[v4,0/6] bio_split() error handling rework

Message ID	20241111112150.3756529-1-john.g.garry@oracle.com (mailing list archive)
Headers	show Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A2C1418B46C; Mon, 11 Nov 2024 11:22:28 +0000 (UTC) From: John Garry <john.g.garry@oracle.com> To: axboe@kernel.dk, song@kernel.org, yukuai3@huawei.com, hch@lst.de Cc: martin.petersen@oracle.com, linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org, hare@suse.de, Johannes.Thumshirn@wdc.com, John Garry <john.g.garry@oracle.com> Subject: [PATCH v4 0/6] bio_split() error handling rework Date: Mon, 11 Nov 2024 11:21:44 +0000 Message-Id: <20241111112150.3756529-1-john.g.garry@oracle.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: bulk MIME-Version: 1.0
Series	bio_split() error handling rework \| expand [v4,0/6] bio_split() error handling rework [v4,1/6] block: Rework bio_split() return value [v4,2/6] block: Error an attempt to split an atomic write in bio_split() [v4,3/6] block: Handle bio_split() errors in bio_submit_split() [v4,4/6] md/raid0: Handle bio_split() errors [v4,5/6] md/raid1: Handle bio_split() errors [v4,6/6] md/raid10: Handle bio_split() errors

Message ID

20241111112150.3756529-1-john.g.garry@oracle.com (mailing list archive)

