From: Christoph Hellwig <hch@infradead.org>
To: Jan Kara <jack@suse.cz>
Cc: Christoph Hellwig <hch@infradead.org>,
Kamal Mostafa <kamal@canonical.com>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Andreas Dilger <adilger.kernel@dilger.ca>,
Matthew Wilcox <matthew@wil.cx>,
Randy Dunlap <rdunlap@xenotime.net>, Theodore Tso <tytso@mit.edu>,
linux-doc@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
Surbhi Palande <csurbhi@gmail.com>,
Valerie Aurora <val@vaaconsulting.com>,
Christopher Chaltain <christopher.chaltain@canonical.com>,
"Peter M. Petrakis" <peter.petrakis@canonical.com>,
Mikulas Patocka <mpatocka@redhat.com>,
Miao Xie <miaox@cn.fujitsu.com>
Subject: Re: [PATCH 3/5 resend] VFS: Fix s_umount thaw/write deadlock
Date: Fri, 9 Dec 2011 06:47:45 -0500 [thread overview]
Message-ID: <20111209114745.GA7543@infradead.org> (raw)
In-Reply-To: <20111207231658.GQ4622@quack.suse.cz>
On Thu, Dec 08, 2011 at 12:16:58AM +0100, Jan Kara wrote:
> > We make sure to not dirty any new inodes after the first phase of the
> > freeze, so this should be a BUG_ON/WARN_ON.
> This is not really true in presence of mmaped writes. To block mmaped
> writes on a frozen filesystem, we need some synchronization between
> page_mkwrite() and freezing code. Currently, to avoid any additional
> locking overhead, we set page dirty and *then* check for filesystem being
> frozen. Only this order can make sure either the page is written (and
> write-protected) or the frozen check triggers and we wait... (see the
> comment in block_page_mkwrite()). The nasty sideeffect of this is that
> there can be dirty pages & inodes on a frozen filesystem. We are blocked in
> the page fault of these pages so user cannot write any data to these pages
> but still they are marked dirty.
>
> Alternatively we could have a different mechanism (rw semaphore?) to
> synchronize page faults and freezing but I'd hate the overhead for the case
> almost noone cares about...
I think the is the only sensible way to go forward. Requiring hacks in
lots of random places to work around the fact that a single place that
might actually dirty pages despite supposedly blocking that from happen
simply isn't maintainable over the long run.
> > > + */
> > > + if (vfs_is_frozen(sb)) {
> > > + ret = -EBUSY;
> > > + goto out_drop_super;
> > > + }
> >
> > How about spending the three minutes to figure it out?
> > Q_GETFMT/Q_GETINFO/Q_XGETQSTAT and Q_GETQUOTA are the obvious read-only
> > candidates.
> Q_GETQUOTA can actually cause filesystem modification (reservation of
> space in quota file) but the others are read-only. Also after some thought
> I'd prefer that quotactl(8) just blocks to be consistent with how other
> syscalls behave...
How can a simple dqget cause modifications in the VFS quota code?
Dirting anything for a simple read of the quota information is not
only completely non-obvious but also doesn't make much sene. We don't
dirty metadata on stat() either..
next prev parent reply other threads:[~2011-12-09 11:47 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-05 20:54 [PATCH 0/5 resend] fix s_umount thaw/write and journal deadlock Kamal Mostafa
2011-12-05 20:54 ` [PATCH 1/5 resend] Adding support to freeze and unfreeze a journal Kamal Mostafa
2011-12-06 14:25 ` Matthew Wilcox
2011-12-05 20:54 ` [PATCH 2/5 resend] Thaw the journal when you unfreeze the fs Kamal Mostafa
2011-12-06 11:07 ` Matt Fleming
2011-12-06 16:22 ` Eric Sandeen
2011-12-05 20:54 ` [PATCH 3/5 resend] VFS: Fix s_umount thaw/write deadlock Kamal Mostafa
2011-12-06 11:35 ` Christoph Hellwig
2011-12-07 23:16 ` Jan Kara
2011-12-07 23:49 ` Matthew Wilcox
2011-12-08 0:05 ` Jan Kara
2011-12-09 11:47 ` Christoph Hellwig [this message]
2011-12-05 20:54 ` [PATCH 4/5 resend] VFS: Rename vfs_check_frozen() to vfs_block_until_thawed() Kamal Mostafa
2011-12-06 11:40 ` Christoph Hellwig
2011-12-07 22:46 ` Jan Kara
2011-12-05 20:54 ` [PATCH 5/5 resend] Documentation: Correct s_umount state for freeze_fs/unfreeze_fs Kamal Mostafa
2011-12-06 11:40 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111209114745.GA7543@infradead.org \
--to=hch@infradead.org \
--cc=adilger.kernel@dilger.ca \
--cc=christopher.chaltain@canonical.com \
--cc=csurbhi@gmail.com \
--cc=jack@suse.cz \
--cc=kamal@canonical.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matthew@wil.cx \
--cc=miaox@cn.fujitsu.com \
--cc=mpatocka@redhat.com \
--cc=peter.petrakis@canonical.com \
--cc=rdunlap@xenotime.net \
--cc=tytso@mit.edu \
--cc=val@vaaconsulting.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).