All of lore.kernel.org
 help / color / mirror / Atom feed
From: Christoph Hellwig <hch@infradead.org>
To: Jan Kara <jack@suse.cz>
Cc: Christoph Hellwig <hch@infradead.org>,
	Kamal Mostafa <kamal@canonical.com>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Andreas Dilger <adilger.kernel@dilger.ca>,
	Matthew Wilcox <matthew@wil.cx>,
	Randy Dunlap <rdunlap@xenotime.net>, Theodore Tso <tytso@mit.edu>,
	linux-doc@vger.kernel.org, linux-ext4@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	Surbhi Palande <csurbhi@gmail.com>,
	Valerie Aurora <val@vaaconsulting.com>,
	Christopher Chaltain <christopher.chaltain@canonical.com>,
	"Peter M. Petrakis" <peter.petrakis@canonical.com>,
	Mikulas Patocka <mpatocka@redhat.com>,
	Miao Xie <miaox@cn.fujitsu.com>
Subject: Re: [PATCH 3/5 resend] VFS: Fix s_umount thaw/write deadlock
Date: Fri, 9 Dec 2011 06:47:45 -0500	[thread overview]
Message-ID: <20111209114745.GA7543@infradead.org> (raw)
In-Reply-To: <20111207231658.GQ4622@quack.suse.cz>

On Thu, Dec 08, 2011 at 12:16:58AM +0100, Jan Kara wrote:
> > We make sure to not dirty any new inodes after the first phase of the
> > freeze, so this should be a BUG_ON/WARN_ON.
>   This is not really true in presence of mmaped writes. To block mmaped
> writes on a frozen filesystem, we need some synchronization between
> page_mkwrite() and freezing code. Currently, to avoid any additional
> locking overhead, we set page dirty and *then* check for filesystem being
> frozen. Only this order can make sure either the page is written (and
> write-protected) or the frozen check triggers and we wait... (see the
> comment in block_page_mkwrite()). The nasty sideeffect of this is that
> there can be dirty pages & inodes on a frozen filesystem. We are blocked in
> the page fault of these pages so user cannot write any data to these pages
> but still they are marked dirty.
> 
> Alternatively we could have a different mechanism (rw semaphore?) to
> synchronize page faults and freezing but I'd hate the overhead for the case
> almost noone cares about...

I think the is the only sensible way to go forward.  Requiring hacks in
lots of random places to work around the fact that a single place that
might actually dirty pages despite supposedly blocking that from happen
simply isn't maintainable over the long run.

> > > +	 */
> > > +	if (vfs_is_frozen(sb)) {
> > > +		ret = -EBUSY;
> > > +		goto out_drop_super;
> > > +	}
> > 
> > How about spending the three minutes to figure it out?
> > Q_GETFMT/Q_GETINFO/Q_XGETQSTAT and Q_GETQUOTA are the obvious read-only
> > candidates.
>   Q_GETQUOTA can actually cause filesystem modification (reservation of
> space in quota file) but the others are read-only. Also after some thought
> I'd prefer that quotactl(8) just blocks to be consistent with how other
> syscalls behave...

How can a simple dqget cause modifications in the VFS quota code?
Dirting anything for a simple read of the quota information is not
only completely non-obvious but also doesn't make much sene.  We don't
dirty metadata on stat() either..


  parent reply	other threads:[~2011-12-09 11:47 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-05 20:54 [PATCH 0/5 resend] fix s_umount thaw/write and journal deadlock Kamal Mostafa
2011-12-05 20:54 ` [PATCH 1/5 resend] Adding support to freeze and unfreeze a journal Kamal Mostafa
2011-12-06 14:25   ` Matthew Wilcox
2011-12-05 20:54 ` [PATCH 2/5 resend] Thaw the journal when you unfreeze the fs Kamal Mostafa
2011-12-06 11:07   ` Matt Fleming
2011-12-06 16:22     ` Eric Sandeen
2011-12-05 20:54 ` [PATCH 3/5 resend] VFS: Fix s_umount thaw/write deadlock Kamal Mostafa
2011-12-06 11:35   ` Christoph Hellwig
2011-12-07 23:16     ` Jan Kara
2011-12-07 23:49       ` Matthew Wilcox
2011-12-08  0:05         ` Jan Kara
2011-12-09 11:47       ` Christoph Hellwig [this message]
2011-12-05 20:54 ` [PATCH 4/5 resend] VFS: Rename vfs_check_frozen() to vfs_block_until_thawed() Kamal Mostafa
2011-12-06 11:40   ` Christoph Hellwig
2011-12-07 22:46     ` Jan Kara
2011-12-05 20:54 ` [PATCH 5/5 resend] Documentation: Correct s_umount state for freeze_fs/unfreeze_fs Kamal Mostafa
2011-12-06 11:40   ` Christoph Hellwig

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111209114745.GA7543@infradead.org \
    --to=hch@infradead.org \
    --cc=adilger.kernel@dilger.ca \
    --cc=christopher.chaltain@canonical.com \
    --cc=csurbhi@gmail.com \
    --cc=jack@suse.cz \
    --cc=kamal@canonical.com \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=matthew@wil.cx \
    --cc=miaox@cn.fujitsu.com \
    --cc=mpatocka@redhat.com \
    --cc=peter.petrakis@canonical.com \
    --cc=rdunlap@xenotime.net \
    --cc=tytso@mit.edu \
    --cc=val@vaaconsulting.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.