From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-fsdevel@vger.kernel.org, npiggin@kernel.dk
Subject: Re: ->d_lock FUBAR (was Re: Linux 3.0-rc6)
Date: Wed, 13 Jul 2011 01:56:34 +0100 [thread overview]
Message-ID: <20110713005634.GK11013@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFxmJDOpx6grff73tAaGtVWbXNLwwzZLUmL5V8ESn9ij+w@mail.gmail.com>
On Tue, Jul 12, 2011 at 05:04:55PM -0700, Linus Torvalds wrote:
> > All flakiness of the locking "order" aside, here we simply lock two dentries
> > that might be nowhere near each other by now. ?Hell, by that point the parent
> > might've been moved under (what used to be) child. ?Or it might have address
> > greater than that of child and be not an ancestor anymore. ?Note that no
> > i_mutex, etc. is held at that point, so there's no external serialization
> > to save our arses...
>
> So why wouldn't it be sufficient to just take the s_vfs_rename_mutex
> in the caller? We're only talking d_materialise_unique(), no?
Alas, no. d_materialize_unique() aside (we have a couple of bugs in
there), ->d_lock handling is fscked up. Basically, it's unlazy_walk()
taking ->d_lock instances without anything to guarantee that it's doing
that in order consistent with d_move() (and any other users, for that
matter). *And* the "locking order" in question is not transitive, but
that's a separate story. And no, we obviously are not going to
serialize the switch from RCU to normal pathwalk on a per-fs mutex...
I'm crawling through the d_lock users right now (>400 places ;-/), trying
to put together reasonable locking rules.
FWIW, we used to have this for d_move() et.al.:
* all places changing ->d_parent hold i_mutex on parent(s)
* if parents differ, we have ->s_vfs_rename_mutex as well
* if old_dentry was not attached to the tree, it was positive
and a subdirectory of new_dentry->d_parent. Said new_dentry->d_parent
was been locked by caller.
Unfortunately, current tree has these rules violated in several places.
And these rules have nothing to say about ->d_lock ;-/
Nick, could you please describe the locking rules you had in mind for
->d_lock? unlazy_walk() (aka nameidata_dentry_drop_rcu()) can probably
be dealt with by checking d_seq twice, once before locking the child.
Then we could be sure that it's still a child of parent and will stay
so as long as parent's ->d_lock is held, and thus the ordering would
stay stable...
next prev parent reply other threads:[~2011-07-13 0:56 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-04 23:09 Linux 3.0-rc6 Linus Torvalds
2011-07-06 15:27 ` Arkadiusz Miśkiewicz
2011-07-11 6:03 ` Al Viro
2011-07-12 23:48 ` ->d_lock FUBAR (was Re: Linux 3.0-rc6) Al Viro
2011-07-13 0:04 ` Linus Torvalds
2011-07-13 0:56 ` Al Viro [this message]
2011-07-13 1:39 ` Al Viro
2011-07-13 2:40 ` Linus Torvalds
2011-07-13 2:59 ` Al Viro
2011-07-13 3:22 ` Al Viro
2011-07-13 3:56 ` Linus Torvalds
2011-07-14 7:21 ` Al Viro
2011-07-15 4:58 ` Al Viro
2011-07-13 1:48 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110713005634.GK11013@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=linux-fsdevel@vger.kernel.org \
--cc=npiggin@kernel.dk \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.