On Wed, 28 Nov 2012, Linus Torvalds wrote:
> On Wed, Nov 28, 2012 at 12:03 PM, Linus Torvalds
> <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> >
> > mmap() is in *no* way special. The exact same thing happens for
> > regular read/write. Yet somehow the mmap code is special-cased, while
> > the normal read-write code is not.
>
> I just double-checked, because it's been a long time since I actually
> looked at the code.
>
> But yeah, block device read/write uses the pure page cache functions.
> IOW, it has the *exact* same IO engine as mmap() would have.
>
> So here's my suggestion:
>
> - get rid of *all* the locking in aio_read/write and the splice paths
> - get rid of all the stupid mmap games
>
> - instead, add them to the functions that actually use
> "blkdev_get_block()" and "blkdev_get_blocks()" and nowhere else.
>
> That's a fairly limited number of functions:
> blkdev_{read,write}page(), blkdev_direct_IO() and
> blkdev_write_{begin,end}()
>
> Doesn't that sounds simpler? And more logical: it protects the actual
> places that use the block size of the device.
>
> I dunno. Maybe there is some fundamental reason why the above is
> broken, but it seems to be a much simpler approach. Sure, you need to
> guarantee that the people who get the write-lock cannot possibly cause
> IO while holding it, but since the only reason to get the write lock
> would be to change the block size, that should be pretty simple, no?
>
> Yeah, yeah, I'm probably missing something fundamental, but the above
> sounds like the simple approach to fixing things. Aiming for having
> the block size read-lock be taken by the things that pass in the
> block-size itself.
>
> It would be nice for things to be logical and straightforward.
>
> Linus
The problem with this approach is that it is very easy to miss points
where it is assumed that the block size doesn't change - and if you miss a
point, it results in a hidden bug that has a little possibility of being
found.
For example, __block_write_full_page and __block_write_begin do
if (!page_has_buffers(page)) { create_empty_buffers... }
and then they do
WARN_ON(bh->b_size != blocksize)
err = get_block(inode, block, bh, 1)
... so if the buffers were left over from some previous call to
create_empty_buffers with a different blocksize, that WARN_ON is trigged.
And it's not only a harmless warning - now bh->b_size is left set to the
old block size, but bh->b_blocknr is set to a number, that was calculated
according to the new block size - and when you submit that buffer with
submit_bh, it is written to the wrong place!
Now, prove that there are no more bugs like this.
Locking the whole read/write/mmap operations is crude, but at least it can
be done without thorough review of all the memory management code.
Mikulas
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
