Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2905843imm;
        Tue, 4 Sep 2018 11:55:32 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdbPvMPJkJZt2gkyLE8ML0uSvvwf5ZFR/cdEYsGozDH7wd5ciVs8LXdicgoI4wthWwVx+KWi
X-Received: by 2002:a17:902:286a:: with SMTP id e97-v6mr35160910plb.340.1536087332940;
        Tue, 04 Sep 2018 11:55:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536087332; cv=none;
        d=google.com; s=arc-20160816;
        b=j6BcLnmzOpPLiPXSFVay2G9JtAno871idslpH2v0+vafa+BIiQn5kGG2MCjr8tVj2s
         saW6UryWvxg0gC+pSRpzjC/IPDPWXmR7M/AA3Lw8HEKJD3bcUDfZZeoSVGOPKHwFQrB7
         gooO8QfKES0fwDbS3wOj0EPrA2lOwA1A9iv0d4KnEf2jDw6uSKVmrNbS3pZDt076kDJ7
         XIJQ5tI9FhrJ5Z47T2lCHq/uPuoBRaxgj+SaaKHD2t2kT6t9ZHCcM4lxRzV7yMZzyvs2
         bizwQrarvH+FrOznLY1Ps14554vBOQFlO3Cj7fAt+zk3KHrLpPrIRagtxfLEZXzp1Y/D
         Hc7A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=Au5gPBtc3nVKO1FQPJzYDFUv1s6RDhZndZyjRteFSMk=;
        b=uEqlBVY1F3syMAEnBNpnrZhOzvMFEh0LXnvMJugzksgjXWpiFJCzjHoLdXxWRLKHec
         j+TB/oYSGi8HO+uE/cwf9ZlPzfoEko8KYzb167RsfrXZdEyWgDD6T2+h0uufQMOoKgoR
         t2eAqpgbiUA8fD9Y/Qb8IH0n4L0bsVdQplDIa0ymLsTbZLjD5UypKefIf4CDECRqagLP
         wBDUap1tOH3AmoB0sIycbWm0QgXWFvY0nubhpePM/vxkS0hNXZNRMttIACd6HotujZMM
         zKtmQAxHJRNEazFtgkm54sY1YhTL5Sumxl/LD8v9SA96ovAh1g4/iio4JGAvvs0coVSo
         TH5w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q8-v6si19346065pls.482.2018.09.04.11.55.16;
        Tue, 04 Sep 2018 11:55:32 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727799AbeIDXUf (ORCPT <rfc822;zzmahb@gmail.com> + 99 others);
        Tue, 4 Sep 2018 19:20:35 -0400
Received: from fieldses.org ([173.255.197.46]:56578 "EHLO fieldses.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727315AbeIDXUf (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Sep 2018 19:20:35 -0400
Received: by fieldses.org (Postfix, from userid 2815)
        id 7BE451DCB; Tue,  4 Sep 2018 14:54:11 -0400 (EDT)
Date:   Tue, 4 Sep 2018 14:54:11 -0400
From:   "J. Bruce Fields" <bfields@fieldses.org>
To:     Rogier Wolff <R.E.Wolff@BitWizard.nl>
Cc:     Jeff Layton <jlayton@redhat.com>,
        =?utf-8?B?54Sm5pmT5Yas?= <milestonejxd@gmail.com>,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: POSIX violation by writeback error
Message-ID: <20180904185411.GA22166@fieldses.org>
References: <CAJDTihz-rFb2SGaxZsQnXGnee_2qW_ynhPe=tZ4yzQBSV_KQ1g@mail.gmail.com>
 <20180904075347.GH11854@BitWizard.nl>
 <CAJDTihzqn3whQ47uUOxGYk4Je4S10ehNEQCtfb=j--iCsdDqgQ@mail.gmail.com>
 <82ffc434137c2ca47a8edefbe7007f5cbecd1cca.camel@redhat.com>
 <CAJDTihw7T8WLme09W8VHCRfiALq4fxg1ZsywcSjn6hXsAw5wRw@mail.gmail.com>
 <cd137e88c9e882200c08c7336aa7b5a1c84a7ba3.camel@redhat.com>
 <20180904161203.GD17478@fieldses.org>
 <20180904162348.GN17123@BitWizard.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20180904162348.GN17123@BitWizard.nl>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Sep 04, 2018 at 06:23:48PM +0200, Rogier Wolff wrote:
> On Tue, Sep 04, 2018 at 12:12:03PM -0400, J. Bruce Fields wrote:
> > Well, I think the point was that in the above examples you'd prefer that
> > the read just fail--no need to keep the data.  A bit marking the file
> > (or even the entire filesystem) unreadable would satisfy posix, I guess.
> > Whether that's practical, I don't know.
> 
> When you would do it like that (mark the whole filesystem as "in
> error") things go from bad to worse even faster. The Linux kernel 
> tries to keep the system up even in the face of errors. 
> 
> With that suggestion, having one application run into a writeback
> error would effectively crash the whole system because the filesystem
> may be the root filesystem and stuff like "sshd" that you need to
> diagnose the problem needs to be read from the disk.... 

Well, the absolutist position on posix compliance here would be that a
crash is still preferable to returning the wrong data.  And for the
cases 焦晓冬 gives, that sounds right?  Maybe it's the wrong balance in
general, I don't know.  And we do already have filesystems with
panic-on-error options, so if they aren't used maybe then maybe users
have already voted against that level of strictness.

--b.