On Mon, 10 Oct 2005, Andrew Morton wrote:
Anton Altaparmakov <[email protected]> wrote:
> Maybe the best solution is neither one nor another. Testing and failing
> gracefully seems better.
>
> What do you think?
I certainly agree with you there. I neither want a deadlock nor
corruption. (-:
Yup. In the present implementation __getblk_slow() "cannot fail". It's
conceivable that at some future stage we'll change __getblk_slow() so that
it returns NULL on an out-of-memory condition.
The question is if it is desired --- it will make bread return NULL on
out-of-memory condition, callers will treat it like an IO error, skipping
access to the affected block, causing damage on perfectly healthy
filesystem.
I liked what linux-2.0 did in this case --- if the kernel was out of
memory, getblk just took another buffer, wrote it if it was dirty and used
it. Except for writeable loopback device (where writing one buffer
generates more dirty buffers), it couldn't deadlock.
Mikukas
Anyone making such a change
would have to audit all callers to make sure that they handle the NULL
correctly.
It is appropriate at this time to fix the callers so that they correctly
handle the NULL return. However, it is non-trivial to actually _test_ such
changes, and such changes should be tested. Or at least, they should be
done with considerable care and knowledge of the specific filesystems.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]