From: Nick Piggin <npiggin@suse.de>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>, linux-fsdevel@vger.kernel.org
Subject: Re: [patch] fs: fix superblock iteration race
Date: Sat, 12 Jun 2010 13:37:30 +1000 [thread overview]
Message-ID: <20100612033730.GF16436@laptop> (raw)
In-Reply-To: <AANLkTilJ748JdsfCTOrMcdkwWjB3HhA1mmhfETc1kyzL@mail.gmail.com>
On Fri, Jun 11, 2010 at 09:06:01AM -0700, Linus Torvalds wrote:
> On Fri, Jun 11, 2010 at 7:50 AM, Nick Piggin <npiggin@suse.de> wrote:
> > Not sure if this is really the _cleanest_ way to fix it. But open coding
> > the list walking is a bit annoying too. And I couldn't see any real way to
> > make the list macro safe. Better ideas?
>
> I really think we should open-code the list walking instead. You
> basically already are doing that, and in a very non-obvious way too
> (ie you are mixing the non-open-coded list walker with also explicitly
> playing with the internal variable for that magic walker.
>
> So I would get rid of the 'list_for_each_entry_safe' entirely, and
> replace it with something like
>
> struct list_head *list;
>
> spin_lock(&sb_lock);
> list = super_blocks->next;
> while (list != &super_blocks) {
> struct super_block *sb = list_entry(next, struct super_block, s_list);
> list = list->next;
>
> if (list_empty(&sb->s_instances))
> continue;
>
> if (!sb->s_nr_dentry_unused)
> continue;
>
> sb->s_count++;
> spin_unlock(&sb_lock);
>
> .... whatever ...
>
> spin_lock(&sb_lock);
> /* We dropped the lock, need to re-load the next list entry */
> list = sb->s_list.next;
> __put_super(sb);
> }
Yeah I do agree really. I guess the bug came about in the first place
because it's easy to overlook where the memory accesses happen.
> which isn't that much more complicated, now is it? Sure, it's
> open-coded, but at least it doesn't play games. And being open-coded,
> it's a lot more honest about the issue. Maybe even add a comment
> saying "we can't use the list_for_each[_safe]() macro, because we
> don't hold the lock and we're not the only ones that may delete
> things" explaining _why_ it's open-coded.
>
> I dunno. Maybe Al disagrees. I just don't like using the "simple
> helpers" and then changing subtly how they work by knowing their
> internals.
I'll respin the patch and we'll see.
next prev parent reply other threads:[~2010-06-12 3:37 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-11 14:50 [patch] fs: fix superblock iteration race Nick Piggin
2010-06-11 16:06 ` Linus Torvalds
2010-06-12 3:37 ` Nick Piggin [this message]
2010-06-12 3:57 ` Nick Piggin
2010-06-12 4:15 ` Linus Torvalds
2010-06-12 4:38 ` Nick Piggin
2010-06-12 4:46 ` Linus Torvalds
2010-06-14 15:07 ` Nick Piggin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100612033730.GF16436@laptop \
--to=npiggin@suse.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).