From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 366C2C433EF for ; Wed, 2 Feb 2022 14:03:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 957548D0100; Wed, 2 Feb 2022 09:03:27 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 905718D00FA; Wed, 2 Feb 2022 09:03:27 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7F59B8D0100; Wed, 2 Feb 2022 09:03:27 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0087.hostedemail.com [216.40.44.87]) by kanga.kvack.org (Postfix) with ESMTP id 709BA8D00FA for ; Wed, 2 Feb 2022 09:03:27 -0500 (EST) Received: from smtpin22.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 35943182221FE for ; Wed, 2 Feb 2022 14:03:27 +0000 (UTC) X-FDA: 79098007254.22.7EB3B7D Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) by imf11.hostedemail.com (Postfix) with ESMTP id 1AC8140009 for ; Wed, 2 Feb 2022 14:03:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=WQ2L5/ObHkXFJ17v3gfX3wo3y3s1Mn9urNO+NaAYYgU=; b=BOj7m3fkiBcwXXbRlvjHKjiLV7 Fm1wMRar2jk1XY9BCQR2VxBY7luUA2DeguyTP/WLglcqIjtWYTVyXaIzMUqSpT9xZkp/dAGqf4ANb gPhZBRe9nmrrSg1xdRqz4VbGJMUS0NcqXh/FX880zL5HU+l7Kn/y61t7E4jzJmwIxdrTyqyEC4Vje HqgbABtLs5jOuPI4QJva11o91d7kV1YPIeSlTE3VD5+QWBWviRp5Ee0EdNq+HHeaG7xbFuJSTV8vI wobK+cLGrUEgYwtlbwruVoOz4A0ienf7XwGlCZly/EJZYGBwxjQhd/1Wm40vlqc4VaHd2yCHx1yRL JrUTAcqw==; Received: from hch by bombadil.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1nFGE8-00FW8R-QQ; Wed, 02 Feb 2022 14:03:16 +0000 Date: Wed, 2 Feb 2022 06:03:16 -0800 From: Christoph Hellwig To: Mauricio Faria de Oliveira Cc: Minchan Kim , "Huang, Ying" , Yu Zhao , Andrew Morton , Yang Shi , Miaohe Lin , linux-mm@kvack.org, linux-block@vger.kernel.org, axboe@kernel.dk Subject: Re: [PATCH v3] mm: fix race between MADV_FREE reclaim and blkdev direct IO read Message-ID: References: <20220131230255.789059-1-mfo@canonical.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220131230255.789059-1-mfo@canonical.com> X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html X-Stat-Signature: patp3tg3d15kxexpfbuk8rb3mfup7yqt X-Rspam-User: nil Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=infradead.org header.s=bombadil.20210309 header.b=BOj7m3fk; spf=none (imf11.hostedemail.com: domain of BATV+b18bff4eac1ff4fd9b6a+6737+infradead.org+hch@bombadil.srs.infradead.org has no SPF policy when checking 198.137.202.133) smtp.mailfrom=BATV+b18bff4eac1ff4fd9b6a+6737+infradead.org+hch@bombadil.srs.infradead.org; dmarc=none X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 1AC8140009 X-HE-Tag: 1643810605-581803 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Jan 31, 2022 at 08:02:55PM -0300, Mauricio Faria de Oliveira wrote: > Well, blkdev_direct_IO() gets references for all pages, and on READ > operations it only sets them dirty _later_. > > So, if MADV_FREE'd pages (i.e., not dirty) are used as buffers for > direct IO read from block devices, and page reclaim happens during > __blkdev_direct_IO[_simple]() exactly AFTER bio_iov_iter_get_pages() > returns, but BEFORE the pages are set dirty, the situation happens. > > The direct IO read eventually completes. Now, when userspace reads > the buffers, the PTE is no longer there and the page fault handler > do_anonymous_page() services that with the zero-page, NOT the data! So why not just set the pages dirty early like the other direct I/O implementations? Or if this is fine with the patch should we remove the early dirtying elsewhere? > Reproducer: > ========== > > @ test.c (simplified, but works) Can you add this to blktests or some other regularly run regression test suite? > + smp_rmb(); > + > + /* > + * The only page refs must be from the isolation > + * plus one or more rmap's (dropped by discard:). Overly long line. > + */ > + if ((ref_count == 1 + map_count) && No need for the inner braces.