mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/io_uring
History
Pavel Begunkov d2acf78908 io_uring/rsrc: fix folio accounting 
| BUG: Bad page state in process kworker/u8:0  pfn:5c001
| page:00000000bfda61c8 refcount:0 mapcount:0 mapping:0000000000000000 index:0x20001 pfn:0x5c001
| head:0000000011409842 order:9 entire_mapcount:0 nr_pages_mapped:0 pincount:1
| anon flags: 0x3fffc00000b0004(uptodate|head|mappedtodisk|swapbacked|node=0|zone=0|lastcpupid=0xffff)
| raw: 03fffc0000000000 fffffc0000700001 ffffffff00700903 0000000100000000
| raw: 0000000000000200 0000000000000000 00000000ffffffff 0000000000000000
| head: 03fffc00000b0004 dead000000000100 dead000000000122 ffff00000a809dc1
| head: 0000000000020000 0000000000000000 00000000ffffffff 0000000000000000
| page dumped because: nonzero pincount
| CPU: 3 PID: 9 Comm: kworker/u8:0 Not tainted 6.3.0-rc2-00001-gc6811bf0cd87 #1
| Hardware name: linux,dummy-virt (DT)
| Workqueue: events_unbound io_ring_exit_work
| Call trace:
|  dump_backtrace+0x13c/0x208
|  show_stack+0x34/0x58
|  dump_stack_lvl+0x150/0x1a8
|  dump_stack+0x20/0x30
|  bad_page+0xec/0x238
|  free_tail_pages_check+0x280/0x350
|  free_pcp_prepare+0x60c/0x830
|  free_unref_page+0x50/0x498
|  free_compound_page+0xcc/0x100
|  free_transhuge_page+0x1f0/0x2b8
|  destroy_large_folio+0x80/0xc8
|  __folio_put+0xc4/0xf8
|  gup_put_folio+0xd0/0x250
|  unpin_user_page+0xcc/0x128
|  io_buffer_unmap+0xec/0x2c0
|  __io_sqe_buffers_unregister+0xa4/0x1e0
|  io_ring_exit_work+0x68c/0x1188
|  process_one_work+0x91c/0x1a58
|  worker_thread+0x48c/0xe30
|  kthread+0x278/0x2f0
|  ret_from_fork+0x10/0x20

Mark reports an issue with the recent patches coalescing compound pages
while registering them in io_uring. The reason is that we try to drop
excessive references with folio_put_refs(), but pages were acquired
with pin_user_pages(), which has extra accounting and so should be put
down with matching unpin_user_pages() or at least gup_put_folio().

As a fix unpin_user_pages() all but first page instead, and let's figure
out a better API after.

Fixes: 57bebf807e ("io_uring/rsrc: optimise registered huge pages")
Reported-by: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Jens Axboe <axboe@kernel.dk>
Tested-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Link: https://lore.kernel.org/r/10efd5507d6d1f05ea0f3c601830e08767e189bd.1678980230.git.asml.silence@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
 		2023-03-16 09:32:18 -06:00
..
Makefile
advise.c io_uring: always go async for unsupported fadvise flags 2023-01-29 15:18:26 -07:00
advise.h
alloc_cache.h
cancel.c io_uring/cancel: re-grab ctx mutex after finishing wait 2022-12-21 13:31:40 -07:00
cancel.h
epoll.c io_uring: make io_kiocb_to_cmd() typesafe 2022-08-12 17:01:00 -06:00
epoll.h
fdinfo.c capability: just use a 'u64' instead of a 'u32[2]' array 2023-03-01 10:01:22 -08:00
fdinfo.h
filetable.c io_uring/filetable: fix file reference underflow 2022-11-25 06:54:46 -07:00
filetable.h io_uring: kill hot path fixed file bitmap debug checks 2022-10-16 17:07:53 -06:00
fs.c io_uring: for requests that require async, force it 2023-01-29 15:18:26 -07:00
fs.h
io-wq.c io_uring/io-wq: stop setting PF_NO_SETAFFINITY on io-wq workers 2023-03-08 08:48:13 -07:00
io-wq.h
io_uring.c io_uring: silence variable ‘prev’ set but not used warning 2023-03-09 10:10:58 -07:00
io_uring.h io_uring: mark task TASK_RUNNING before handling resume/task work 2023-02-06 08:23:21 -07:00
kbuf.c io_uring: fix size calculation when registering buf ring 2023-02-22 09:57:23 -07:00
kbuf.h io_uring: allow buffer recycling in READV 2022-09-21 10:30:43 -06:00
msg_ring.c io_uring/msg_ring: let target know allocated index 2023-03-16 07:16:56 -06:00
msg_ring.h io_uring: get rid of double locking 2022-12-07 06:47:13 -07:00
net.c io_uring: remove MSG_NOSIGNAL from recvmsg 2023-02-24 12:59:02 -07:00
net.h io_uring/net: zerocopy sendmsg 2022-09-21 13:15:02 -06:00
nop.c
nop.h
notif.c io_uring: refactor req allocation 2023-01-29 15:17:41 -07:00
notif.h io_uring: move zc reporting from the hot path 2022-11-21 07:38:31 -07:00
opdef.c io_uring,audit: don't log IORING_OP_MADVISE 2023-02-10 16:00:30 -07:00
opdef.h io_uring: Split io_issue_def struct 2023-01-29 15:17:41 -07:00
openclose.c io_uring: always go async for unsupported open flags 2023-01-29 15:18:26 -07:00
openclose.h
poll.c io_uring/poll: don't pass in wake func to io_init_poll_iocb() 2023-03-01 10:06:53 -07:00
poll.h io_uring/poll: allow some retries for poll triggering spuriously 2023-02-25 20:10:13 -07:00
refs.h
rsrc.c io_uring/rsrc: fix folio accounting 2023-03-16 09:32:18 -06:00
rsrc.h io_uring: use tw for putting rsrc 2022-12-07 06:47:13 -07:00
rw.c for-6.3/iter-ubuf-2023-02-16 2023-02-20 14:03:57 -08:00
rw.h io_uring/rw: don't lose partial IO result on fail 2022-09-21 13:15:02 -06:00
slist.h io_uring: silence variable ‘prev’ set but not used warning 2023-03-09 10:10:58 -07:00
splice.c io_uring: for requests that require async, force it 2023-01-29 15:18:26 -07:00
splice.h
sqpoll.c io_uring/sqpoll: Do not set PF_NO_SETAFFINITY on sqpoll threads 2023-03-15 06:50:59 -06:00
sqpoll.h io_uring: make io_sqpoll_wait_sq return void 2023-01-29 15:17:40 -07:00
statx.c io_uring: for requests that require async, force it 2023-01-29 15:18:26 -07:00
statx.h
sync.c io_uring: for requests that require async, force it 2023-01-29 15:18:26 -07:00
sync.h
tctx.c io_uring: rename 'in_idle' to 'in_cancel' 2023-02-22 09:57:23 -07:00
tctx.h io_uring: simplify __io_uring_add_tctx_node 2022-10-07 12:25:30 -06:00
timeout.c io_uring: ease timeout flush locking requirements 2022-12-14 08:53:35 -07:00
timeout.h io_uring: remove unused return from io_disarm_next 2022-09-21 13:15:01 -06:00
uring_cmd.c io_uring/uring_cmd: ensure that device supports IOPOLL 2023-03-09 09:23:59 -07:00
uring_cmd.h
xattr.c io_uring: for requests that require async, force it 2023-01-29 15:18:26 -07:00
xattr.h