Re: [PATCH v2] fs: change test in inode_insert5 for adding to the sb list

From: Dave Chinner <dchinner@redhat.com>
To: Jeff Layton <jlayton@kernel.org>
Cc: linux-fsdevel@vger.kernel.org, ceph-devel@vger.kernel.org,
	idryomov@gmail.com, xiubli@redhat.com,
	Al Viro <viro@zeniv.linux.org.uk>
Subject: Re: [PATCH v2] fs: change test in inode_insert5 for adding to the sb list
Date: Fri, 13 May 2022 00:21:28 +1000	[thread overview]
Message-ID: <Yn0X6FyrosBlGnMq@rh> (raw)
In-Reply-To: <20220511165339.85614-1-jlayton@kernel.org>

On Wed, May 11, 2022 at 12:53:39PM -0400, Jeff Layton wrote:
> The inode_insert5 currently looks at I_CREATING to decide whether to
> insert the inode into the sb list. This test is a bit ambiguous though
> as I_CREATING state is not directly related to that list.
> 
> This test is also problematic for some upcoming ceph changes to add
> fscrypt support. We need to be able to allocate an inode using new_inode
> and insert it into the hash later if we end up using it, and doing that
> now means that we double add it and corrupt the list.
> 
> What we really want to know in this test is whether the inode is already
> in its superblock list, and then add it if it isn't. Have it test for
> list_empty instead and ensure that we always initialize the list by
> doing it in inode_init_once. It's only ever removed from the list with
> list_del_init, so that should be sufficient.
> 
> There doesn't seem to be any need to hold the inode_hash_lock for this
> operation either, so drop that before adding to to the list.
> 
> Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
> Cc: Dave Chinner <dchinner@redhat.com>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
> ---
>  fs/inode.c | 13 +++++++++----
>  1 file changed, 9 insertions(+), 4 deletions(-)
> 
> A small revision to the patch that I sent as part of the ceph+fscrypt
> series. I didn't see any need to hold the inode_hash_lock when adding
> the inode to the sb list, so do that outside the lock. I also revised
> the comment to be more clear.

I'm not sure that's valid. The moment the hash lock is dropped,
other lookups can find this inode in the cache. Hence there's no
guarantee that someone else isn't already accessing the inode
once the hash lock is dropped. Hence it's not clear to me that this
is a safe modification to make.

Given that we already do the list add under the hash lock, I don't
see any real gain to removing it from that context and it isn't
necessary to address the problem.

If you are concerned about reducing inode_has_lock contention, then
the answer to that is to convert the global lock to bit list locks
as the dentry cache uses. I wrote a patch a while back to do this:

https://lore.kernel.org/linux-fsdevel/20210406123343.1739669-1-david@fromorbit.com/

Hence at this stage, I prefer the original version that doesn't
change locking because there's much less risk associated with it.

Cheers,

DAve.
-- 
Dave Chinner
dchinner@redhat.com