Hi,
I have run our cases these two days to stress test new Patch #1. The new
Patch #1 mainly add filemap_invalidate_{un}lock before and after
truncate_pagecache(), basing on original Patch #1. And the crash has not
happened.
Now, I keep the original Patch #1, then adding the code below which
suggested by liu song (I'm not sure which one I should add in the next
version, Suggested-by or Signed-off-by? If you know, please remind me).
- if (filemap_nr_thps(inode->i_mapping))
+ if (filemap_nr_thps(inode->i_mapping)) {
+ filemap_invalidate_lock(inode->i_mapping);
truncate_pagecache(inode, 0);
+ filemap_invalidate_unlock(inode->i_mapping);
+ }
And the reason for keeping the original Patch #1 is mainly to fix the
race between collapse_file and truncate_pagecache. It seems necessary.
Despite the two-day test, I did not reproduce this race any more.
In addition, I also test the below method:
diff --git a/mm/truncate.c b/mm/truncate.c
index 3f47190f98a8..33604e4ce60a 100644
--- a/mm/truncate.c
+++ b/mm/truncate.c
@@ -210,8 +210,6 @@ invalidate_complete_page(struct address_space
*mapping, struct page *page)
int truncate_inode_page(struct address_space *mapping, struct page *page)
{
- VM_BUG_ON_PAGE(PageTail(page), page);
-
if (page->mapping != mapping)
return -EIO;
I am not very sure this VM_BUG_ON_PAGE(PageTail) is what Hugh means. And
the test results show that only removing this VM_BUG_ON_PAGE(PageTail)
has no effect. So, I still keep the original Patch #1 to fix one race.
I plan to send Patch v3 after receiving your reply.
Thanks!
On 9/30/21 8:41 AM, Song Liu wrote:
On Wed, Sep 29, 2021 at 5:02 PM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote:
On Wed, Sep 29, 2021 at 04:41:48PM -0700, Song Liu wrote:
The issue is NOT caused by concurrent khugepaged:collapse_file() and
truncate_pagecache(inode, 0). With some printks, we can see a clear
time gap (>2 second ) between collapse_file() finishes, and
truncate_pagecache() (which crashes soon). Therefore, my earlier
suggestion that adds deny_write_access() to collapse_file() does NOT
work.
The crash is actually caused by concurrent truncate_pagecache(inode, 0).
If I change the number of write thread in stress_madvise_dso.c to one,
(IOW, one thread_read and one thread_write), I cannot reproduce the
crash anymore.
I think this means we cannot fix this issue in collapse_file(), because it
finishes long before the crash.
Ah! So are we missing one or more of these locks:
inode_lock(inode);
filemap_invalidate_lock(mapping);
in the open path?
The following fixes the crash in my test. But I am not sure whether this is the
best fix.
Rongwei, could you please run more tests on it?
Thanks,
Song
diff --git i/fs/open.c w/fs/open.c
index daa324606a41f..d13c4668b2e53 100644
--- i/fs/open.c
+++ w/fs/open.c
@@ -856,8 +856,11 @@ static int do_dentry_open(struct file *f,
* of THPs into the page cache will fail.
*/
smp_mb();
- if (filemap_nr_thps(inode->i_mapping))
+ if (filemap_nr_thps(inode->i_mapping)) {
+ filemap_invalidate_lock(inode->i_mapping);
truncate_pagecache(inode, 0);
+ filemap_invalidate_unlock(inode->i_mapping);
+ }
}
return 0;
