From: Qu Wenruo <wqu@suse.com>
To: dsterba@suse.cz, Qu Wenruo <quwenruo.btrfs@gmx.com>,
David Sterba <dsterba@suse.com>,
linux-btrfs@vger.kernel.org
Subject: Re: [PATCH 10/10] btrfs: add and use simple page/bio to inode/fs_info helpers
Date: Tue, 27 Jul 2021 17:42:10 +0800 [thread overview]
Message-ID: <aee4baab-b288-0520-545e-f1c28cac3e09@suse.com> (raw)
In-Reply-To: <20210727084552.GK5047@twin.jikos.cz>
On 2021/7/27 下午4:45, David Sterba wrote:
> On Tue, Jul 27, 2021 at 06:26:47AM +0800, Qu Wenruo wrote:
>> On 2021/7/26 下午11:09, David Sterba wrote:
>>> On Mon, Jul 26, 2021 at 08:41:57PM +0800, Qu Wenruo wrote:
>>>>
>>>>
>>>> On 2021/7/26 下午8:15, David Sterba wrote:
>>>>> We have lots of places where we want to obtain inode from page, fs_info
>>>>> from page and open code the pointer chains.
>>>>
>>>> All those inode/fs_info grabbing from just a page is dangerous.
>>>>
>>>> If an anonymous page is passed in unintentionally, it can easily crash
>>>> the system.
>>>>
>>>> Thus at least some ASSERT() here is a must to me.
>>>
>>> But we can only check if the pointer is valid, any page can have a valid
>>> pointer but not our fs_info. If it crashes on an unexpected page than
>>> what can we do in the code anyway?
>>
>> What I mean is to check page->mapping for the page passed in.
>>
>> Indeed we can't do anything when we hit a page with NULL mapping
>> pointer, but that's a code bug.
>> An ASSERT() would make us developer aware what's going wrong and to fix
>> the bug.
>
> The assert is a more verbose crash, so that's slightly more developer
> friendly but I'm still not convinced it's worth the assert. Right now
> the macros are not static inlines so they don't need full definitions of
> page and mapping and the other types. Embedding the asserts into macros
> would look like
>
> ({ ASSERT(page); ASSERT(page->mapping); page->mapping->host; })
ASSERT(page) is not needed.
ASSERT(page->mapping) is what I think is necessary.
With something like ({ ASSERT(page); page->mapping->host; }), it still
looks fine to me.
>
> Or perhaps also page with a temporary variable to avoid multiple
> evaluations.
>
> The helpers are used in a handful of places, if we really care about
> consistency of the assertions, something like assert_page_ok(page) would
> have to be in each function that gets the page from other subsystems.
>
The call site that should really be concerned is compression, which
utilize anonymous pages, along with cached pages.
(Scrub is another case, but scrub never mix cached pages with anonymous,
thus it's less a concern)
In fact, during subpage compression development, I have already exposed
several locations where we are trying to pass anonymous page with
manually populated page->i_mapping.
Thus I'm sensitive to this problem.
So far in your code, it's not touching compression code, thus it's fine
for now.
But it's just a problem of time before next refactor to use this macros
for compression code.
Without proper ASSERT(), it's super easy to cause problems IMHO.
Thanks,
Qu
next prev parent reply other threads:[~2021-07-27 9:42 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-26 12:15 [PATCH 00/10] Misc small cleanups David Sterba
2021-07-26 12:15 ` [PATCH 01/10] btrfs: switch uptodate to bool in btrfs_writepage_endio_finish_ordered David Sterba
2021-07-26 12:23 ` Qu Wenruo
2021-07-26 12:15 ` [PATCH 02/10] btrfs: remove uptodate parameter from btrfs_dec_test_first_ordered_pending David Sterba
2021-07-26 12:24 ` Qu Wenruo
2021-07-26 12:15 ` [PATCH 03/10] btrfs: make btrfs_next_leaf static inline David Sterba
2021-07-26 12:25 ` Qu Wenruo
2021-07-26 12:15 ` [PATCH 04/10] btrfs: tree-checker: use table values for stripe checks David Sterba
2021-07-26 12:29 ` Qu Wenruo
2021-07-26 14:47 ` David Sterba
2021-07-26 12:15 ` [PATCH 05/10] btrfs: tree-checker: add missing stripe checks for raid1c3/4 profiles David Sterba
2021-07-26 12:29 ` Qu Wenruo
2021-07-26 12:15 ` [PATCH 06/10] btrfs: uninline btrfs_bg_flags_to_raid_index David Sterba
2021-07-26 12:34 ` Qu Wenruo
2021-07-26 15:06 ` David Sterba
2021-07-26 12:15 ` [PATCH 07/10] btrfs: merge alloc_device helpers David Sterba
2021-07-26 12:35 ` Qu Wenruo
2021-07-26 12:15 ` [PATCH 08/10] btrfs: simplify data stripe calculation helpers David Sterba
2021-07-26 12:38 ` Qu Wenruo
2021-07-26 15:06 ` David Sterba
2021-07-26 22:23 ` Qu Wenruo
2021-07-27 8:39 ` David Sterba
2021-07-27 9:32 ` Qu Wenruo
2021-07-26 12:15 ` [PATCH 09/10] btrfs: constify and cleanup variables comparators David Sterba
2021-07-26 12:15 ` [PATCH 10/10] btrfs: add and use simple page/bio to inode/fs_info helpers David Sterba
2021-07-26 12:41 ` Qu Wenruo
2021-07-26 15:09 ` David Sterba
2021-07-26 22:26 ` Qu Wenruo
2021-07-27 8:45 ` David Sterba
2021-07-27 9:42 ` Qu Wenruo [this message]
2021-07-27 14:44 ` David Sterba
2021-07-27 15:03 ` [PATCH v2 " David Sterba
2021-07-28 0:12 ` Qu Wenruo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aee4baab-b288-0520-545e-f1c28cac3e09@suse.com \
--to=wqu@suse.com \
--cc=dsterba@suse.com \
--cc=dsterba@suse.cz \
--cc=linux-btrfs@vger.kernel.org \
--cc=quwenruo.btrfs@gmx.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).