Since commit (5d8edfb900d5 "iomap: Copy larger chunks from userspace"), iomap will try to copy in larger chunks than PAGE_SIZE. However, if the mapping doesn't support large folio, only one page of maximum 4KB will be created and 4KB data will be writen to pagecache each time. Then, next 4KB will be handled in next iteration. If chunk is 2MB, total 512 pages need to be handled finally. During this period, fault_in_iov_iter_readable() is called to check iov_iter readable validity. Since only 4KB will be handled each time, below address space will be checked over and over again: start end - buf, buf+2MB buf+4KB, buf+2MB buf+8KB, buf+2MB ... buf+2044KB buf+2MB Obviously the checking size is wrong since only 4KB will be handled each time. So this will get a correct bytes before fault_in_iov_iter_readable() to let iomap work well in non-large folio case. Fixes: 5d8edfb900d5 ("iomap: Copy larger chunks from userspace") Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Xu Yang <xu.yang_2@xxxxxxx> --- Change in v2: - fix address space description in message --- fs/iomap/buffered-io.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/iomap/buffered-io.c b/fs/iomap/buffered-io.c index 41c8f0c68ef5..51ca31cd94ae 100644 --- a/fs/iomap/buffered-io.c +++ b/fs/iomap/buffered-io.c @@ -925,6 +925,9 @@ static loff_t iomap_write_iter(struct iomap_iter *iter, struct iov_iter *i) if (bytes > length) bytes = length; + if (!mapping_large_folio_support(iter->inode->i_mapping)) + bytes = min_t(size_t, bytes, PAGE_SIZE - offset_in_page(pos)); + /* * Bring in the user page that we'll copy from _first_. * Otherwise there's a nasty deadlock on copying from the -- 2.34.1