Re: fall back from direct to buffered I/O when stable writes are required

Next message: Gal Pressman: "Re: [PATCH] Revert &quot;scripts/coccinelle: Find PTR_ERR() to %pe candidates&quot;"
Previous message: Vlastimil Babka: "Re: [RFC PATCH V3 1/7] mm/slab: allow specifying freepointer offset when using constructor"
In reply to: Jan Kara: "Re: fall back from direct to buffered I/O when stable writes are required"
Next in thread: Dave Chinner: "Re: fall back from direct to buffered I/O when stable writes are required"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christoph Hellwig

Date: Thu Oct 30 2025 - 10:35:55 EST

On Thu, Oct 30, 2025 at 12:00:26PM +0000, Geoff Back wrote:
> I don't claim to have deep knowledge of what's going on here, but if I
> understand correctly the problem occurs only if the process submitting
> the direct I/O is breaking the semantic "contract" by modifying the page
> after submitting the I/O but before it completes.

Except that there never has been any such "contract", written or
unwritten. Modifying in-flight I/O is perfectly fine IFF the data
is sampled once as in the usual non-checksum non-RAID mode, and nothing
ever told applications not to do it.

> Since the page
> referenced by the I/O is supposed to be immutable until the I/O
> completes, what about marking the page read only at time of submission
> and restoring the original page permissions after the I/O completes?
> Then if the process writes to the page (triggering a fault) make a copy
> of the page that can be mapped back as writeable for the process - i.e.
> normal copy-on-write behaviour - and write a once-per-process dmesg
> warning that the process broke the direct I/O "contract".

That would be nice, but also pretty hard. See various previous
discussions on this topic. Also at least for small I/O it probably
is more expensive than bounce buffering while for large enough I/O,
especially using PMD mappings or similar avoiding the copy will be
very beneficial.