* [PATCH] eventfd: avoid unnecessary wakeups in eventfd_write()
@ 2023-07-12 16:42 wenyang.linux
2023-07-13 8:56 ` Christian Brauner
0 siblings, 1 reply; 2+ messages in thread
From: wenyang.linux @ 2023-07-12 16:42 UTC (permalink / raw)
To: Alexander Viro, Jens Axboe, Christian Brauner
Cc: Wen Yang, Christoph Hellwig, Dylan Yudaken, David Woodhouse,
Matthew Wilcox, linux-fsdevel, linux-kernel
From: Wen Yang <wenyang.linux@foxmail.com>
In eventfd_write(), when ucnt is 0 and ctx->count is also 0,
current->in_eventfd will be set to 1, which may affect eventfd_signal(),
and unnecessary wakeups will also be performed.
Fix this issue by ensuring that ctx->count is not zero.
Signed-off-by: Wen Yang <wenyang.linux@foxmail.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Dylan Yudaken <dylany@fb.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: linux-fsdevel@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
---
fs/eventfd.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/fs/eventfd.c b/fs/eventfd.c
index 33a918f9566c..254b18ff0e00 100644
--- a/fs/eventfd.c
+++ b/fs/eventfd.c
@@ -281,10 +281,12 @@ static ssize_t eventfd_write(struct file *file, const char __user *buf, size_t c
}
if (likely(res > 0)) {
ctx->count += ucnt;
- current->in_eventfd = 1;
- if (waitqueue_active(&ctx->wqh))
- wake_up_locked_poll(&ctx->wqh, EPOLLIN);
- current->in_eventfd = 0;
+ if (ctx->count) {
+ current->in_eventfd = 1;
+ if (waitqueue_active(&ctx->wqh))
+ wake_up_locked_poll(&ctx->wqh, EPOLLIN);
+ current->in_eventfd = 0;
+ }
}
spin_unlock_irq(&ctx->wqh.lock);
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] eventfd: avoid unnecessary wakeups in eventfd_write()
2023-07-12 16:42 [PATCH] eventfd: avoid unnecessary wakeups in eventfd_write() wenyang.linux
@ 2023-07-13 8:56 ` Christian Brauner
0 siblings, 0 replies; 2+ messages in thread
From: Christian Brauner @ 2023-07-13 8:56 UTC (permalink / raw)
To: wenyang.linux
Cc: Alexander Viro, Jens Axboe, Christoph Hellwig, Dylan Yudaken,
David Woodhouse, Matthew Wilcox, linux-fsdevel, linux-kernel
On Thu, Jul 13, 2023 at 12:42:32AM +0800, wenyang.linux@foxmail.com wrote:
> From: Wen Yang <wenyang.linux@foxmail.com>
>
> In eventfd_write(), when ucnt is 0 and ctx->count is also 0,
> current->in_eventfd will be set to 1, which may affect eventfd_signal(),
> and unnecessary wakeups will also be performed.
>
> Fix this issue by ensuring that ctx->count is not zero.
>
> Signed-off-by: Wen Yang <wenyang.linux@foxmail.com>
> Cc: Alexander Viro <viro@zeniv.linux.org.uk>
> Cc: Jens Axboe <axboe@kernel.dk>
> Cc: Christian Brauner <brauner@kernel.org>
> Cc: Christoph Hellwig <hch@lst.de>
> Cc: Dylan Yudaken <dylany@fb.com>
> Cc: David Woodhouse <dwmw@amazon.co.uk>
> Cc: Matthew Wilcox <willy@infradead.org>
> Cc: linux-fsdevel@vger.kernel.org
> Cc: linux-kernel@vger.kernel.org
> ---
> fs/eventfd.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/fs/eventfd.c b/fs/eventfd.c
> index 33a918f9566c..254b18ff0e00 100644
> --- a/fs/eventfd.c
> +++ b/fs/eventfd.c
> @@ -281,10 +281,12 @@ static ssize_t eventfd_write(struct file *file, const char __user *buf, size_t c
> }
> if (likely(res > 0)) {
> ctx->count += ucnt;
> - current->in_eventfd = 1;
> - if (waitqueue_active(&ctx->wqh))
> - wake_up_locked_poll(&ctx->wqh, EPOLLIN);
> - current->in_eventfd = 0;
> + if (ctx->count) {
> + current->in_eventfd = 1;
> + if (waitqueue_active(&ctx->wqh))
> + wake_up_locked_poll(&ctx->wqh, EPOLLIN);
> + current->in_eventfd = 0;
> + }
> }
> spin_unlock_irq(&ctx->wqh.lock);
I don't think we can do this. Consider the following:
struct pollfd pfd = {
.events = POLLIN | POLLOUT,
};
int fd = eventfd(0, 0);
if (fd < 0)
return -1;
write(fd, &w, sizeof(__u64));
poll(&pfd, 1, -1);
printf("%d\n", pfd.revents & POLLOUT);
Currently, the eventfd_poll() will do:
ULLONG_MAX - 1 > ctx->count
informing pollers with POLLOUT that the eventfd is writable, iow, that
the count has overflowed.
After your change such POLLOUT waiters will hang forever even though the
eventfd is writable.
So currently, a zero write on an eventfd can be used to inform another
process that they can write. This breaks this completely.
Caller's that don't want to be woken up on zero writes should just not
set POLLOUT:
struct pollfd pfd = {
.events = POLLIN,
};
int fd = eventfd(0, 0);
if (fd < 0)
return -1;
write(fd, &w, sizeof(__u64));
poll(&pfd, 1, -1);
This will wait until someone actually writes something.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-07-13 8:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-12 16:42 [PATCH] eventfd: avoid unnecessary wakeups in eventfd_write() wenyang.linux
2023-07-13 8:56 ` Christian Brauner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).