This is a note to let you know that I've just added the patch titled
io_uring: don't run task work on an exiting task
to the 5.8-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
io_uring-don-t-run-task-work-on-an-exiting-task.patch
and it can be found in the queue-5.8 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Thu Oct 29 01:16:54 PM CET 2020
From: Jens Axboe <axboe@xxxxxxxxx>
Date: Mon, 12 Oct 2020 11:53:29 -0600
Subject: io_uring: don't run task work on an exiting task
From: Jens Axboe <axboe@xxxxxxxxx>
commit 6200b0ae4ea28a4bfd8eb434e33e6201b7a6a282 upstream.
This isn't safe, and isn't needed either. We are guaranteed that any
work we queue is on a live task (and will be run), or it goes to
our backup io-wq threads if the task is exiting.
Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/io_uring.c | 8 ++++++++
1 file changed, 8 insertions(+)
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -1762,6 +1762,12 @@ static int io_put_kbuf(struct io_kiocb *
static inline bool io_run_task_work(void)
{
+ /*
+ * Not safe to run on exiting task, and the task_work handling will
+ * not add work to such a task.
+ */
+ if (unlikely(current->flags & PF_EXITING))
+ return false;
if (current->task_works) {
__set_current_state(TASK_RUNNING);
task_work_run();
@@ -7791,6 +7797,8 @@ static void io_uring_cancel_files(struct
io_put_req(cancel_req);
}
+ /* cancellations _may_ trigger task work */
+ io_run_task_work();
schedule();
finish_wait(&ctx->inflight_wait, &wait);
}
Patches currently in stable-queue which might be from axboe@xxxxxxxxx are
queue-5.8/io_uring-convert-advanced-xarray-uses-to-the-normal-api.patch
queue-5.8/io_uring-don-t-run-task-work-on-an-exiting-task.patch
queue-5.8/io_uring-reference-nsproxy-for-file-table-commands.patch
queue-5.8/io_uring-stash-ctx-task-reference-for-sqpoll.patch
queue-5.8/io_uring-return-cancelation-status-from-poll-timeout-files-handlers.patch
queue-5.8/io_uring-fix-xarray-usage-in-io_uring_add_task_file.patch
queue-5.8/io_uring-fix-use-of-xarray-in-__io_uring_files_cancel.patch
queue-5.8/io-wq-fix-use-after-free-in-io_wq_worker_running.patch
queue-5.8/io_uring-don-t-rely-on-weak-files-references.patch
queue-5.8/io_uring-allow-timeout-poll-files-killing-to-take-task-into-account.patch
queue-5.8/io_uring-move-dropping-of-files-into-separate-helper.patch
queue-5.8/io_uring-unconditionally-grab-req-task.patch
queue-5.8/io_uring-enable-task-files-specific-overflow-flushing.patch
queue-5.8/io_wq-make-io_wqe-lock-a-raw_spinlock_t.patch
queue-5.8/io_uring-no-need-to-call-xa_destroy-on-empty-xarray.patch
