Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp745708pxj;
        Thu, 13 May 2021 16:14:22 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxERzwg8qlOAI5Jy8DW2K0tvJAn3itW0IM08t5Xwt+eNk01lLPP8YQPy6ww/STtwruTGb+I
X-Received: by 2002:a17:907:3e0b:: with SMTP id hp11mr43955599ejc.171.1620947662110;
        Thu, 13 May 2021 16:14:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1620947662; cv=none;
        d=google.com; s=arc-20160816;
        b=Pip7SHY5X4H6vnpTjbN+qQdURimhnuORk0Ia79MWLVi2mRQl0hyxDF3xbQVFEPOLUa
         QTMTveFOk1hr1hHP6Oo+3sOKWC7jLKMUK0SYci+fbhaxm4kdG1IhBCd715F/Up4uJmJ/
         sXVBh9MMwDEpvrV4nZh9tTvXc2emaazvEgYjBKoz/78wUcj2DYUKtr2v/NmVmRc+prbk
         moTt62Llqtrj2dnw+jzNLyRK5izoJAEJor26+MrwHkyz2VeXMBcBfkkoYr74yDFxl0MI
         +Q/h6jXwGOj2D2C1mUVjgjmc0gICE0tEGfMB71i7FD/QGewgdVkyMFeGxY+UKo5fZmgv
         MFmA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=uMwYMTwoYIppFCrXeCLFGJPxvTfo/4YfeOvKAZ+4G3c=;
        b=zk+jexFtOvHoRm7Xr6SvWAHOgmGam0Qm+3e+p5rR6G+prfm7bXcIat2kX0iMLVtzus
         7Wp67pX/peLNx1LybY142Qv4kyP9Acw21cJsd90osC0sN2qs7P+YJwTt+3UI/u/xx0KK
         31UTFEYc6l2hS3M3elU06Psyptov3B96jJK84ENrUl86fAx5aLp7bS28ZDbqp+CwXn7o
         iLeYhW31Ci30V/woJAuexvOwZp8wr8ViE/QUCKjzNmbwced8IHm8TB1nc1a5rYwp5NKc
         n02m1LUwj6a9Cqi1HcobEloR84o4bgvd4JH2ZN681CWr34XRPzyO+BMcrpwfsoJeVSX8
         1NzA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org
Return-Path: <linux-ext4-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id mc23si3516512ejb.12.2021.05.13.16.13.57;
        Thu, 13 May 2021 16:14:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231967AbhEMTC2 (ORCPT <rfc822;blucerlee@gmail.com> + 99 others);
        Thu, 13 May 2021 15:02:28 -0400
Received: from mx2.suse.de ([195.135.220.15]:45614 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230352AbhEMTC1 (ORCPT <rfc822;linux-ext4@vger.kernel.org>);
        Thu, 13 May 2021 15:02:27 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
        by mx2.suse.de (Postfix) with ESMTP id 252DCB175;
        Thu, 13 May 2021 19:01:16 +0000 (UTC)
Received: by quack2.suse.cz (Postfix, from userid 1000)
        id D21E21E0E33; Thu, 13 May 2021 21:01:14 +0200 (CEST)
Date:   Thu, 13 May 2021 21:01:14 +0200
From:   Jan Kara <jack@suse.cz>
To:     Matthew Wilcox <willy@infradead.org>
Cc:     Jan Kara <jack@suse.cz>, linux-fsdevel@vger.kernel.org,
        Christoph Hellwig <hch@infradead.org>,
        Dave Chinner <david@fromorbit.com>, ceph-devel@vger.kernel.org,
        Chao Yu <yuchao0@huawei.com>,
        Damien Le Moal <damien.lemoal@wdc.com>,
        "Darrick J. Wong" <darrick.wong@oracle.com>,
        Jaegeuk Kim <jaegeuk@kernel.org>,
        Jeff Layton <jlayton@kernel.org>,
        Johannes Thumshirn <jth@kernel.org>,
        linux-cifs@vger.kernel.org, linux-ext4@vger.kernel.org,
        linux-f2fs-devel@lists.sourceforge.net, linux-mm@kvack.org,
        linux-xfs@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>,
        Steve French <sfrench@samba.org>, Ted Tso <tytso@mit.edu>
Subject: Re: [PATCH 03/11] mm: Protect operations adding pages to page cache
 with invalidate_lock
Message-ID: <20210513190114.GJ2734@quack2.suse.cz>
References: <20210512101639.22278-1-jack@suse.cz>
 <20210512134631.4053-3-jack@suse.cz>
 <YJvo1bGG1tG+gtgC@casper.infradead.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YJvo1bGG1tG+gtgC@casper.infradead.org>
User-Agent: Mutt/1.10.1 (2018-07-13)
Precedence: bulk
List-ID: <linux-ext4.vger.kernel.org>
X-Mailing-List: linux-ext4@vger.kernel.org

On Wed 12-05-21 15:40:21, Matthew Wilcox wrote:
> On Wed, May 12, 2021 at 03:46:11PM +0200, Jan Kara wrote:
> > Currently, serializing operations such as page fault, read, or readahead
> > against hole punching is rather difficult. The basic race scheme is
> > like:
> > 
> > fallocate(FALLOC_FL_PUNCH_HOLE)			read / fault / ..
> >   truncate_inode_pages_range()
> > 						  <create pages in page
> > 						   cache here>
> >   <update fs block mapping and free blocks>
> > 
> > Now the problem is in this way read / page fault / readahead can
> > instantiate pages in page cache with potentially stale data (if blocks
> > get quickly reused). Avoiding this race is not simple - page locks do
> > not work because we want to make sure there are *no* pages in given
> > range. inode->i_rwsem does not work because page fault happens under
> > mmap_sem which ranks below inode->i_rwsem. Also using it for reads makes
> > the performance for mixed read-write workloads suffer.
> > 
> > So create a new rw_semaphore in the address_space - invalidate_lock -
> > that protects adding of pages to page cache for page faults / reads /
> > readahead.
> 
> Remind me (or, rather, add to the documentation) why we have to hold the
> invalidate_lock during the call to readpage / readahead, and we don't just
> hold it around the call to add_to_page_cache / add_to_page_cache_locked
> / add_to_page_cache_lru ?  I appreciate that ->readpages is still going
> to suck, but we're down to just three implementations of ->readpages now
> (9p, cifs & nfs).

There's a comment in filemap_create_page() trying to explain this. We need
to protect against cases like: Filesystem with 1k blocksize, file F has
page at index 0 with uptodate buffer at 0-1k, rest not uptodate. All blocks
underlying page are allocated. Now let read at offset 1k race with hole
punch at offset 1k, length 1k.

read()					hole punch
...
  filemap_read()
    filemap_get_pages()
      - page found in the page cache but !Uptodate
      filemap_update_page()
					  locks everything
					  truncate_inode_pages_range()
					    lock_page(page)
					    do_invalidatepage()
					    unlock_page(page)
        locks page
          filemap_read_page()
            ->readpage()
              block underlying offset 1k
	      still allocated -> map buffer
					  free block under offset 1k
	      submit IO -> corrupted data

If you think I should expand it to explain more details, please tell.
Or maybe I can put more detailed discussion like above into the changelog?

> Also, could I trouble you to run the comments through 'fmt' (or
> equivalent)?  It's easier to read if you're not kissing right up on 80
> columns.

Sure, will do.

> > +++ b/fs/inode.c
> > @@ -190,6 +190,9 @@ int inode_init_always(struct super_block *sb, struct inode *inode)
> >  	mapping_set_gfp_mask(mapping, GFP_HIGHUSER_MOVABLE);
> >  	mapping->private_data = NULL;
> >  	mapping->writeback_index = 0;
> > +	init_rwsem(&mapping->invalidate_lock);
> > +	lockdep_set_class(&mapping->invalidate_lock,
> > +			  &sb->s_type->invalidate_lock_key);
> 
> Why not:
> 
> 	__init_rwsem(&mapping->invalidate_lock, "mapping.invalidate_lock",
> 			&sb->s_type->invalidate_lock_key);

I replicated what we do for i_rwsem but you're right, this is better.
Updated.

								Honza
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR