[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090210060737.GZ28946@ZenIV.linux.org.uk>
Date: Tue, 10 Feb 2009 06:07:37 +0000
From: Al Viro <viro@...IV.linux.org.uk>
To: Li Zefan <lizf@...fujitsu.com>
Cc: Peter Zijlstra <peterz@...radead.org>,
LKML <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Paul Menage <menage@...gle.com>,
Arjan van de Ven <arjan@...radead.org>,
linux-fsdevel@...r.kernel.org
Subject: Re: [cgroup or VFS ?] INFO: possible recursive locking detected
On Tue, Feb 10, 2009 at 01:19:17PM +0800, Li Zefan wrote:
> > You have no promise whatsoever that whoever's been trying to
> > get the lock in question will even get out of the locking primitive
> > before the memory that contains the lock gets freed. In case of superblocks
> > in general, you don't free them until ->s_count hits zero. At that point
> > anything as much as remembering the address of that superblock is already
> > FUBAR.
> >
>
> This is not the general case. This sb won't be seen by anyone, and destroy_super()
> is called on a sb with ->s_count == 1 and ->s_umount held.
... so in this case we have even a stronger warranty of everything being
OK with freeing it while locked. "Nothing has ever seen its address"
means that entire struct contents is fair game...
As for the other question, you are leaving a reference to root hanging from
superblock still on the list (grab_super() will fail on it, but that's it)
and you have code that might look into the damn thing (test callback you
pass to sget()). Dereferencing pointers to freed objects is not nice, to
put it mildly...
BTW, which dentries are going to stick around until that point?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists