Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp546437pxb; Wed, 13 Apr 2022 07:33:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwNIMXf2qFgQyS0cE/stF6X8mK7Nsf77Nyl4je3LdQjeqKh0ug3i/JNp8LIc9heMgnkqsJ2 X-Received: by 2002:a17:906:3707:b0:6e8:6bfe:da0e with SMTP id d7-20020a170906370700b006e86bfeda0emr20401632ejc.78.1649860397289; Wed, 13 Apr 2022 07:33:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649860397; cv=none; d=google.com; s=arc-20160816; b=0DGI6XOHExNuonGYb4NEteea4Tk+ij6PLjCIQGnLxeGYXaQHZnRWHC7SgQMdq+uQ2R hAox5/VYZzzB62N59dcFyATV07BYfFd3ZIhWHRGv2CtnmufOFoQh1xt3M0x4UMifc+Rt AkHx9GqAmNBLRepFXEagctJ7MaUKljRG3hEIFKLZhbt3Ysue7tzAxwJC/Zoksvim0uEg XOCHUKniaGWywPdY5HSM3jdzvSbK7ygsmSUfHPgUJVtqaucs+RhxXDx+xfijQh0jA6+m 05s9lyKKy2hP6wBAjDahOaAeHdlE8vAb0bgAVZza4kM9wLKO4EHVFCAoGdCfcqitw4I7 iCSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=OBJ8BWzK/d7WSzRgGlvfuGRHMx82z19cyIUrziJ5n6g=; b=hK2+G2hC/H/5M6T6uDTVaompypv7s0qEmFopR6H6XZnkr+nngHZJ740iDpCjryhLui Y1d3ZyM+njszBvCKg7nc3HPPz+hr0Zp58o+aoRH77t0MRLDe4d6scNjoNyS1eH/xJUWg th2I1AhkVkIBTMCdqByVvBRyXAFWbmII5fQ48kjP1jzmZm4pinIQK+XP2lCSgs792tFd cLsptken4F5GxxyB1OpA68kAZnlRxiPeOoLLTZ95ynOGFkbbK3XWVpCeno730cT10Gmo XHT8s3R0SToIDeLv8kV7/Sh1hrYHoZ2E5/swXvn8/lJLvy0YmNTyRcyHeIvUfKKTWxZZ AlSg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id do4-20020a170906c10400b006dfd7e72065si62252ejc.513.2022.04.13.07.32.50; Wed, 13 Apr 2022 07:33:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231963AbiDMGMt (ORCPT + 99 others); Wed, 13 Apr 2022 02:12:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52138 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232277AbiDMGMP (ORCPT ); Wed, 13 Apr 2022 02:12:15 -0400 Received: from mail104.syd.optusnet.com.au (mail104.syd.optusnet.com.au [211.29.132.246]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 56C1F35DE1; Tue, 12 Apr 2022 23:09:53 -0700 (PDT) Received: from dread.disaster.area (pa49-181-115-138.pa.nsw.optusnet.com.au [49.181.115.138]) by mail104.syd.optusnet.com.au (Postfix) with ESMTPS id E9AFA53458F; Wed, 13 Apr 2022 16:09:48 +1000 (AEST) Received: from dave by dread.disaster.area with local (Exim 4.92.3) (envelope-from ) id 1neWCI-00H7H4-RH; Wed, 13 Apr 2022 16:09:46 +1000 Date: Wed, 13 Apr 2022 16:09:46 +1000 From: Dave Chinner To: Dan Williams Cc: Shiyang Ruan , Linux Kernel Mailing List , linux-xfs , Linux NVDIMM , Linux MM , linux-fsdevel , "Darrick J. Wong" , Christoph Hellwig , Jane Chu Subject: Re: [PATCH v12 6/7] xfs: Implement ->notify_failure() for XFS Message-ID: <20220413060946.GL1544202@dread.disaster.area> References: <20220410160904.3758789-1-ruansy.fnst@fujitsu.com> <20220410160904.3758789-7-ruansy.fnst@fujitsu.com> <20220413000423.GK1544202@dread.disaster.area> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Optus-CM-Score: 0 X-Optus-CM-Analysis: v=2.4 cv=deDjYVbe c=1 sm=1 tr=0 ts=62566930 a=/kVtbFzwtM2bJgxRVb+eeA==:117 a=/kVtbFzwtM2bJgxRVb+eeA==:17 a=kj9zAlcOel0A:10 a=z0gMJWrwH1QA:10 a=7-415B0cAAAA:8 a=1SRcz3ERVth_psKDs80A:9 a=CjuIK1q_8ugA:10 a=biEYGPWJfzWAr4FL6Ov7:22 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, SPF_HELO_PASS,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 12, 2022 at 07:06:40PM -0700, Dan Williams wrote: > On Tue, Apr 12, 2022 at 5:04 PM Dave Chinner wrote: > > On Mon, Apr 11, 2022 at 12:09:03AM +0800, Shiyang Ruan wrote: > > > Introduce xfs_notify_failure.c to handle failure related works, such as > > > implement ->notify_failure(), register/unregister dax holder in xfs, and > > > so on. > > > > > > If the rmap feature of XFS enabled, we can query it to find files and > > > metadata which are associated with the corrupt data. For now all we do > > > is kill processes with that file mapped into their address spaces, but > > > future patches could actually do something about corrupt metadata. > > > > > > After that, the memory failure needs to notify the processes who are > > > using those files. ... > > > @@ -1964,8 +1965,8 @@ xfs_alloc_buftarg( > > > btp->bt_mount = mp; > > > btp->bt_dev = bdev->bd_dev; > > > btp->bt_bdev = bdev; > > > - btp->bt_daxdev = fs_dax_get_by_bdev(bdev, &btp->bt_dax_part_off, NULL, > > > - NULL); > > > + btp->bt_daxdev = fs_dax_get_by_bdev(bdev, &btp->bt_dax_part_off, mp, > > > + &xfs_dax_holder_operations); > > > > I see a problem with this: we are setting up notify callbacks before > > we've even read in the superblock during mount. i.e. we don't even > > kow yet if we've got an XFS filesystem on this block device. > > Hence these notifications need to be delayed until after the > > filesystem is mounted, all the internal structures have been set up > > and log recovery has completed. > > So I think this gets back to the fact that there will eventually be 2 > paths into this notifier. I'm not really concerned by how the notifications are generated; my concern is purely that notifications can be handled safely. > All that to say, I think it is ok / expected for the filesystem to > drop notifications on the floor when it is not ready to handle them. Well, yes. The whole point of notifications is the consumer makes the decision on what to do with the notification it receives - the producer of the notification does not (and can not) dictate what policy the consumer(s) implement... > For example there are no processes to send SIGBUS to if the filesystem > has not even finished mount. There may be not processes to send SIGBUS to even if the filesystem has finished mount. But we still want the notifications to be delivered and we still need to handle them safely. IOWs, while we might start by avoiding notifications during mount, this doesn't mean we will never have reason to process events during mount. What we do with this notification is going to evolve over time as we add new and adapt existing functionality.... Cheers, Dave. -- Dave Chinner david@fromorbit.com