From: Jens Axboe Date: Tue, 28 Mar 2023 01:56:18 +0000 (-0600) Subject: io_uring/poll: clear single/double poll flags on poll arming X-Git-Tag: dma-mapping-6.5-2023-06-28~480^2~2 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=005308f7bdacf5685ed1a431244a183dbbb9e0e8;p=users%2Fhch%2Fdma-mapping.git io_uring/poll: clear single/double poll flags on poll arming Unless we have at least one entry queued, then don't call into io_poll_remove_entries(). Normally this isn't possible, but if we retry poll then we can have ->nr_entries cleared again as we're setting it up. If this happens for a poll retry, then we'll still have at least REQ_F_SINGLE_POLL set. io_poll_remove_entries() then thinks it has entries to remove. Clear REQ_F_SINGLE_POLL and REQ_F_DOUBLE_POLL unconditionally when arming a poll request. Fixes: c16bda37594f ("io_uring/poll: allow some retries for poll triggering spuriously") Cc: stable@vger.kernel.org Reported-by: Pengfei Xu Signed-off-by: Jens Axboe --- diff --git a/io_uring/poll.c b/io_uring/poll.c index 795facbd0e9f..55306e801081 100644 --- a/io_uring/poll.c +++ b/io_uring/poll.c @@ -726,6 +726,7 @@ int io_arm_poll_handler(struct io_kiocb *req, unsigned issue_flags) apoll = io_req_alloc_apoll(req, issue_flags); if (!apoll) return IO_APOLL_ABORTED; + req->flags &= ~(REQ_F_SINGLE_POLL | REQ_F_DOUBLE_POLL); req->flags |= REQ_F_POLLED; ipt.pt._qproc = io_async_queue_proc;