Skip to content

Commit 5e25c26

Browse files
Eryu Guandjwong
Eryu Guan
authored and
djwong
committed
fs: invalidate page cache after end_io() in dio completion
Commit 332391a ("fs: Fix page cache inconsistency when mixing buffered and AIO DIO") moved page cache invalidation from iomap_dio_rw() to iomap_dio_complete() for iomap based direct write path, but before the dio->end_io() call, and it re-introdued the bug fixed by commit c771c14 ("iomap: invalidate page caches should be after iomap_dio_complete() in direct write"). I found this because fstests generic/418 started failing on XFS with v4.14-rc3 kernel, which is the regression test for this specific bug. So similarly, fix it by moving dio->end_io() (which does the unwritten extent conversion) before page cache invalidation, to make sure next buffer read reads the final real allocations not unwritten extents. I also add some comments about why should end_io() go first in case we get it wrong again in the future. Note that, there's no such problem in the non-iomap based direct write path, because we didn't remove the page cache invalidation after the ->direct_IO() in generic_file_direct_write() call, but I decided to fix dio_complete() too so we don't leave a landmine there, also be consistent with iomap_dio_complete(). Fixes: 332391a ("fs: Fix page cache inconsistency when mixing buffered and AIO DIO") Signed-off-by: Eryu Guan <eguan@redhat.com> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by: Jan Kara <jack@suse.cz> Reviewed-by: Lukas Czerner <lczerner@redhat.com>
1 parent 793d7db commit 5e25c26

File tree

2 files changed

+36
-25
lines changed

2 files changed

+36
-25
lines changed

fs/direct-io.c

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -259,12 +259,24 @@ static ssize_t dio_complete(struct dio *dio, ssize_t ret, bool is_async)
259259
if (ret == 0)
260260
ret = transferred;
261261

262+
if (dio->end_io) {
263+
// XXX: ki_pos??
264+
err = dio->end_io(dio->iocb, offset, ret, dio->private);
265+
if (err)
266+
ret = err;
267+
}
268+
262269
/*
263270
* Try again to invalidate clean pages which might have been cached by
264271
* non-direct readahead, or faulted in by get_user_pages() if the source
265272
* of the write was an mmap'ed region of the file we're writing. Either
266273
* one is a pretty crazy thing to do, so we don't support it 100%. If
267274
* this invalidation fails, tough, the write still worked...
275+
*
276+
* And this page cache invalidation has to be after dio->end_io(), as
277+
* some filesystems convert unwritten extents to real allocations in
278+
* end_io() when necessary, otherwise a racing buffer read would cache
279+
* zeros from unwritten extents.
268280
*/
269281
if (ret > 0 && dio->op == REQ_OP_WRITE &&
270282
dio->inode->i_mapping->nrpages) {
@@ -274,14 +286,6 @@ static ssize_t dio_complete(struct dio *dio, ssize_t ret, bool is_async)
274286
WARN_ON_ONCE(err);
275287
}
276288

277-
if (dio->end_io) {
278-
279-
// XXX: ki_pos??
280-
err = dio->end_io(dio->iocb, offset, ret, dio->private);
281-
if (err)
282-
ret = err;
283-
}
284-
285289
if (!(dio->flags & DIO_SKIP_DIO_COUNT))
286290
inode_dio_end(dio->inode);
287291

fs/iomap.c

Lines changed: 24 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -714,23 +714,9 @@ static ssize_t iomap_dio_complete(struct iomap_dio *dio)
714714
{
715715
struct kiocb *iocb = dio->iocb;
716716
struct inode *inode = file_inode(iocb->ki_filp);
717+
loff_t offset = iocb->ki_pos;
717718
ssize_t ret;
718719

719-
/*
720-
* Try again to invalidate clean pages which might have been cached by
721-
* non-direct readahead, or faulted in by get_user_pages() if the source
722-
* of the write was an mmap'ed region of the file we're writing. Either
723-
* one is a pretty crazy thing to do, so we don't support it 100%. If
724-
* this invalidation fails, tough, the write still worked...
725-
*/
726-
if (!dio->error &&
727-
(dio->flags & IOMAP_DIO_WRITE) && inode->i_mapping->nrpages) {
728-
ret = invalidate_inode_pages2_range(inode->i_mapping,
729-
iocb->ki_pos >> PAGE_SHIFT,
730-
(iocb->ki_pos + dio->size - 1) >> PAGE_SHIFT);
731-
WARN_ON_ONCE(ret);
732-
}
733-
734720
if (dio->end_io) {
735721
ret = dio->end_io(iocb,
736722
dio->error ? dio->error : dio->size,
@@ -742,12 +728,33 @@ static ssize_t iomap_dio_complete(struct iomap_dio *dio)
742728
if (likely(!ret)) {
743729
ret = dio->size;
744730
/* check for short read */
745-
if (iocb->ki_pos + ret > dio->i_size &&
731+
if (offset + ret > dio->i_size &&
746732
!(dio->flags & IOMAP_DIO_WRITE))
747-
ret = dio->i_size - iocb->ki_pos;
733+
ret = dio->i_size - offset;
748734
iocb->ki_pos += ret;
749735
}
750736

737+
/*
738+
* Try again to invalidate clean pages which might have been cached by
739+
* non-direct readahead, or faulted in by get_user_pages() if the source
740+
* of the write was an mmap'ed region of the file we're writing. Either
741+
* one is a pretty crazy thing to do, so we don't support it 100%. If
742+
* this invalidation fails, tough, the write still worked...
743+
*
744+
* And this page cache invalidation has to be after dio->end_io(), as
745+
* some filesystems convert unwritten extents to real allocations in
746+
* end_io() when necessary, otherwise a racing buffer read would cache
747+
* zeros from unwritten extents.
748+
*/
749+
if (!dio->error &&
750+
(dio->flags & IOMAP_DIO_WRITE) && inode->i_mapping->nrpages) {
751+
int err;
752+
err = invalidate_inode_pages2_range(inode->i_mapping,
753+
offset >> PAGE_SHIFT,
754+
(offset + dio->size - 1) >> PAGE_SHIFT);
755+
WARN_ON_ONCE(err);
756+
}
757+
751758
inode_dio_end(file_inode(iocb->ki_filp));
752759
kfree(dio);
753760

0 commit comments

Comments
 (0)