From: Stanislav Kinsbursky <skinsbursky@parallels.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>
Subject: Re: per-net rpc shutdown
Date: Thu, 10 May 2012 01:02:40 +0400 [thread overview]
Message-ID: <4FAADB70.3090007@parallels.com> (raw)
In-Reply-To: <20120509143518.GB24233@fieldses.org>
09.05.2012 18:35, J. Bruce Fields написал:
> On Wed, May 09, 2012 at 10:26:17AM -0400, J. Bruce Fields wrote:
>> Reviewing your more recent patches I think we have a problem with some
>> of the code that's already merged. See the comment in svc_shutdown_net:
>>
>> void svc_shutdown_net(struct svc_serv *serv, struct net *net)
>> {
> By the way, note there's some preexisting trouble here:
>
>> /*
>> * The set of xprts (contained in the sv_tempsocks and
>> * sv_permsocks lists) is now constant, since it is modified
>> * only by accepting new sockets (done by service threads in
>> * svc_recv) or aging old ones (done by sv_temptimer), or
>> * configuration changes (excluded by whatever locking the
>> * caller is using--nfsd_mutex in the case of nfsd).
> I don't think the callers are as careful about this as they should be,
> so I think there may be some cases where we could crash if there are
> multiple processes concurrently trying to start, stop, and/or modify the
> listening sockets of a server.
>
> We need to fix that too.
>
> (I haven't actually seen that bug in practice. We *did* see people hit
> bugs on shutdown of a busy server before fixing the receive/shutdown
> races, though.)
>
> --b.
Looks like we can introduce one more per-service lock, which can be used
for the list, and it will solve all the issues we have.
One more question here is do we need to protect service shutdown on not.
Seems to me we don't.
But I'll check it once more.
>> So it's
>> * safe to traverse those lists and shut everything down:
>> */
>> svc_close_net(serv, net);
>>
>> if (serv->sv_shutdown)
>> serv->sv_shutdown(serv, net);
>> }
>>
>> So we depend on the fact that neither the server threads nor
>> sv_temptimer are running here to be able to safely traverse those lists
>> of sockets.
>>
>> But it looks to me like that's no longer true--we're shutting down just
>> one namespace here, and others may still be running. If so and if they
>> modify sv_tempsocks or sv_permsocks while we're running through them
>> then we're going to get a crash.
>>
>> --b.
next prev parent reply other threads:[~2012-05-09 21:02 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-09 14:26 per-net rpc shutdown J. Bruce Fields
2012-05-09 14:35 ` J. Bruce Fields
2012-05-09 21:02 ` Stanislav Kinsbursky [this message]
2012-05-11 11:41 ` [RFC PATCH] SUNRPC: protect service sockets lists during per-net shutdown Stanislav Kinsbursky
2012-05-16 16:34 ` J. Bruce Fields
2012-05-21 8:51 ` [RFC PATCH v2] " Stanislav Kinsbursky
2012-05-09 20:52 ` per-net rpc shutdown Stanislav Kinsbursky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4FAADB70.3090007@parallels.com \
--to=skinsbursky@parallels.com \
--cc=bfields@fieldses.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).