Re: [PATCH v2 4/5] mm/shmem: remove page-copy fallback in shmem read path
From: Chi Zhiling
Date: Tue Jun 02 2026 - 02:20:45 EST
On 6/2/26 13:39, Baolin Wang wrote:
On 6/1/26 1:57 PM, Chi Zhiling wrote:
From: Chi Zhiling <chizhiling@xxxxxxxxxx>
This is perp patch for folio batch support which removing the fallback
to page-copy mode from shmem reads.
The existing hwpoison fallback would require fetching the same folio
multiple times to read its each pages, which complicates the
batching model. Instead, move hwpoison handling into
copy_each_pages_to_iter(), allowing the error path to be centralized.
This simplifies the shmem fast read path and avoids special-case
handling that conflicts with folio batching support.
Signed-off-by: Chi Zhiling <chizhiling@xxxxxxxxxx>
---
mm/shmem.c | 63 +++++++++++++++++++++++++++++-------------------------
1 file changed, 34 insertions(+), 29 deletions(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index b08118fbd275..cac355685e49 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -3353,6 +3353,30 @@ static size_t copy_zero_to_iter(size_t bytes, struct iov_iter *i)
return written;
}
+static size_t copy_pages_to_iter(struct folio *folio, size_t offset,
+ size_t bytes, struct iov_iter *i, int *error)
+{
+ struct page *page;
+ unsigned long off, nr, ret, written = 0;
+
+ do {
+ page = folio_page(folio, offset >> PAGE_SHIFT);
+ if (PageHWPoison(page)) {
+ *error = -EIO;
+ break;
+ }
+
+ off = offset_in_page(offset);
+ nr = min(PAGE_SIZE - off, bytes - written);
+
+ ret = copy_page_to_iter(page, off, nr, i);
+ offset += ret;
+ written += ret;
+ } while (written < bytes && ret == nr);
+
+ return written;
+}
+
static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
{
struct file *file = iocb->ki_filp;
@@ -3365,10 +3389,8 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
for (;;) {
struct folio *folio = NULL;
- struct page *page = NULL;
unsigned long nr, ret;
loff_t end_offset, i_size = i_size_read(inode);
- bool fallback_page_copy = false;
size_t fsize;
if (unlikely(iocb->ki_pos >= i_size))
@@ -3376,25 +3398,13 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
index = iocb->ki_pos >> PAGE_SHIFT;
error = shmem_get_folio(inode, index, 0, &folio, SGP_READ);
+ if (folio)
+ folio_unlock(folio);
if (error) {
if (error == -EINVAL)
error = 0;
break;
}
- if (folio) {
- folio_unlock(folio);
-
- page = folio_file_page(folio, index);
- if (PageHWPoison(page)) {
- folio_put(folio);
- error = -EIO;
- break;
- }
-
- if (folio_test_large(folio) &&
- folio_test_has_hwpoisoned(folio))
- fallback_page_copy = true;
- }
/*
* We must evaluate after, since reads (unlike writes)
@@ -3406,12 +3416,9 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
folio_put(folio);
break;
}
- end_offset = min_t(loff_t, i_size, iocb->ki_pos + to->count);
- if (folio && likely(!fallback_page_copy))
- fsize = folio_size(folio);
- else
- fsize = PAGE_SIZE;
+ fsize = folio ? folio_size(folio) : PAGE_SIZE;
offset = iocb->ki_pos & (fsize - 1);
+ end_offset = min_t(loff_t, i_size, iocb->ki_pos + to->count);
Do not add this unnecessary change.
Okay,
nr = min_t(loff_t, end_offset - iocb->ki_pos, fsize - offset);
if (folio) {
@@ -3420,12 +3427,8 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
* virtual addresses, take care about potential aliasing
* before reading the page on the kernel side.
*/
- if (mapping_writably_mapped(mapping)) {
- if (likely(!fallback_page_copy))
- flush_dcache_folio(folio);
- else
- flush_dcache_page(page);
- }
+ if (mapping_writably_mapped(mapping))
+ flush_dcache_folio(folio);
I'm not sure this is safe for all architectures (it's safe for arm64 since no actual data cache flush happens here), but for architectures that do perform an actual data cache flush, if the page has already been hwpoisoned, flushing the cache could trigger a RAS error?
I think you should move this into copy_pages_to_iter() for hwpoisoned folios.
Okay, will fix it, thanks!