On 20/01/2021 02:07, Joseph Qi wrote:
[...]
>> Fix this by moving the IO_WQ_WORK_NO_CANCEL until _after_ we've modified
>> the fdtable. Canceling before this point is totally fine, and running
>> it in the io-wq context _after_ that point is also fine.
>>
>> For 5.12, we'll handle this internally and get rid of the no-cancel
>> flag, as IORING_OP_CLOSE is the only user of it.
>>
>> Fixes: 14587a46646d ("io_uring: enable file table usage for SQPOLL rings")
>
> As discussed with Pavel, this can not only happen in case sqpoll, but
> also in case async cancel is from io-wq.
Right, and it's handled because execution-during-cancellation can't
anymore get into close_fd_get_file(), either it was already done or
we didn't yet set IO_WQ_WORK_NO_CANCEL. And blkcg is not a problem.
>
>> Reported-by: Joseph Qi <joseph.qi@xxxxxxxxxxxxxxxxx>
>
> In fact, it is reported by "Abaci <abaci@xxxxxxxxxxxxxxxxx>"
>
>> Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
>
> Reviewed-and-tested-by: Joseph Qi <joseph.qi@xxxxxxxxxxxxxxxxx>
Thanks!
>>
>> ---
>>
>> Joseph, can you test this patch and see if this fixes it for you?
>>
>> diff --git a/fs/io_uring.c b/fs/io_uring.c
>> index b76bb50f18c7..5f6f1e48954e 100644
>> --- a/fs/io_uring.c
>> +++ b/fs/io_uring.c
>> @@ -4472,7 +4472,6 @@ static int io_close_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe)
>> * io_wq_work.flags, so initialize io_wq_work firstly.
>> */
>> io_req_init_async(req);
>> - req->work.flags |= IO_WQ_WORK_NO_CANCEL;
>>
>> if (unlikely(req->ctx->flags & IORING_SETUP_IOPOLL))
>> return -EINVAL;
>> @@ -4505,6 +4504,8 @@ static int io_close(struct io_kiocb *req, bool force_nonblock,
>>
>> /* if the file has a flush method, be safe and punt to async */
>> if (close->put_file->f_op->flush && force_nonblock) {
>> + /* not safe to cancel at this point */
>> + req->work.flags |= IO_WQ_WORK_NO_CANCEL;
>> /* was never set, but play safe */
>> req->flags &= ~REQ_F_NOWAIT;
>> /* avoid grabbing files - we don't need the files */
>>
--
Pavel Begunkov
