Re: [PATCH v5 2/4] io_uring: avoid ring quiesce while registering/unregistering eventfd
From: Pavel Begunkov
Date: Thu Feb 03 2022 - 18:59:57 EST
On 2/3/22 23:46, Pavel Begunkov wrote:
On 2/3/22 23:34, Usama Arif wrote:
This is done by creating a new RCU data structure (io_ev_fd) as part of
io_ring_ctx that holds the eventfd_ctx.
The function io_eventfd_signal is executed under rcu_read_lock with a
single rcu_dereference to io_ev_fd so that if another thread unregisters
the eventfd while io_eventfd_signal is still being executed, the
eventfd_signal for which io_eventfd_signal was called completes
successfully.
The process of registering/unregistering eventfd is done under a lock
so multiple threads don't enter a race condition while
registering/unregistering eventfd.
With the above approach ring quiesce can be avoided which is much more
expensive then using RCU lock. On the system tested, io_uring_reigster with
IORING_REGISTER_EVENTFD takes less than 1ms with RCU lock, compared to 15ms
before with ring quiesce.
Signed-off-by: Usama Arif <usama.arif@xxxxxxxxxxxxx>
---
fs/io_uring.c | 116 ++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 93 insertions(+), 23 deletions(-)
[...]
+
+static void io_eventfd_put(struct rcu_head *rcu)
+{
+ struct io_ev_fd *ev_fd = container_of(rcu, struct io_ev_fd, rcu);
+ struct io_ring_ctx *ctx = ev_fd->ctx;
+
+ eventfd_ctx_put(ev_fd->cq_ev_fd);
+ kfree(ev_fd);
+ rcu_assign_pointer(ctx->io_ev_fd, NULL);
}
Emm, it happens after the grace period, so you have a gap where a
request may read a freed eventfd... What I think you wanted to do
is more like below:
io_eventfd_put() {
evfd = ...;
eventfd_ctx_put(evfd->evfd);
kfree(io_ev_fd);
}
register() {
s/register/unregister/
mutex_lock();
ev_fd = rcu_deref();
if (ev_fd) {
rcu_assign_pointer(ctx->evfd, NULL);
call_rcu(&ev_fd->evfd, io_eventfd_put);
}
mutex_unlock();
}
Note, there's no need in ->unregistering. I also doubt you need
->ev_fd_lock, how about just using already taken ->uring_lock?
--
Pavel Begunkov