From: Ross Zwisler <ross.zwisler@linux.intel.com>
To: Jan Kara <jack@suse.cz>
Cc: Latchesar Ionkov <lucho@ionkov.net>,
Trond Myklebust <trond.myklebust@primarydata.com>,
linux-mm@kvack.org, Christoph Hellwig <hch@lst.de>,
linux-cifs@vger.kernel.org,
Matthew Wilcox <mawilcox@microsoft.com>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Eric Van Hensbergen <ericvh@gmail.com>,
linux-nvdimm@lists.01.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
v9fs-developer@lists.sourceforge.net,
Jens Axboe <axboe@kernel.dk>,
linux-nfs@vger.kernel.org,
"Darrick J. Wong" <darrick.wong@oracle.com>,
samba-technical@lists.samba.org, linux-kernel@vger.kernel.org,
Steve French <sfrench@samba.org>,
Alexey Kuznetsov <kuznet@virtuozzo.com>,
Johannes Weiner <hannes@cmpxchg.org>,
linux-fsdevel@vger.kernel.org, Ron Minnich <rminnich@sandia.gov>,
Andrew Morton <akpm@linux-foundation.org>,
Anna Schumaker <anna.schumaker@netapp.com>
Subject: Re: [PATCH 2/2] dax: fix data corruption due to stale mmap reads
Date: Tue, 25 Apr 2017 16:59:36 -0600 [thread overview]
Message-ID: <20170425225936.GA29655@linux.intel.com> (raw)
In-Reply-To: <20170425111043.GH2793@quack2.suse.cz>
On Tue, Apr 25, 2017 at 01:10:43PM +0200, Jan Kara wrote:
<>
> Hum, but now thinking more about it I have hard time figuring out why write
> vs fault cannot actually still race:
>
> CPU1 - write(2) CPU2 - read fault
>
> dax_iomap_pte_fault()
> ->iomap_begin() - sees hole
> dax_iomap_rw()
> iomap_apply()
> ->iomap_begin - allocates blocks
> dax_iomap_actor()
> invalidate_inode_pages2_range()
> - there's nothing to invalidate
> grab_mapping_entry()
> - we add zero page in the radix
> tree & map it to page tables
>
> Similarly read vs write fault may end up racing in a wrong way and try to
> replace already existing exceptional entry with a hole page?
Yep, this race seems real to me, too. This seems very much like the issues
that exist when a thread is doing direct I/O. One thread is doing I/O to an
intermediate buffer (page cache for direct I/O case, zero page for us), and
the other is going around it directly to media, and they can get out of sync.
IIRC the direct I/O code looked something like:
1/ invalidate existing mappings
2/ do direct I/O to media
3/ invalidate mappings again, just in case. Should be cheap if there weren't
any conflicting faults. This makes sure any new allocations we made are
faulted in.
I guess one option would be to replicate that logic in the DAX I/O path, or we
could try and enhance our locking so page faults can't race with I/O since
both can allocate blocks.
I'm not sure, but will think on it.
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
next prev parent reply other threads:[~2017-04-25 22:59 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20170420191446.GA21694@linux.intel.com>
2017-04-21 3:44 ` [PATCH 1/2] dax: prevent invalidation of mapped DAX entries Ross Zwisler
2017-04-21 3:44 ` [PATCH 2/2] dax: fix data corruption due to stale mmap reads Ross Zwisler
2017-04-25 11:10 ` Jan Kara
2017-04-25 22:59 ` Ross Zwisler [this message]
2017-04-26 8:52 ` Jan Kara
2017-04-26 22:52 ` Ross Zwisler
2017-04-27 7:26 ` Jan Kara
2017-05-01 22:38 ` Ross Zwisler
2017-05-04 9:12 ` Jan Kara
2017-05-01 22:59 ` Dan Williams
2017-04-24 17:49 ` [PATCH 1/2] xfs: fix incorrect argument count check Ross Zwisler
2017-04-24 17:49 ` [PATCH 2/2] dax: add regression test for stale mmap reads Ross Zwisler
2017-04-25 11:27 ` Eryu Guan
2017-04-25 20:39 ` Ross Zwisler
2017-04-26 3:42 ` Eryu Guan
2017-04-25 10:10 ` [PATCH 1/2] dax: prevent invalidation of mapped DAX entries Jan Kara
2017-05-01 16:54 ` Ross Zwisler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170425225936.GA29655@linux.intel.com \
--to=ross.zwisler@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=anna.schumaker@netapp.com \
--cc=aryabinin@virtuozzo.com \
--cc=axboe@kernel.dk \
--cc=darrick.wong@oracle.com \
--cc=ericvh@gmail.com \
--cc=hannes@cmpxchg.org \
--cc=hch@lst.de \
--cc=jack@suse.cz \
--cc=kuznet@virtuozzo.com \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
--cc=lucho@ionkov.net \
--cc=mawilcox@microsoft.com \
--cc=rminnich@sandia.gov \
--cc=samba-technical@lists.samba.org \
--cc=sfrench@samba.org \
--cc=trond.myklebust@primarydata.com \
--cc=v9fs-developer@lists.sourceforge.net \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox