Re: Subtle races between DAX mmap fault and write path

On Wed, Jul 27, 2016 at 03:10:39PM -0600, Ross Zwisler wrote: The XFS update I just pushed to Linus contains a rework of the XFS DAX IO path. It no longer shares the XFS direct IO path, so it doesn't contain any of the direct IO warts anymore. In XFS, we don't call __generic_file_write_iter or generic_file_direct_write(), and xfs_file_dax_write() does not have this trailing call to invalidate_inode_pages2_range() anymore. It's DAX - there's nothing to invalidate, right? So I think Christoph just (accidentally) removed this race condition from XFS.... I don't think it does - what, in DAX, is incoherent? If anything, it's the data in the direct IO buffer, not the view the mmap will see. i.e. the post-write invalidate is to ensure that applications that have mmapped the file see the data written by direct IO. That's not necessary with DAX. We don't call filemap_write_and_wait() in xfs_file_dax_write() anymore, either. It's DAX - we don't need to flush anything to read the correct data, and there's nothing cached that becomes stale when we overwrite the destination memory. [snip] The first invalidate is still there in XFS. The comment above it in the new XFS code says: /* * Yes, even DAX files can have page cache attached to them: A zeroed * page is inserted into the pagecache when we have to serve a write * fault on a hole. It should never be dirtied and can simply be * dropped from the pagecache once we get real data for the page. */ if (mapping->nrpages) { ret = invalidate_inode_pages2(mapping); WARN_ON_ONCE(ret); } Yup, that's pretty much how XFS treats DAX now - it's not direct IO, but it's not buffered IO, either... I don't think there's a problem that needs to be fixed in the DAX code - the issue is all about the surrounding IO context. i.e whether do_dax_io() is automatically coherent with mmap or not because mmap directly exposes the CPU cache coherent memory do_dax_io() modifies. Cheers, Dave. -- Dave Chinner david(a)fromorbit.com