On 11/27/24 2:36 PM, Kent Overstreet wrote: > When invoked from aio, mm_struct is guaranteed to outlive the request > since its lifetime is tied to the io_context - but that's not the case > for io_uring, it's possible that a process could be killed and mm_struct > goes away while a request is in flight. > > So if we're submitting the rest of the io asynchronously, we may need a > ref on mm_struct. > > Per Jens, this is not actually a bug because we're not yet flipping on > FMODE_NOWAIT, meaning io_uring will do the submission from an io_worker > kthread - but this patch is necessary for safely flipping on > FMODE_NOWAIT for more efficient submissions in the future.
This doesn't look right. The mmgrab looks fine, but that should be paired with mmdrop. And you still need an mmget_not_zero() before doing kthread_use_mm(), and then the mmput/mmdrop when after unuse done. -- Jens Axboe
