* Al Viro <[email protected]> wrote:
> > > So two questions: why isn't -f the default? And is /sys/slab
> >
> > Because it gives misleading output. It displays the name of the
> > first of multiple slabs that share the same storage structures.
>
> Erm... Let me spell it out: current lifetime rules are completely
> broken. As it is, create/destroy/create cache sequence will do
> kobject_put() on kfree'd object. Even without people playing with
> holding sysfs files open or doing IO on those.
>
> a) you have kobject embedded into struct with the lifetime rules of
> its own. When its refcount hits zero you kfree() the sucker, even if
> you still have references to embedded kobject.
>
> b) your symlinks stick around. Even when cache is long gone you still
> have a sysfs symlink with its embedded kobject as a target. They are
> eventually removed when cache with the same name gets created. _Then_
> you get the target kobject dropped - when the memory it used to be in
> had been freed for hell knows how long and reused by something that
> would not appreciate slub.c code suddenly deciding to decrement some
> word in that memory.
>
> c) you leak references to these kobject; kobject_del() only removes it
> from the tree undoing the effect of kobject_add() and you still need
> kobject_put() to deal with the last reference.
as a sidenote: bugs like this seem to be reoccuring. People implement
sysfs bindings (without being sysfs internals experts - and why should
they be) - and create hard to debug problems. We've seen that with the
scheduler's recent sysfs changes too.
shouldnt the sysfs code be designed in a way to not allow such bugs? The
primary usecase of sysfs is by people who do _not_ deal with it on a
daily basis. So if they pick APIs that look obvious and create hard to
debug problems (and userspace incompatibilities) that's a primary
failure of sysfs, not a failure of those who utilize it.
At a minimum there should be some _strong_ debugging facility that
transparently detects and reports such bugs as they occur.
CONFIG_DEBUG_KOBJECT is totally unusable right now, it spams the syslog
(so no distro ever enables it - i disable it in random bootups as well
because it takes _ages_ to even get to a boot prompt) and never finds
any of these hard-to-find-but-easy-to-explain bugs.
or if sysfs/kobjects should be scrapped and rewritten, do you have any
insight into what kind of abstraction could/should replace it? Should we
go back to procfs and get rid of kobjects altogether? (as it's slowly
turning into a /proc problem of itself, with worse compatibility and
sneakier bugs.)
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]