[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <B409CB60-3A36-480D-964B-90043490B7B9@lca.pw>
Date: Thu, 13 Aug 2020 03:52:13 -0400
From: Qian Cai <cai@....pw>
To: Dave Chinner <david@...morbit.com>
Cc: Christoph Hellwig <hch@...radead.org>,
Matthew Wilcox <willy@...radead.org>, darrick.wong@...cle.com,
linux-xfs@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, khlebnikov@...dex-team.ru
Subject: Re: WARN_ON_ONCE(1) in iomap_dio_actor()
> On Aug 13, 2020, at 1:44 AM, Dave Chinner <david@...morbit.com> wrote:
>
> Ok:
>
> file.fd_write = safe_open("./testfile", O_RDWR|O_CREAT);
> ....
> file.fd_read = safe_open("./testfile", O_RDWR|O_CREAT|O_DIRECT);
> ....
> file.ptr = safe_mmap(NULL, fsize, PROT_READ|PROT_WRITE, MAP_SHARED,
> file.fd_write, 0);
>
> So this is all IO to the same inode....
>
> and you loop
>
> while !done {
>
> do {
> rc = pread(file.fd_read, file.ptr + read, fsize - read,
> read);
> if (rc > 0)
> read += rc;
> } while (rc > 0);
>
> rc = safe_fallocate(file.fd_write,
> FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
> 0, fsize);
> }
>
> On two threads at once?
>
> So, essentially, you do a DIO read into a mmap()d range from the
> same file, with DIO read ascending and the mmap() range descending,
> then once that is done you hole punch the file and do it again?
>
> IOWs, this is a racing page_mkwrite()/DIO read workload, and the
> moment the two threads hit the same block of the file with a
> DIO read and a page_mkwrite at the same time, it throws a warning.
>
> Well, that's completely expected behaviour. DIO is not serialised
> against mmap() access at all, and so if the page_mkwrite occurs
> between the writeback and the iomap_apply() call in the dio path,
> then it will see the delalloc block taht the page-mkwrite allocated.
>
> No sane application would ever do this, it's behaviour as expected,
> so I don't think there's anything to care about here.
It looks me the kernel warning is trivial to trigger by an non-root user. Shouldn’t we worry a bit because this could be a DoS for systems which set panic_on_warn?
Powered by blists - more mailing lists