Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp3118120imm;
        Mon, 24 Sep 2018 16:23:41 -0700 (PDT)
X-Google-Smtp-Source: ACcGV600yOHgVnYkarGGcLDuqZ3fM/3bupIN7/mix+OybPoyWHE0D4OfxchGvDoVZ3nd3h6lCz6i
X-Received: by 2002:a17:902:7086:: with SMTP id z6-v6mr831694plk.236.1537831421856;
        Mon, 24 Sep 2018 16:23:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1537831421; cv=none;
        d=google.com; s=arc-20160816;
        b=kOV5gATbm8J12yg0s9mRCZfnyM6SrXPmQ6UgyyRjlUoMyqW4pKxCxOvgHABo2pXECw
         tthYx4GdmXfW7+wL4Coogzioz9qJ2hC3f6E/UyA+A3RvLPbtGl7sB812sVfohrUpweZH
         FuoiMlUmETzAH9ioCIjM1lwMsI1P+o/rRx4Xi1b2WPbRbCA9tOYkf+6xx6Itqu/YvpKL
         OIZN5hpQvNTBd7HzfqmM4knLelNEZ3ZYYj1xyNFfPxlT8Qq2Hr+PbLcl/V8YSg21s2TU
         Cys4WrtPNl97NZJdI8Sqf2bGxylqOx7LtQXCQlTn0uZMX3b8UexYZFSq2/sMqpp/zNTy
         yxSA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :organization:references:in-reply-to:message-id:subject:cc:to:from
         :date;
        bh=H7vPqfSjvQ95KTm2QnJW0ftyVzRfPlWF8Pu7f71fNIU=;
        b=Zv5M5roACZIr3T258xHYPo0rGoSyOnshOZuNxZ7xj+dl/mqZSlNZ5sN+hMTOjm7iZH
         zLEwMUiPB1NQkwRUYYU3/5KF1uq65Ik6+iJ2zj2TWlUqu2LtRjlr6kbNrghy6+Czfxqh
         /LfsSOBWrQNUHeyjqCnSut+akF/Xt0NJYTpt5H7f3dUFa/+qxxMSuMTUGdDMJPXk3gmT
         2vIghlrBpZiJW7ud5ZE2ZwE4Iie6xTJRaMzHseWZyjZGFKoaNySBcCS33xJmcaM8ZQ/d
         ZnFSJU1IjkgTuMb0aw+t+7EyOriEgm5GPS6IYBjlSLOOAy1tL7FsPbEG9jW/BJ+idQJT
         v/pg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w8-v6si600232pgw.647.2018.09.24.16.23.25;
        Mon, 24 Sep 2018 16:23:41 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727562AbeIYFZu (ORCPT <rfc822;xiaochao379261131@gmail.com>
        + 99 others); Tue, 25 Sep 2018 01:25:50 -0400
Received: from www.llwyncelyn.cymru ([82.70.14.225]:41102 "EHLO fuzix.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726200AbeIYFZu (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 25 Sep 2018 01:25:50 -0400
Received: from alans-desktop (82-70-14-226.dsl.in-addr.zen.co.uk [82.70.14.226])
        by fuzix.org (8.15.2/8.15.2) with ESMTP id w8ONL51P018093;
        Tue, 25 Sep 2018 00:21:05 +0100
Date:   Tue, 25 Sep 2018 00:21:04 +0100
From:   Alan Cox <gnomes@lxorguk.ukuu.org.uk>
To:     "Theodore Y. Ts'o" <tytso@mit.edu>
Cc:     =?UTF-8?B?54Sm5pmT5Yas?= <milestonejxd@gmail.com>,
        jlayton@redhat.com, R.E.Wolff@bitwizard.nl,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: POSIX violation by writeback error
Message-ID: <20180925002104.2da0140c@alans-desktop>
In-Reply-To: <20180905130845.GE23909@thunk.org>
References: <CAJDTihz-rFb2SGaxZsQnXGnee_2qW_ynhPe=tZ4yzQBSV_KQ1g@mail.gmail.com>
        <20180904075347.GH11854@BitWizard.nl>
        <CAJDTihzqn3whQ47uUOxGYk4Je4S10ehNEQCtfb=j--iCsdDqgQ@mail.gmail.com>
        <82ffc434137c2ca47a8edefbe7007f5cbecd1cca.camel@redhat.com>
        <CAJDTihw7T8WLme09W8VHCRfiALq4fxg1ZsywcSjn6hXsAw5wRw@mail.gmail.com>
        <cd137e88c9e882200c08c7336aa7b5a1c84a7ba3.camel@redhat.com>
        <CAJDTihzO0Y0ZE8em2LqT-Ac-Kga7W51Uwwb2uv9oTFhkJ8vKgA@mail.gmail.com>
        <20180905130845.GE23909@thunk.org>
Organization: Intel Corporation
X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.32; x86_64-redhat-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> The other thing which you seem to be assuming is that applications
> which care about precious data won't use fsync(2).  And in general,
> it's been fairly well known for decades that if you care about your
> data, you have to use fsync(2) or O_DIRECT writes; and you *must*
> check the error return of both the fsync(2) and the close(2) system
> calls.  Emacs got that right in the mid-1980's --- over 30 years ago.
> We mocked GNOME and KDE's toy notepad applications for getting this
> wrong a decade ago, and they've since fixed it.

That's also because our fsync no longer sucks rocks. It used to be
possible for a box under heavy disk I/O to take minutes to fsync a file
because our disk scheduling was so awful (hours if doing a backup to USB
stick).

The problem I think actually is a bit different. There isn't an

	int fbarrier(int fd, ...);

call with more relaxed semantics so that you can say 'what I have done so
far must not be consumed by a reader until we are sure it is stable, but
I don't actually need it to hit disk right now'. That's just a flag on
buffers saying 'if we try to read this, make sure we write it out first',
and the flag is cleared as the buffer hits media in writeback.

All of this is still probabilities. I can do all the fsync's I like,
consume the stable data, cause actions over the network like sending
people goods, and then the server is destroyed by a power surge.
Transactions are a higher level concept and the kernel can't fix that.

Alan