On Fri, Sep 01, 2023 at 01:47:10PM +0200, Mateusz Guzik wrote:
> On 9/1/23, Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote:
> > On Thu, Aug 31, 2023 at 12:18:24PM +0200, Mateusz Guzik wrote:
> >> So I figured an assert should be there on the write lock held, then the
> >> issue would have been automagically reported.
> >>
> >> Turns out notify_change has the following:
> >> WARN_ON_ONCE(!inode_is_locked(inode));
> >>
> >> Which expands to:
> >> static inline int rwsem_is_locked(struct rw_semaphore *sem)
> >> {
> >> return atomic_long_read(&sem->count) != 0;
> >> }
> >>
> >> So it does check the lock, except it passes *any* locked state,
> >> including just readers.
> >>
> >> According to git blame this regressed from commit 5955102c9984
> >> ("wrappers for ->i_mutex access") by Al -- a bunch of mutex_is_locked
> >> were replaced with inode_is_locked, which unintentionally provides
> >> weaker guarantees.
> >>
> >> I don't see a rwsem helper for wlock check and I don't think it is all
> >> that beneficial to add. Instead, how about a bunch of lockdep, like so:
> >> diff --git a/fs/attr.c b/fs/attr.c
> >> index a8ae5f6d9b16..f47e718766d1 100644
> >> --- a/fs/attr.c
> >> +++ b/fs/attr.c
> >> @@ -387,7 +387,7 @@ int notify_change(struct mnt_idmap *idmap, struct
> >> dentry *dentry,
> >> struct timespec64 now;
> >> unsigned int ia_valid = attr->ia_valid;
> >>
> >> - WARN_ON_ONCE(!inode_is_locked(inode));
> >> + lockdep_assert_held_write(&inode->i_rwsem);
> >>
> >> error = may_setattr(idmap, inode, ia_valid);
> >> if (error)
> >>
> >> Alternatively hide it behind inode_assert_is_wlocked() or whatever other
> >> name.
> >
> > Better to do it like mmap_lock:
> >
> > static inline void mmap_assert_write_locked(struct mm_struct *mm)
> > {
> > lockdep_assert_held_write(&mm->mmap_lock);
> > VM_BUG_ON_MM(!rwsem_is_locked(&mm->mmap_lock), mm);
> > }
> >
>
> May I suggest continuing this with responses to the patch I sent? ;)
That's annoying. Don't split this kind of conversation up if you don't
have to.
> [RFC PATCH] vfs: add inode lockdep assertions on -fsdevel
>
> I made it line up with asserts for i_mmap_rwsem.
>
> btw your non-lockdep check suffers the very problem I'm trying to fix
> here -- checking for *any* locked state.
I'll respond to this over there then.
