• Chansol Kim's avatar
    lightnvm: pblk: fix bio leak when bio is split · 05038712
    Chansol Kim authored
    For large size io where blk_queue_split needs to be called inside
    pblk_rw_io, results in bio leak as bio_endio is not called on the
    newly allocated. One way to observe this is to mounting ext4
    filesystem on the target and issuing 1MB io with dd, e.g., dd bs=1MB
    if=/dev/null of=/mount/myvolume. kmemleak reports:
    
    unreferenced object 0xffff88803d7d0100 (size 256):
      comm "kworker/u16:1", pid 68, jiffies 4294899333 (age 284.120s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 60 e8 31 81 88 ff ff  .........`.1....
        01 40 00 00 06 06 00 00 00 00 00 00 05 00 00 00  .@..............
      backtrace:
        [<000000001f5aa04f>] kmem_cache_alloc+0x204/0x3c0
        [<0000000040945aab>] mempool_alloc_slab+0x1d/0x30
        [<00000000b4959ab4>] mempool_alloc+0x83/0x220
        [<00000000646bad9b>] bio_alloc_bioset+0x229/0x320
        [<000000009264b251>] bio_clone_fast+0x26/0xc0
        [<0000000008250252>] bio_split+0x41/0x110
        [<00000000e365cad0>] blk_queue_split+0x349/0x930
        [<00000000eb5426bc>] pblk_make_rq+0x1b5/0x1f0
        [<00000000eea09cec>] generic_make_request+0x2f9/0x690
        [<00000000ae6acede>] submit_bio+0x12e/0x1f0
        [<00000000f9b8b82a>] ext4_io_submit+0x64/0x80
        [<000000009e4f817d>] ext4_bio_write_page+0x32e/0x890
        [<00000000cbd0d106>] mpage_submit_page+0x65/0xc0
        [<000000000eec7359>] mpage_map_and_submit_buffers+0x171/0x330
        [<000000009a7afcb6>] ext4_writepages+0xd5e/0x1650
        [<000000004476b096>] do_writepages+0x39/0xc0
    
    In case there is a need for a split, blk_queue_split returns the newly
    allocated bio to the caller by changing the value of pointer passed as
    a reference, while the original is passed to generic_make_requests.
    
    Although pblk_rw_io's local variable bio* has changed and passed to
    pblk_submit_read and pblk_write_to_cache, work is done on this new
    bio*, and pblk_rw_io returns NVM_IO_DONE, pblk_make_rq calls bio_endio
    on the old bio* because it passed bio pointer by value to pblk_rw_io.
    
    pblk_rw_io is unfolded into pblk_make_rq so that there is no copying
    of bio* and bio_endio is called on the correct bio*.
    Signed-off-by: default avatarChansol Kim <chansol.kim@samsung.com>
    Reviewed-by: default avatarJavier González <javier@javigon.com>
    Signed-off-by: default avatarMatias Bjørling <mb@lightnvm.io>
    Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
    05038712
pblk-init.c 33.2 KB