Commit 97284637 authored by Pavel Begunkov's avatar Pavel Begunkov Committed by Jens Axboe
Browse files

io_uring: fix rw req completion 



WARNING: at fs/io_uring.c:8578 io_ring_exit_work.cold+0x0/0x18

As reissuing is now passed back by REQ_F_REISSUE and kiocb_done()
internally uses __io_complete_rw(), it may stop after setting the flag
so leaving a dangling request.

There are tricky edge cases, e.g. reading beyound file, boundary, so
the easiest way is to hand code reissue in kiocb_done() as
__io_complete_rw() was doing for us before.

Fixes: 230d50d4 ("io_uring: move reissue into regular IO path")
Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
Link: https://lore.kernel.org/r/f602250d292f8a84cca9a01d747744d1e797be26.1617842918.git.asml.silence@gmail.com


Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 6ad7f233

fs/io_uring.c

+13 −0
Original line number Diff line number Diff line
@@ -2762,6 +2762,7 @@ static void kiocb_done(struct kiocb *kiocb, ssize_t ret, 
{

	struct io_kiocb *req = container_of(kiocb, struct io_kiocb, rw.kiocb);

	struct io_async_rw *io = req->async_data;

	bool check_reissue = kiocb->ki_complete == io_complete_rw;



	/* add previously done IO, if any */

	if (io && io->bytes_done > 0) {
@@ -2777,6 +2778,18 @@ static void kiocb_done(struct kiocb *kiocb, ssize_t ret, 
		__io_complete_rw(req, ret, 0, issue_flags);

	else

		io_rw_done(kiocb, ret);



	if (check_reissue && req->flags & REQ_F_REISSUE) {

		req->flags &= ~REQ_F_REISSUE;

		if (!io_rw_reissue(req)) {

			int cflags = 0;



			req_set_fail_links(req);

			if (req->flags & REQ_F_BUFFER_SELECTED)

				cflags = io_put_rw_kbuf(req);

			__io_req_complete(req, issue_flags, ret, cflags);

		}

	}

}



static int io_import_fixed(struct io_kiocb *req, int rw, struct iov_iter *iter)