diff options
| author | Lai Jiangshan <laijs@cn.fujitsu.com> | 2014-04-18 11:04:16 -0400 |
|---|---|---|
| committer | Tejun Heo <tj@kernel.org> | 2014-04-18 11:04:16 -0400 |
| commit | 4d595b866d2c653dc90a492b9973a834eabfa354 (patch) | |
| tree | 6b9a9af0eb01436a3967eff0a5c916e80cf0ef5f /kernel/workqueue.c | |
| parent | 77f300b198f93328c26191b52655ce1b62e202cf (diff) | |
workqueue: make rescuer_thread() empty wq->maydays list before exiting
After a @pwq is scheduled for emergency execution, other workers may
consume the affectd work items before the rescuer gets to them. This
means that a workqueue many have pwqs queued on @wq->maydays list
while not having any work item pending or in-flight. If
destroy_workqueue() executes in such condition, the rescuer may exit
without emptying @wq->maydays.
This currently doesn't cause any actual harm. destroy_workqueue() can
safely destroy all the involved data structures whether @wq->maydays
is populated or not as nobody access the list once the rescuer exits.
However, this is nasty and makes future development difficult. Let's
update rescuer_thread() so that it empties @wq->maydays after seeing
should_stop to guarantee that the list is empty on rescuer exit.
tj: Updated comment and patch description.
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: stable@vger.kernel.org # v3.10+
Diffstat (limited to 'kernel/workqueue.c')
| -rw-r--r-- | kernel/workqueue.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/kernel/workqueue.c b/kernel/workqueue.c index 3150b217c936..6ba0c6054224 100644 --- a/kernel/workqueue.c +++ b/kernel/workqueue.c | |||
| @@ -2398,6 +2398,7 @@ static int rescuer_thread(void *__rescuer) | |||
| 2398 | struct worker *rescuer = __rescuer; | 2398 | struct worker *rescuer = __rescuer; |
| 2399 | struct workqueue_struct *wq = rescuer->rescue_wq; | 2399 | struct workqueue_struct *wq = rescuer->rescue_wq; |
| 2400 | struct list_head *scheduled = &rescuer->scheduled; | 2400 | struct list_head *scheduled = &rescuer->scheduled; |
| 2401 | bool should_stop; | ||
| 2401 | 2402 | ||
| 2402 | set_user_nice(current, RESCUER_NICE_LEVEL); | 2403 | set_user_nice(current, RESCUER_NICE_LEVEL); |
| 2403 | 2404 | ||
| @@ -2409,11 +2410,15 @@ static int rescuer_thread(void *__rescuer) | |||
| 2409 | repeat: | 2410 | repeat: |
| 2410 | set_current_state(TASK_INTERRUPTIBLE); | 2411 | set_current_state(TASK_INTERRUPTIBLE); |
| 2411 | 2412 | ||
| 2412 | if (kthread_should_stop()) { | 2413 | /* |
| 2413 | __set_current_state(TASK_RUNNING); | 2414 | * By the time the rescuer is requested to stop, the workqueue |
| 2414 | rescuer->task->flags &= ~PF_WQ_WORKER; | 2415 | * shouldn't have any work pending, but @wq->maydays may still have |
| 2415 | return 0; | 2416 | * pwq(s) queued. This can happen by non-rescuer workers consuming |
| 2416 | } | 2417 | * all the work items before the rescuer got to them. Go through |
| 2418 | * @wq->maydays processing before acting on should_stop so that the | ||
| 2419 | * list is always empty on exit. | ||
| 2420 | */ | ||
| 2421 | should_stop = kthread_should_stop(); | ||
| 2417 | 2422 | ||
| 2418 | /* see whether any pwq is asking for help */ | 2423 | /* see whether any pwq is asking for help */ |
| 2419 | spin_lock_irq(&wq_mayday_lock); | 2424 | spin_lock_irq(&wq_mayday_lock); |
| @@ -2459,6 +2464,12 @@ repeat: | |||
| 2459 | 2464 | ||
| 2460 | spin_unlock_irq(&wq_mayday_lock); | 2465 | spin_unlock_irq(&wq_mayday_lock); |
| 2461 | 2466 | ||
| 2467 | if (should_stop) { | ||
| 2468 | __set_current_state(TASK_RUNNING); | ||
| 2469 | rescuer->task->flags &= ~PF_WQ_WORKER; | ||
| 2470 | return 0; | ||
| 2471 | } | ||
| 2472 | |||
| 2462 | /* rescuers should never participate in concurrency management */ | 2473 | /* rescuers should never participate in concurrency management */ |
| 2463 | WARN_ON_ONCE(!(rescuer->flags & WORKER_NOT_RUNNING)); | 2474 | WARN_ON_ONCE(!(rescuer->flags & WORKER_NOT_RUNNING)); |
| 2464 | schedule(); | 2475 | schedule(); |