Re: WARN_ON_ONCE(1) in iomap_dio_actor()

[Qian Cai]

> On Aug 13, 2020, at 1:44 AM, Dave Chinner <david@xxxxxxxxxxxxx> wrote:
> 
> Ok:
> 
> file.fd_write = safe_open("./testfile", O_RDWR|O_CREAT);
> ....
> file.fd_read = safe_open("./testfile", O_RDWR|O_CREAT|O_DIRECT);
> ....
> file.ptr = safe_mmap(NULL, fsize, PROT_READ|PROT_WRITE, MAP_SHARED,
>            file.fd_write, 0);
> 
> So this is all IO to the same inode....
> 
> and you loop
> 
> while !done {
> 
>    do {
>        rc = pread(file.fd_read, file.ptr + read, fsize - read,
>            read);
>        if (rc > 0)
>            read += rc;
>    } while (rc > 0);
> 
>    rc = safe_fallocate(file.fd_write,
>            FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
>            0, fsize);
> }
> 
> On two threads at once?
> 
> So, essentially, you do a DIO read into a mmap()d range from the
> same file, with DIO read ascending and the mmap() range descending,
> then once that is done you hole punch the file and do it again?
> 
> IOWs, this is a racing page_mkwrite()/DIO read workload, and the
> moment the two threads hit the same block of the file with a
> DIO read and a page_mkwrite at the same time, it throws a warning.
> 
> Well, that's completely expected behaviour. DIO is not serialised
> against mmap() access at all, and so if the page_mkwrite occurs
> between the writeback and the iomap_apply() call in the dio path,
> then it will see the delalloc block taht the page-mkwrite allocated.
> 
> No sane application would ever do this, it's behaviour as expected,
> so I don't think there's anything to care about here.

It looks me the kernel warning is trivial to trigger by an non-root user. Shouldn’t we worry a bit because this could be a DoS for systems which set panic_on_warn?