On Fri, Nov 15, 2019 at 08:58:05AM -0500, Steven Rostedt wrote: > On Fri, 15 Nov 2019 13:48:23 +0000 > Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote: > > > > BTW, what do you mean by "can debugfs_remove_recursive() rely upon the > > > lack of attempts to create new entries inside the subtree it's trying > > > to kill?" > > > > Is it possible for something to call e.g. debugfs_create_dir() (or any > > similar primitive) with parent inside the subtree that has been > > passed to debugfs_remove_recursive() call that is still in progress? > > > > If debugfs needs to cope with that, debugfs_remove_recursive() needs > > considerably heavier locking, to start with. > > I don't know about debugfs, but at least tracefs (which cut and pasted > from debugfs) does not allow that. At least in theory it doesn't allow > that (and if it does, it's a bug in the locking at the higher levels). > > And perhaps debugfs shouldn't allow that either. As it is only suppose > to be a light weight way to interact with the kernel, hence the name > "debugfs". > > Yu, do you have a test case for the "infinite loop" case? Infinite loop, AFAICS, is reasonably easy to trigger - just open a non-empty subdirectory and lseek to e.g. next-to-last element in it. Again, list_empty() use in there is quite wrong - it can give false negatives just on the cursors. No arguments about that part...
