On Mon 08-04-19 09:27:28, Dave Chinner wrote: > The result of this is that, AFAICT, ext4 does not protect against > read() vs hole punch races - it's hole punching code it does: > > Hole Punch: read(): > > inode_lock() > inode_dio_wait(inode); > down_write(i_mmap_sem) > truncate_pagecache_range() > ext4_file_iter_read() > ext4_map_blocks() > down_read(i_data_sem) > <gets mapping> > <populates page cache over hole> > <reads stale data into cache> > ..... > down_write(i_data_sem) > remove extents > > IOWs, ext4 is safe against truncate because of the > change-inode-size-before-invalidation hacks, but the lack of > serialise buffered reads means that hole punch and other similar > fallocate based extent manipulations can race against reads.... Hum, you are right. Ext4 is buggy in this regard. I've fixed the race for page fault in ea3d7209ca01 "ext4: fix races between page faults and hole punching" but didn't realize the problem is there for buffered reads as well. I'll think how we can fix this. Thanks for noticing this! Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR