Received: with ECARTIS (v1.0.0; list xfs); Fri, 15 Aug 2008 15:26:49 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.3.0-r574664 (2007-09-11) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.0-r574664 Received: from cuda.sgi.com (cuda1.sgi.com [192.48.168.28]) by oss.sgi.com (8.12.11.20060308/8.12.11/SuSE Linux 0.7) with ESMTP id m7FMQiYS023867 for ; Fri, 15 Aug 2008 15:26:45 -0700 X-ASG-Debug-ID: 1218839282-080c021b0000-NocioJ X-Barracuda-URL: http://cuda.sgi.com:80/cgi-bin/mark.cgi Received: from smtp1.linux-foundation.org (localhost [127.0.0.1]) by cuda.sgi.com (Spam Firewall) with ESMTP id A7DFCF52914; Fri, 15 Aug 2008 15:28:02 -0700 (PDT) Received: from smtp1.linux-foundation.org (smtp1.linux-foundation.org [140.211.169.13]) by cuda.sgi.com with ESMTP id B0jR8t0LnHv25BZT; Fri, 15 Aug 2008 15:28:02 -0700 (PDT) Received: from imap1.linux-foundation.org (imap1.linux-foundation.org [140.211.169.55]) by smtp1.linux-foundation.org (8.14.2/8.13.5/Debian-3ubuntu1.1) with ESMTP id m7FMRuxV028861 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 15 Aug 2008 15:27:57 -0700 Received: from akpm.corp.google.com (localhost [127.0.0.1]) by imap1.linux-foundation.org (8.13.5.20060308/8.13.5/Debian-3ubuntu1.1) with SMTP id m7FMRuM7022976; Fri, 15 Aug 2008 15:27:56 -0700 Date: Fri, 15 Aug 2008 15:27:56 -0700 From: Andrew Morton To: Christoph Hellwig Cc: lachlan@sgi.com, xfs-dev@sgi.com, xfs@oss.sgi.com, linux-fsdevel@vger.kernel.org X-ASG-Orig-Subj: Re: [REVIEW] Prevent direct I/O from mapping extents beyond eof Subject: Re: [REVIEW] Prevent direct I/O from mapping extents beyond eof Message-Id: <20080815152756.61aab5a7.akpm@linux-foundation.org> In-Reply-To: <20080815220958.GB13770@infradead.org> References: <48A50152.8020104@sgi.com> <20080815220958.GB13770@infradead.org> X-Mailer: Sylpheed version 2.2.4 (GTK+ 2.8.20; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-MIMEDefang-Filter: lf$Revision: 1.188 $ X-Scanned-By: MIMEDefang 2.63 on 140.211.169.13 X-Barracuda-Connect: smtp1.linux-foundation.org[140.211.169.13] X-Barracuda-Start-Time: 1218839283 X-Barracuda-Bayes: INNOCENT GLOBAL 0.0000 1.0000 -2.0210 X-Barracuda-Virus-Scanned: by cuda.sgi.com at sgi.com X-Barracuda-Spam-Score: -2.02 X-Barracuda-Spam-Status: No, SCORE=-2.02 using per-user scores of TAG_LEVEL=2.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.1 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.1.2760 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-Virus-Scanned: ClamAV 0.91.2/8048/Fri Aug 15 05:56:27 2008 on oss.sgi.com X-Virus-Status: Clean X-archive-position: 17579 X-ecartis-version: Ecartis v1.0.0 Sender: xfs-bounce@oss.sgi.com Errors-to: xfs-bounce@oss.sgi.com X-original-sender: akpm@linux-foundation.org Precedence: bulk X-list: xfs On Fri, 15 Aug 2008 18:09:58 -0400 Christoph Hellwig wrote: > On Fri, Aug 15, 2008 at 02:08:50PM +1000, Lachlan McIlroy wrote: > > With the help from some tracing I found that we try to map extents beyond > > eof when doing a direct I/O read. It appears that the way to inform the > > generic direct I/O path (ie do_direct_IO()) that we have breached eof is > > to return an unmapped buffer from xfs_get_blocks_direct(). This will cause > > do_direct_IO() to jump to the hole handling code where is will check for > > eof and then abort. > > > > This problem was found because a direct I/O read was trying to map beyond > > eof and was encountering delayed allocations. The delayed allocations beyond > > eof are speculative allocations and they didn't get converted when the direct > > I/O flushed the file because there was only enough space in the current AG > > to convert and write out the dirty pages within eof. Note that > > xfs_iomap_write_allocate() wont necessarily convert all the delayed allocation > > passed to it - it will return after allocating the first extent - so if the > > delayed allocation extends beyond eof then it will stay that way. > > > > This change will detect a direct I/O read beyond eof: > > The change looks good to me, but I really think the direct I/O could > should never send down requests like this down to the filesystems. akpm > and -fsdevel Cc'ed. Oh gee, I forget, and so many people have done drivebys on that code... We _could_ add additional i_size checking into direct-io.c but bear in mind that it would be best-effort unreliable stuff. The code will still be tripped up by concurrent extends and concurrent truncates. So we'll still end up calling the fs for blocks outside i_size, only less commonly. I think.