0x77 > > Fixes: 4ea15b56f0810 ("io_uring/rsrc: use wq for quiescing") > Cc: stable@vger.kernel.org > Signed-off-by: Pavel Begunkov <asml.silence@gmail.com> > --- > io_uring/rsrc.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/io_uring/rsrc.c b/io_uring/rsrc.c > index 65417c9553b1..edb9c5baf2e2 100644 > --- a/io_uring/rsrc.c > +++ b/io_uring/rsrc.c > @@ -249,6 +249,7 @@ __cold static int io_rsrc_ref_quiesce(struct io_rsrc_data *data, > > ret = io_run_task_work_sig(ctx); > if (ret < 0) { > + __set_current_state(TASK_RUNNING); > mutex_lock(&ctx->uring_lock); > if (list_empty(&ctx->rsrc_ref_list)) > ret = 0;
On Wed, 12 Jun 2024 13:56:38 +0100, Pavel Begunkov wrote: > There is a report of io_rsrc_ref_quiesce() locking a mutex while not > TASK_RUNNING, which is due to forgetting restoring the state back after > io_run_task_work_sig() and attempts to break out of the waiting loop. > > do not call blocking ops when !TASK_RUNNING; state=1 set at > [<ffffffff815d2494>] prepare_to_wait+0xa4/0x380 > kernel/sched/wait.c:237 > WARNING: CPU: 2 PID: 397056 at kernel/sched/core.c:10099 > __might_sleep+0x114/0x160 kernel/sched/core.c:10099 > RIP: 0010:__might_sleep+0x114/0x160 kernel/sched/core.c:10099 > Call Trace: > <TASK> > __mutex_lock_common kernel/locking/mutex.c:585 [inline] > __mutex_lock+0xb4/0x940 kernel/locking/mutex.c:752 > io_rsrc_ref_quiesce+0x590/0x940 io_uring/rsrc.c:253 > io_sqe_buffers_unregister+0xa2/0x340 io_uring/rsrc.c:799 > __io_uring_register io_uring/register.c:424 [inline] > __do_sys_io_uring_register+0x5b9/0x2400 io_uring/register.c:613 > do_syscall_x64 arch/x86/entry/common.c:52 [inline] > do_syscall_64+0xd8/0x270 arch/x86/entry/common.c:83 > entry_SYSCALL_64_after_hwframe+0x6f/0x77 > > [...] Applied, thanks! [1/1] io_uring/rsrc: don't lock while !TASK_RUNNING commit: 54559642b96116b45e4b5ca7fd9f7835b8561272 Best regards,
diff --git a/io_uring/rsrc.c b/io_uring/rsrc.c index 65417c9553b1..edb9c5baf2e2 100644 --- a/io_uring/rsrc.c +++ b/io_uring/rsrc.c @@ -249,6 +249,7 @@ __cold static int io_rsrc_ref_quiesce(struct io_rsrc_data *data, ret = io_run_task_work_sig(ctx); if (ret < 0) { + __set_current_state(TASK_RUNNING); mutex_lock(&ctx->uring_lock); if (list_empty(&ctx->rsrc_ref_list)) ret = 0;
There is a report of io_rsrc_ref_quiesce() locking a mutex while not TASK_RUNNING, which is due to forgetting restoring the state back after io_run_task_work_sig() and attempts to break out of the waiting loop. do not call blocking ops when !TASK_RUNNING; state=1 set at [<ffffffff815d2494>] prepare_to_wait+0xa4/0x380 kernel/sched/wait.c:237 WARNING: CPU: 2 PID: 397056 at kernel/sched/core.c:10099 __might_sleep+0x114/0x160 kernel/sched/core.c:10099 RIP: 0010:__might_sleep+0x114/0x160 kernel/sched/core.c:10099 Call Trace: <TASK> __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xb4/0x940 kernel/locking/mutex.c:752 io_rsrc_ref_quiesce+0x590/0x940 io_uring/rsrc.c:253 io_sqe_buffers_unregister+0xa2/0x340 io_uring/rsrc.c:799 __io_uring_register io_uring/register.c:424 [inline] __do_sys_io_uring_register+0x5b9/0x2400 io_uring/register.c:613 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd8/0x270 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6f/0x77 Fixes: 4ea15b56f0810 ("io_uring/rsrc: use wq for quiescing") Cc: stable@vger.kernel.org Signed-off-by: Pavel Begunkov <asml.silence@gmail.com> --- io_uring/rsrc.c | 1 + 1 file changed, 1 insertion(+)