From: Al Viro <viro@zeniv.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: yangerkun <yangerkun@huawei.com>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
yi.zhang@huawei.com, houtao1@huawei.com, miaoxie@huawei.com
Subject: Re: system panic while dentry reference count overflow
Date: Tue, 7 May 2019 22:14:54 +0100 [thread overview]
Message-ID: <20190507211454.GO23075@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CAHk-=whj-JPwYzmn6tCJHV219Z4nOPrNCYJr04DyCzoNZb79AQ@mail.gmail.com>
On Tue, May 07, 2019 at 01:47:31PM -0700, Linus Torvalds wrote:
> On Tue, May 7, 2019 at 12:55 PM Al Viro <viro@zeniv.linux.org.uk> wrote:
> >
> >
> > Provided that lockref.c is updated accordingly (look at e.g.
> > lockref_get_not_zero()).
>
> Yeah, we should likely just make this all a lockref feature.
>
> The dcache is *almost* the only user of lockrefs. We've got them in
> gfs2 too, but that looks like it would be perfectly happy with the
> same model.
>
> > lockref_get_not_zero() hitting dead dentry is not abnormal,
> > so we'd better not complain in such case... BTW, wouldn't that WARN_ON()
> > in dget() belong in lockref_get()?
>
> Yeah.
OK... Lockref parts aside, I suspect that the right sequence
would be
* make d_alloc() and d_alloc_cursor() check for excessive
growth of parent's refcount and fail if it's about to occur. That will
result in -ENOMEM for now, if we want another errno value, we can
follow with making d_alloc() return ERR_PTR() on failure (instead of
NULL)
* lift the increment of new parent's refcount into the
callers of __d_move(..., false)
* make the callers in d_splice_alias() fail if refcount is
about to overflow
* add a reference-consuming variant of d_move()
* switch d_move() callers to that one by one, lifting
the refcount increment into those, with bailout on overflow
* make complete_walk() check for overflow, bail out
if it happens.
* ditto for clone_mnt().
That would take care of the majority of long-term references; then
we'll see what's left...
prev parent reply other threads:[~2019-05-07 21:15 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-06 3:36 system panic while dentry reference count overflow yangerkun
2019-05-07 0:40 ` Al Viro
2019-05-07 1:50 ` Linus Torvalds
2019-05-07 4:15 ` Al Viro
2019-05-07 15:26 ` Linus Torvalds
2019-05-07 19:16 ` Al Viro
2019-05-07 19:23 ` Linus Torvalds
2019-05-07 19:55 ` Al Viro
2019-05-07 20:47 ` Linus Torvalds
2019-05-07 21:14 ` Al Viro [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190507211454.GO23075@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=houtao1@huawei.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=miaoxie@huawei.com \
--cc=torvalds@linux-foundation.org \
--cc=yangerkun@huawei.com \
--cc=yi.zhang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.