From: Nick Piggin <npiggin@kernel.dk>
To: Christoph Hellwig <hch@infradead.org>
Cc: Nick Piggin <npiggin@kernel.dk>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
mfasheh@suse.com, joel.becker@oracle.com, swhiteho@redhat.com
Subject: Re: [patch 7/8] fs: fix or note I_DIRTY handling bugs in filesystems
Date: Tue, 4 Jan 2011 18:52:48 +1100 [thread overview]
Message-ID: <20110104075248.GB4090@amd> (raw)
In-Reply-To: <20110104063944.GA1910@infradead.org>
On Tue, Jan 04, 2011 at 01:39:44AM -0500, Christoph Hellwig wrote:
> On Tue, Jan 04, 2011 at 05:04:52PM +1100, Nick Piggin wrote:
> > However I strongly believe that filesystems should be able to access
> > and manipulate the inode dirty state directly. If you agree with that,
> > then I think they should be able to access the lock required for that.
> > Filesystems will want to keep their internal state in synch with vfs
> > visible state most likely (eg. like your hfsplus patches), and _every_
> > time we do "loose" coupling between state bits like this (eg. page and
> > buffer state; page and pte state; etc), it turns out to be a huge mess
> > of races and subtle code and ordering.
>
> I've probably done the two most complicated fsync implementations in xfs
> and hfsplys myself, and I'd really prefer the interface to be as simple
> as possible.
Agree and as I said I'll change inode_writeback_begin/end to do the
locking and just return the dirty bit mask etc.
> The way the I_DIRTY_* flags and the datasync parameter to
> ->fsync interact are almost a receipe for getting it wrong, which in
> fact most implementations that tried to be smart did. See gfs2 and
> ocfs2 comments in this threads for classic examples.
Right if you want a helper to get the correct mask of bits required
that's fine and I agree, but locking is a different issue too: if
filesystems are trying to keep private state in sync with vfs state,
then they _need_ to do it properly with the proper locking. I think
your hfsplus implementation had a bug or two in this area didn't it?
(although I ended up getting side tracked with all these bugs half
way through looking at that).
> If we actually get filesystems that need to do smarts in
> checking/clearing the I_DIRTY_* flag we can discuss proper interfaces
> for it - duplicating guts of i_state manipulations sounds like a
> relatively bad idea for that.
I disagree, but we'll explore it further later.
It is a couple of lines to check and clear dirty bits. Not rocket
science and I think it is far better to make it explicit what is
happening to the filesystem. The disconnect between what the vfs is
doing and what the filesystems throught should be happening is what
caused all these bugs to start with.
Anyway, long story short, I'll drop the inode_lock export and move the
locking and manipulation into inode_writeback_begin/end for now.
Thanks,
Nick
next prev parent reply other threads:[~2011-01-04 7:52 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-18 1:46 [patch 0/8] Inode data integrity patches Nick Piggin
2010-12-18 1:46 ` [patch 1/8] fs: mark_inode_dirty barrier fix Nick Piggin
2010-12-18 1:46 ` [patch 2/8] fs: simple fsync race fix Nick Piggin
2010-12-18 1:46 ` [patch 3/8] fs: introduce inode writeback helpers Nick Piggin
2010-12-18 1:46 ` [patch 4/8] fs: preserve inode dirty bits on failed metadata writeback Nick Piggin
2010-12-18 1:46 ` [patch 5/8] fs: ext2 inode sync fix Nick Piggin
2011-01-07 19:08 ` Ted Ts'o
2010-12-18 1:46 ` [patch 6/8] fs: fsync optimisations Nick Piggin
2010-12-18 1:46 ` [patch 7/8] fs: fix or note I_DIRTY handling bugs in filesystems Nick Piggin
2010-12-29 15:01 ` Christoph Hellwig
2011-01-03 15:03 ` Steven Whitehouse
2011-01-03 16:58 ` Christoph Hellwig
2011-01-04 7:12 ` Nick Piggin
2011-01-04 14:22 ` Steven Whitehouse
2011-01-04 6:04 ` Nick Piggin
2011-01-04 6:39 ` Christoph Hellwig
2011-01-04 7:52 ` Nick Piggin [this message]
2011-01-04 9:13 ` Christoph Hellwig
2011-01-04 9:28 ` Nick Piggin
2010-12-18 1:46 ` [patch 8/8] fs: add i_op->sync_inode Nick Piggin
2010-12-29 15:12 ` Christoph Hellwig
2011-01-04 6:27 ` Nick Piggin
2011-01-04 6:57 ` Christoph Hellwig
2011-01-04 8:03 ` Nick Piggin
2011-01-04 8:31 ` Nick Piggin
2011-01-04 9:25 ` Christoph Hellwig
2011-01-04 9:52 ` Nick Piggin
2011-01-06 20:49 ` Christoph Hellwig
2011-01-07 4:48 ` Nick Piggin
2011-01-07 7:25 ` Christoph Hellwig
2011-01-11 3:44 ` Nick Piggin
2011-01-04 9:25 ` Christoph Hellwig
2011-01-04 9:49 ` Nick Piggin
2011-01-06 20:45 ` Christoph Hellwig
2011-01-07 4:47 ` Nick Piggin
2011-01-07 7:24 ` Christoph Hellwig
2011-01-07 7:29 ` Christoph Hellwig
2011-01-07 13:10 ` Christoph Hellwig
2011-01-07 18:30 ` Ted Ts'o
2011-01-07 18:32 ` Christoph Hellwig
2011-01-07 19:06 ` Ted Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110104075248.GB4090@amd \
--to=npiggin@kernel.dk \
--cc=akpm@linux-foundation.org \
--cc=hch@infradead.org \
--cc=joel.becker@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mfasheh@suse.com \
--cc=swhiteho@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).