From: tytso@athena.mit.edu (Theodore Y. Ts'o) Subject: Re: mvdir suggestion... Date: Fri, 31 Jan 1992 19:06:26 GMT
In article <1992Jan31.090128.3898mrs@netcom.COM> mrs@netcom.COM (Morgan Schweers) writes:
Umm, err, isn't it possible (nay, even, a good idea?) to
simply make a link to the old directory as the new name, and
remove the old directory?
The problem is that bad things happen if you make the first link(), and
then mvdir crashes and doesn't do the unlink(). This results in an
inconsistent filesystem, and it is somewhat undesirable for the
filesystem to be at the mercy of a user program. This can be alleviated
by only allowing root to do hard links on directories, but that still
means that a root program can accidentally link a directory in two
places and really screw things up.
Also, under your scheme it is up to the program to detect cases where
you're doing a "mvdir /usr/src /usr/src/linux/src". If you do the link()
and unlink() blindly, they will succeed, but the subdirectory which used
to be /usr/src will end up being disconnected from the filesystem
hierarchy --- and you won't be able to recover those files or even
reclaim the disk space without the help of fsck.
Okay, okay, race condition? What the heck *IS* a race
condition?
A race condition happens when two processes are trying to do something,
and they run into each other. For example, suppose we used your design
of performing mvdir by doing a link(src, dest) and then a unlink(dest).
Now suppose two users simultaneously issue the commands:
mvdir /usr/src/linux /src/linux
mvdir /usr/src/linux /usr/src/sys
Now then, suppose that the order of the links and unlink happen in this
order
User 1: link("/usr/src/linux", "/usr/linux");
User 2: link("/usr/src/linux", "/usr/src/sys");
User 1: unlink("/usr/src/linux");
User 2: unlink("/usr/src/linux"); (fails)
Now you have one directory appearing in two different places, which is
bad but not a catastrophe. However, there may be much worse race
conditions, depending on the specifics of how the code is structured.
Race conditions are notoriously hard to debug, since they happen so
rarely. The phase of the moon has to be just right.....
If you want to find out more about race conditions, you should probably
read a OS design book, like the Minix: Design and Implementation book.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Theodore Ts'o bloom-beacon!mit-athena!tytso
308 High St., Medford, MA 02155 tytso@athena.mit.edu
Everybody's playing the game, but nobody's rules are the same!