Re: [PATCH] fs: Add an explicit might_sleep() to iput

From: Al Viro
Date: Wed May 27 2020 - 16:05:32 EST


On Wed, May 27, 2020 at 09:50:46PM +0200, KP Singh wrote:
> On Wed, May 27, 2020 at 9:09 PM Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
> >
> > On Wed, May 27, 2020 at 04:17:53PM +0200, KP Singh wrote:
> > > From: KP Singh <kpsingh@xxxxxxxxxx>
> > >
> > > It is currently mentioned in the comments to the function that iput
> > > might sleep when the inode is destroyed. Have it call might_sleep, as
> > > dput already does.
> > >
> > > Adding an explicity might_sleep() would help in quickly realizing that
> > > iput is called from a place where sleeping is not allowed when
> > > CONFIG_DEBUG_ATOMIC_SLEEP is enabled as noticed in the dicussion:
> >
> > You do realize that there are some cases where iput() *is* guaranteed
> > to be non-blocking, right?
>
> Yes, but the same could be said about dput too right?

Theoretically, but note that even there dput(NULL) won't trigger that.

> Are there any callers that rely on these cases? (e.g. when the caller is
> sure that it's not dropping the last reference to the inode).

Not sure - there might be. Try and see if it gives false positives,
but I would rather have it done in -next circa -rc1, so we could see
what falls out and withdraw that if there turn out to be some.

One thing I definitely want to avoid is a flow of BS patches of
"warning is given, therefore we must do something, this is something,
let's do it" variety. Right now we have just under 700 callers in
the tree, most of them in individual filesystems; I'm not up to
auditing that pile on the moments notice...