All of lore.kernel.org
 help / color / mirror / Atom feed
From: Dave Chinner <david@fromorbit.com>
To: "Darrick J. Wong" <darrick.wong@oracle.com>
Cc: Amir Goldstein <amir73il@gmail.com>,
	linux-xfs <linux-xfs@vger.kernel.org>
Subject: Re: [PATCH] xfs: use MMAPLOCK around filemap_map_pages()
Date: Wed, 1 Jul 2020 08:46:56 +1000	[thread overview]
Message-ID: <20200630224656.GN2005@dread.disaster.area> (raw)
In-Reply-To: <20200630182645.GQ7606@magnolia>

On Tue, Jun 30, 2020 at 11:26:45AM -0700, Darrick J. Wong wrote:
> On Tue, Jun 30, 2020 at 06:23:12PM +0300, Amir Goldstein wrote:
> > > /me wonders if someone could please check all the *_ops that point to
> > > generic helpers to see if we're missing obvious things like lock
> > > taking.  Particularly someone who wants to learn about xfs' locking
> > > strategy; I promise it won't let out a ton of bees.
> > >
> > 
> > The list was compiled manually by auditing 'git grep '_operations.*=' fs/xfs'
> > structs for non xfs_/iomap_/noop_ functions.
> > I am not sure if all iomap_ functions are safe in that respect, but I suppose
> > those were done recently with sufficient xfs developers review...
> 
> The iomap functions shouldn't be taking/releasing any locks at all; it's
> up to the filesystem to provide the concurrency controls.
> 
> > fs/xfs/xfs_aops.c:const struct address_space_operations
> > xfs_address_space_operations = {
> >         .error_remove_page      = generic_error_remove_page,
> > 
> > generic_error_remove_page() calls truncate_inode_page() without MMAPLOCK
> > Is that safe? not sure
> 
> /me has a funny feeling it isn't, since this does the same thing to the
> pagecache as a holepunch.

And I really can't tell, because this comes from the convoluted 
hardware memory error path. We know that path is completely screwed
up w.r.t. memory errors in pmem and DAX filesystems. Hence I think
there's a good chance it's completely screwed up for cached
file-backed page cache pages, too.

Indeed, look at the comment in me_pagecache_clean():

        /*
         * Truncation is a bit tricky. Enable it per file system for now.
         *
         * Open: to take i_mutex or not for this? Right now we don't.
         */
        return truncate_error_page(p, pfn, mapping);

the call path is:

me_pagecache_clean()
  truncate_error_page()
    ->error_remove_page()

IOWs, the authors of this code did not know what to do, and like the
DAX failure stuff, merged the code without having resolving the
fundamental issues around interfacing with filesystem owned pages
directly...

I don't really have the time to look at it in any more depth right
now. I also suspect the memory failure code is a path we simply
cannot exercise in any useful manner so it's unlikely that we'll
ever be able to tell if this stuff works correctly or not....

Cheers,

-Dave.
-- 
Dave Chinner
david@fromorbit.com

  reply	other threads:[~2020-06-30 22:47 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-23  5:20 [PATCH] xfs: use MMAPLOCK around filemap_map_pages() Dave Chinner
2020-06-23  8:54 ` Amir Goldstein
2020-06-23  9:40   ` Dave Chinner
2020-06-23 19:47 ` Brian Foster
2020-06-23 21:19 ` Darrick J. Wong
2020-06-23 22:14   ` Dave Chinner
2020-06-29 17:00     ` Darrick J. Wong
2020-06-30 15:23       ` Amir Goldstein
2020-06-30 18:26         ` Darrick J. Wong
2020-06-30 22:46           ` Dave Chinner [this message]
2020-06-30 18:27 ` Darrick J. Wong
2020-09-12  6:19 ` More filesystem need this fix (xfs: use MMAPLOCK around filemap_map_pages()) Amir Goldstein
2020-09-12  6:19   ` Amir Goldstein
2020-09-14 11:35   ` Jan Kara
2020-09-14 12:29     ` Andreas Gruenbacher
2020-09-14 12:29       ` Andreas Gruenbacher
2020-09-16 15:58   ` Jan Kara
2020-09-17  1:44     ` Dave Chinner
2020-09-17  2:04       ` Hugh Dickins
2020-09-17  2:04         ` Hugh Dickins
2020-09-17  6:45         ` Dave Chinner
2020-09-17  7:47           ` Hugh Dickins
2020-09-17  7:47             ` Hugh Dickins
2020-09-21  8:26             ` Dave Chinner
2020-09-21  9:11               ` Jan Kara
2020-09-21 16:20                 ` Linus Torvalds
2020-09-21 16:20                   ` Linus Torvalds
2020-09-21 17:59                   ` Matthew Wilcox
2020-09-22  7:54                     ` Jan Kara
2020-09-17  3:01       ` Matthew Wilcox
2020-09-17  5:37       ` Nikolay Borisov
2020-09-17  7:40         ` Jan Kara

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200630224656.GN2005@dread.disaster.area \
    --to=david@fromorbit.com \
    --cc=amir73il@gmail.com \
    --cc=darrick.wong@oracle.com \
    --cc=linux-xfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.