Re: [RFC 1/1] io_uring: preserve work->mm since actual work processing may need it

Minchan Kim <minchan@xxxxxxxxxx> · Thu, 16 Apr 2020 13:24:28 -0700

Hi Jens,

Sorry for the late.

On Fri, Apr 10, 2020 at 08:17:29PM -0600, Jens Axboe wrote:
> On 4/10/20 12:09 PM, Bijan Mottahedeh wrote:
> > On 4/10/2020 10:51 AM, Pavel Begunkov wrote:
> >> On 10/04/2020 19:54, Bijan Mottahedeh wrote:
> >>>> As I see, this down_read() from the trace is
> >>>> down_read(&current->mm->mmap_sem), where current->mm is set by use_mm()
> >>>> just several lines above your change. So, what do you mean by passing? I
> >>>> don't see do_madvise() __explicitly__ accepting mm as an argument.
> >>> I think the sequence is:
> >>>
> >>> io_madvise()
> >>> -> do_madvise(NULL, req->work.mm, ma->addr, ma->len, ma->advice)
> >>>                      ^^^^^^^^^^^^
> >>>     -> down_read(&mm->mmap_sem)
> >>>
> >>> I added an assert in do_madvise() for a NULL mm value and hit it running the test.
> >>>
> >>>> What tree do you use? Extra patches on top?
> >>> I'm using next-20200409 with no patches.
> >> I see, it came from 676a179 ("mm: pass task and mm to do_madvise"), which isn't
> >> in Jen's tree.
> >>
> >> I don't think your patch will do, because it changes mm refcounting with extra
> >> mmdrop() in io_req_work_drop_env(). That's assuming it worked well before.
> >>
> >> Better fix then is to make it ```do_madvise(NULL, current->mm, ...)```
> >> as it actually was at some point in the mentioned patch (v5).
> >>
> > Ok. Jens had suggested to use req->work.mm in the patch comments so 
> > let's just get him to confirm:
> > 
> > "I think we want to use req->work.mm here - it'll be the same as
> > current->mm at this point, but it makes it clear that we're using a
> > grabbed mm."
> 
> We should just use current->mm, as that matches at that point anyway
> since IORING_OP_MADVISE had needs_mm set.
> 
> Minchan, can you please make that change?

Do you mean this?

diff --git a/fs/io_uring.c b/fs/io_uring.c
index a9537cd77aeb..3edbb4764993 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -3280,7 +3280,7 @@ static int io_madvise(struct io_kiocb *req, bool force_nonblock)
        if (force_nonblock)
                return -EAGAIN;

-       ret = do_madvise(NULL, req->work.mm, ma->addr, ma->len, ma->advice);
+       ret = do_madvise(NULL, current->mm, ma->addr, ma->len, ma->advice);
        if (ret < 0)
                req_set_fail_links(req);
        io_cqring_add_event(req, ret);

Since I have a plan to resend whole patchset again, I will carry on
that.







