Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp3959863pxu; Wed, 9 Dec 2020 05:10:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJywuOqDLkrZoliTIHkIFG30gAmbdg8F43s4TO/rwT/FXmQsLBy1eOgylVJp9HROpTRIFia2 X-Received: by 2002:a50:d6d3:: with SMTP id l19mr1995940edj.376.1607519409027; Wed, 09 Dec 2020 05:10:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607519409; cv=none; d=google.com; s=arc-20160816; b=CgZjTFogrWaT8EFylWuD/m2kK9aQsngQBNYBUz8IJ5qx8+Ls6G9PlEqopYXBD3ESGX stvA/6sbGDTY1TlIafFyNg/40cByLsAjsl5W7drIJwISGKEe37OEjd9UpGQ3m67Vf0Qv JaAzrRFxdup80JT0sTQA8i4OXB63iT/CuknT5yYlG0iKUh4JIvgdXrY6UI/3a6F07ULm e4ZzldHRpSq6G66SsTSvlKXMTFteuaTPk+8w3tSob3yZ1jjir12/BLrRm9UVWU9NMIjw agThxbc2ypDyJAcpo6lEdZG7/QoZXquocR0wYm8B/P1xbkXiYs+BJkz5cQDUlj+7Qwjs PrOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:message-id:in-reply-to :date:references:organization:subject:cc:to:from; bh=LVpFvXETfnT2uqeBGLr/oqlJUvTpFecbmXXjwqYzdQA=; b=eDUOnsyti3MhXEiXu2Hw6cv1M381691YQ24UODqMSmbGGJ/oJ3Z/ow64EDFyuNzdIi y211AknsFVRqcbWFuFN3aIO+9CuzcTAWzi6vmtSasLh5nip4Qs4ftlEQdFYChdq4g/Wg YANtJSf78bEixPyOsD6EMcB2FzqRS37WE5XNN5d5uz1MbAKN0EZMwFYMWQg+GItJ861r FpjqOW4OB0e9YfHRiUE1UvOEDaj8+A65K/qOoAkAIHI7F3vyXNmbIxP0RAVc6fSnKEcd ul/AWtzI2r9BBtINsMvh+Jwl8ijlNpcdpvpXTOwh87L6gOhO3AzlU41aTZZbL0Y3r9X6 pASQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l22si757285ejr.379.2020.12.09.05.09.36; Wed, 09 Dec 2020 05:10:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731902AbgLINHC (ORCPT + 99 others); Wed, 9 Dec 2020 08:07:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51876 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732017AbgLING4 (ORCPT ); Wed, 9 Dec 2020 08:06:56 -0500 Received: from bhuna.collabora.co.uk (bhuna.collabora.co.uk [IPv6:2a00:1098:0:82:1000:25:2eeb:e3e3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3207FC0613CF; Wed, 9 Dec 2020 05:06:16 -0800 (PST) Received: from localhost (unknown [IPv6:2804:14c:132:242d::1000]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: krisman) by bhuna.collabora.co.uk (Postfix) with ESMTPSA id 24A531F45318; Wed, 9 Dec 2020 13:06:12 +0000 (GMT) From: Gabriel Krisman Bertazi To: "Darrick J. Wong" Cc: David Howells , viro@zeniv.linux.org.uk, tytso@mit.edu, khazhy@google.com, adilger.kernel@dilger.ca, linux-ext4@vger.kernel.org, linux-fsdevel@vger.kernel.org, kernel@collabora.com Subject: Re: [PATCH 5/8] vfs: Include origin of the SB error notification Organization: Collabora References: <20201208003117.342047-6-krisman@collabora.com> <20201208003117.342047-1-krisman@collabora.com> <952750.1607431868@warthog.procyon.org.uk> <87r1o05ua6.fsf@collabora.com> <20201208184123.GC106255@magnolia> <87lfe85c6b.fsf@collabora.com> <20201209032425.GD106255@magnolia> Date: Wed, 09 Dec 2020 10:06:07 -0300 In-Reply-To: <20201209032425.GD106255@magnolia> (Darrick J. Wong's message of "Tue, 8 Dec 2020 19:24:25 -0800") Message-ID: <87h7ov5dts.fsf@collabora.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org "Darrick J. Wong" writes: > On Tue, Dec 08, 2020 at 04:29:32PM -0300, Gabriel Krisman Bertazi wrote: >> "Darrick J. Wong" writes: >> >> > On Tue, Dec 08, 2020 at 09:58:25AM -0300, Gabriel Krisman Bertazi wrote: >> >> David Howells writes: >> >> >> >> > Gabriel Krisman Bertazi wrote: >> >> > >> >> >> @@ -130,6 +131,8 @@ struct superblock_error_notification { >> > >> > FWIW I wonder if this really should be inode_error_notification? >> > >> > If (for example) ext4 discovered an error in the blockgroup descriptor >> > and wanted to report it, the inode and block numbers would be >> > irrelevant, but the blockgroup number would be nice to have. >> >> A previous RFC had superblock_error_notification and >> superblock_inode_error_notification split, I think we can recover that. >> >> > >> >> >> __u32 error_cookie; >> >> >> __u64 inode; >> >> >> __u64 block; >> >> >> + char function[SB_NOTIFICATION_FNAME_LEN]; >> >> >> + __u16 line; >> >> >> char desc[0]; >> >> >> }; >> >> > >> >> > As Darrick said, this is a UAPI breaker, so you shouldn't do this (you can, >> >> > however, merge this ahead a patch). Also, I would put the __u16 before the >> >> > char[]. >> >> > >> >> > That said, I'm not sure whether it's useful to include the function name and >> >> > line. Both fields are liable to change over kernel commits, so it's not >> >> > something userspace can actually interpret. I think you're better off dumping >> >> > those into dmesg. >> >> > >> >> > Further, this reduces the capacity of desc[] significantly - I don't know if >> >> > that's a problem. >> >> >> >> Yes, that is a big problem as desc is already quite limited. I don't >> > >> > How limited? >> >> The largest notification is 128 bytes, the one with the biggest header >> is superblock_error_notification which leaves 56 bytes for description. >> >> > >> >> think it is a problem for them to change between kernel versions, as the >> >> monitoring userspace can easily associate it with the running kernel. >> > >> > How do you make that association? $majordistro's 4.18 kernel is not the >> > same as the upstream 4.18. Wouldn't you rather the notification message >> > be entirely self-describing rather than depending on some external >> > information about the sender? >> >> True. I was thinking on my use case where the customer controls their >> infrastructure and would specialize their userspace tools, but that is >> poor design on my part. A self describing mechanism would be better. >> >> > >> >> The alternative would be generating something like unique IDs for each >> >> error notification in the filesystem, no? >> >> >> >> > And yet further, there's no room for addition of new fields with the desc[] >> >> > buffer on the end. Now maybe you're planning on making use of desc[] for >> >> > text-encoding? >> >> >> >> Yes. I would like to be able to provide more details on the error, >> >> without having a unique id. For instance, desc would have the formatted >> >> string below, describing the warning: >> >> >> >> ext4_warning(inode->i_sb, "couldn't mark inode dirty (err %d)", err); >> > >> > Depending on the upper limit on the length of messages, I wonder if you >> > could split the superblock notification and the description string into >> > separate messages (with maybe the error cookie to tie them together) so >> > that the struct isn't limited by having a VLA on the end, and the >> > description can be more or less an arbitrary string? >> > >> > (That said I'm not familiar with the watch queue system so I have no >> > idea if chained messages even make sense here, or are already >> > implemented in some other way, or...) >> >> I don't see any support for chaining messages in the current watch_queue >> implementation, I'd need to extend the interface to support it. I >> considered this idea before, given the small description size, but I >> thought it would be over-complicated, even though much more future >> proof. I will look into that. >> >> What about the kernel exporting a per-filesystem table, as a build >> target or in /sys/fs//errors, that has descriptions strings for each >> error? Then the notification can have only the FS type, index to the >> table and params. This won't exactly be self-describing as you wanted >> but, differently from function:line, it removes the need for the source >> code, and allows localization. The per-filesystem table would be >> stable ABI, of course. > > Yikes. I don't think people are going to be ok with a message table > where we can never remove the strings. I bet GregKH won't like that > either (one value per sysfs file). Indeed, sysfs seems out of question. In fact the string format doesn't even need to be in the kernel, and we don't need the strings to be sent as part of the notifications. What if we can have a bunch of notification types, specific for each error message, and a library in userspace that parses the notifications and understands the parameters passed? The library then displays the data as they wish. > (Maybe I misread that and all you meant by stable ABI is the fact that > the table exists at a given path and the notification message gives you > a index into ... wherever we put it.) The kernel could even export the table as a build-time target, that get's installed into X. But even that is not necessary if a library can make sense of a notification that uniquely identifies each error and only includes the useful debug parameters without any string formatting? -- Gabriel Krisman Bertazi