From: "Artem B. Bityuckiy" <dedekind@yandex.ru>
To: David Woodhouse <dwmw2@infradead.org>, linux-mtd@lists.infradead.org
Subject: Re: [PATCH] JFFS[23] slab corruption
Date: Wed, 05 Jan 2005 17:13:06 +0300 [thread overview]
Message-ID: <41DBF5F2.5040208@yandex.ru> (raw)
In-Reply-To: <1104924806.5547.49.camel@baythorne.infradead.org>
I'd like to do some analysis. David, could you please comment my notes:
1. Consider removing ic from mark_node_obsolete (NOR only).
When ic may have no nodes?
a). When the inode is deleted. In this case all it's nodes are marked
obsolete (thankfully we may mark them obsolete physically). This happens
when ic->nlink == 0 and last iput() is called.
b). I'm not sure, may be temporary it may have no valid nodes. I mean
some transient state when, for example, there is one node A, and another
node B is added, and B obsoletes A. Then possibly A will be first marked
obsolete, then B will be added. Between these two operations, ic may
have no nodes. I'm not sure, but it seems in the current implementation
in such situations A will be always added first. So, mark_node_obsolete
should not delete the ic in such temporary states.
But why do mark_node_obsolete code delete the correspondent ic if there
is no nodes left? It should not delete ic because of b) . Moreover,
conceptually it is not its work - the last iput handler should do that
(do_clean_inode() may be).
Conclusions: a) remove that peace of code from the mark_node_obsolete.
b) be sure ic will be deleted by somebody else.
2. Conceder jffs2_remove_node_refs_from_ino_list() function. It deletes
ic if there are no nodes...
At first this is only valid for NAND. In case of NOR obsolete nodes are
removed from the per-inode list as soon as they marked obsolete.
In case of nand our live is complicated because we can not mark nodes
obsolete physically. And deletion/deleted direntries bring us
misfortune. We must keep track of them in the per-inode list and only
remove them when the last instance of the deleted direntry has been
erased...
But before the erase code deletes ic, it should be sure there are no
open files (iget count = 0) and ic->nlink = 0. But it seems it does not
do so. ... May continue reasoning, but want to be sure I understand
thing correctly. So, will wait for comments.
--
Best Regards,
Artem B. Bityuckiy,
St.-Petersburg, Russia.
next prev parent reply other threads:[~2005-01-05 14:13 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-03 19:26 [PATCH] JFFS[23] slab corruption Artem B. Bityuckiy
2005-01-05 10:42 ` Artem B. Bityuckiy
2005-01-05 11:33 ` David Woodhouse
2005-01-05 14:13 ` Artem B. Bityuckiy [this message]
2005-02-27 10:30 ` David Woodhouse
2005-02-27 14:02 ` Artem B. Bityuckiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41DBF5F2.5040208@yandex.ru \
--to=dedekind@yandex.ru \
--cc=dwmw2@infradead.org \
--cc=linux-mtd@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox