tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Replace lockmgr for vnodes

On Wed Mar 19 2008 at 05:35:06 +0000, David Holland wrote:
> Well, yes. But that's the point. If it were feasible to have vfs (or
> genfs) do all the locking for rename before getting into the
> fs-dependent code, it would mean that in most cases the fs wouldn't
> have the opportunity to get it wrong.

Then I'd die of happiness.

>  > And I don't buy that either.  I think there are more locking problems
>  > outside of file systems than in them (because of namei).
> I doubt that. While namei is certainly a mess (and is the proximate
> cause of substantial mess in every fs function that receives a
> componentname) its locking is basically very simple. Whereas I think
> it's pretty safe to assume at this point that almost every rename
> implementation is wrong in some fashion.

I'd call the locking/calling convention anything but simple.  I did
rump_syscalls last week exactly because all my hand-crafted syscalls
had bugs in the calls to namei.  I don't think I even can list all
the rules off the top of my head.  Stuff like "LOCKPARENT returns dvp
locked unless no LOCKLEAF and dvp == vp" and "namei returns 0 for CREATE
depending on if dvp exists and is writable instead of whether vp exists"
always make me want to have more coffee (or vodka, depending on the
level of desperation).

But I'll give you this.  Even though there are more calls to namei than
implementations of rename, they're generally a billion times easier to
test since triggering bugs doesn't depend on weird timings.

Now I should schedule a few weeks of idle time to read your other mail ...

Antti Kantee <>                     Of course he runs 
    "la qualité la plus indispensable du cuisinier est l'exactitude"

Home | Main Index | Thread Index | Old Index