Headers

From: John Garry <john.g.garry@oracle.com>
To: axboe@kernel.dk, song@kernel.org, yukuai3@huawei.com, hch@lst.de
Cc: martin.petersen@oracle.com, linux-block@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
 hare@suse.de,
        Johannes.Thumshirn@wdc.com, John Garry <john.g.garry@oracle.com>
Subject: [PATCH v4 0/6] bio_split() error handling rework
Date: Mon, 11 Nov 2024 11:21:44 +0000
Message-Id: <20241111112150.3756529-1-john.g.garry@oracle.com>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
Precedence: bulk
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 i0Xx0JUV2W93KhjzOwrV8qcBQaqELth+5X8Lv+BPF510fxXBNRbRGMiwigtlOpTbNGGtnnTpfYD226QiZNlbChtOnv6fXusKDlJyqCRlLzABXydk9uuUEItfnGuAobl8Zre5OqahABpqlm9o1iQOhTiuylla4NoynTAHEdLi8txeSbLBnmdUUer1r3RHU7feWr6p1ARNOBmpB569V4jKwfKl70D+hNoL5gwYuuFX1DzUiskZ4WH4zeZ5+1aLMhDCOKPJvrWhurQdTdaKX5QUbnN84lIUsMrKMqhzgHwY7LBJZ01gFLf8Yz+EviUdT707GFFwJi0/nftbhAyL37+Y4XUNs8Be8EVzsTRnIeuNid+lxYDrC0QwlqjqwuuAiu0tqn+AR7P3ptdol4FNK8Pk+qvt2IOeZ2fRAOPeCh1Q7zphW/QGbOi7y22vfS03GF71nPXaK5G4XqQ1xd/nLSmmxYxDxjH7PbsX4PupFSxvrGBIuo9I8lBy74zCyGOu+oUHybmZB9Yl3pbRH8l8dpTbEQJNSyB4ERWI57Chkua5DWy8yhwlZwaX2SXKqk6AdY+dkAg7kHe2SZ+bmA1WvL6uttxTXK0oDhawme16Aj4t+j7WjPdE2p7V0EuUqTdNglbg6snjeEGGebVxZ0m0C4WRAXBv65G+zLdwg19fvFp2q4LehNb/0m7SLvkFakc7pxHPLQEKmZWA9UoY5o4ZzLRQf07MoFi3m+vyWbu8xvGd2lUxiuN9pMTLA2hLO4ZmaaB/yC8cwmHjFEy1SYjCWRMuHvAYgpPGXx44b7nyCYz6k9/3O1ednacrLgfzOrzril0rqJL9mehKw8ZsTY4xSD+GiUgQVDMZfrBChjxB9Av1zXVUiWuVyv7Ib+vFrnc65e6ekZKXRqsUbBAH82dhoMKrYa0BH2dUoQwLMDmalgUuFQGjw9ix1oEZYDCm0u5BDjTjXu6lgtFl/qSq+0Ax/OYF8dRv/PwKEKD9SmmppnwojimoPbINhqI3UQUpCryB6sLSC6mQEcCdv8DIIMQGRlyeUCNqbzkwl0jmyQ2qPp5UFetHUwHsppM4ipft7kTmK0vDApas6N8Ni5ABFVKVy0lsH3ncXacR3ToLkN4sk8wthsm+CN/rUfewwkgoaYo/qgsE9+2cPU9JlAYZn/qdxn7+LexvlODWhtgrUI9FXzDsXqTRKtmk5sXpVJF9A+otdTzQOHRWbNebX+iD1di2qIFWAuR4SLzIMhmciQcKoUL2SLRhIUzHuvRevxlU9Man/2hI23hmgEzAEogRU/kt5kXuW91H+yYvyopZciSWWGDMd0z8FckQeXigJvjMKzsMbX+ApOtD18PmB/U0D4/PfJKA79/nq37paw/oaB1u7s3OLCa9n8xDYiJ6Bfz0H+VHcs+qhn0uTSG2h7C0DEijgG7Ei1o7yLCenhZOlYnNraCU6lFwn0ibABHQ2o3/1Spz3nA8ynPcptqIXQY+xGYegYB3z6qCyrEDCRzAUUw55UBzokM4Kz9X4ORgD70SIZNu4z/xM9NtYssrfIY5LOV3Hb1YxDoAJmmFFzgdnIbQUR6aS7ZwTqEmKNRBoM3KV8WO0eQjFpE5r4S9XxBSAi6X9+BKSg==
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: 
	spDx+9Lt0NCuB9rf3WM6CNrrxg2y8CKkXHlZ1QYaykF2Z0Q2OoTCUdSQHCV/uV1IdKufAhTzmcbJCRDiDpCVaZ72X30n94VIS0qvgNgP4Na911AUoo5eAKSjiu07GX9SmOVVm8YobCFhUet5IGK03vGhGJD0oHAcfI4ObF4g2p2YB6VvZW5O6VSAsQawRZjz5zwLDTrR69iDf/kDmxJmE+cwo2FuGqbyyfRsGY/M8Bt2in7a8Q2tF3D/GVxpsmy1jCkAc+l3VL7l35AiFkQsAtVxxzXxYJjwbUfZvCW/82TaQI5SWJ4l6ybZIuSEpbkZWtIrbIQe2ziLVsPlYnnrF3FGWUJtNr8rFGneKzaiMAnUaJFI+N/+X1StzpNla+kIhu1nFgcDhte7h5QLTc2peyv4tEy3Y03uq9TL15kH/M06cga7aciRLzDn/q/VvNia79O4SMGzDl5SS9OCe/EYRYxBTrOvGOSogee2J+Gn0y394/YB+dmuRnJkWWzn5lxsWv+m5TX3BBqTn+jzmgsltpXrfCC7jFF4clNzEQzkQv19yg3ylid26dvWcrQvYqtU4WSCvaZPNoQAnLrF5TowbGfj1Pn/lNTAxfeYEbMBhkQ=
X-OriginatorOrg: oracle.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 96b404dc-b7bd-4491-5358-08dd024314a4
X-MS-Exchange-CrossTenant-AuthSource: DM6PR10MB4313.namprd10.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Nov 2024 11:22:09.0340
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 677XaRKLW+KBoWflXk++E5FNhBUYqTtf9OVg15c7l4bcOwu2vjJLrjOJ7KsKftiFMa6E/HFoyCU/KJVFzaT/PQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR10MB5194
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.62.30
 definitions=2024-11-11_08,2024-11-08_01,2024-09-30_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0
 malwarescore=0 mlxscore=0
 bulkscore=0 suspectscore=0 phishscore=0 mlxlogscore=999 spamscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2409260000
 definitions=main-2411110095
X-Proofpoint-GUID: hSR9ieX28sdxchEA-KfFLjJVN4YGZQL6
X-Proofpoint-ORIG-GUID: hSR9ieX28sdxchEA-KfFLjJVN4YGZQL6

Series

bio_split() error handling rework | expand

Message

John Garry Nov. 11, 2024, 11:21 a.m. UTC

bio_split() error handling could be improved as follows:
- Instead of returning NULL for an error - which is vague - return a
  PTR_ERR, which may hint what went wrong.
- Remove BUG_ON() calls - which are generally not preferred - and instead
  WARN and pass an error code back to the caller. Many callers of
  bio_split() don't check the return code. As such, for an error we would
  be getting a crash still from an invalid pointer dereference.

Most bio_split() callers don't check the return value. However, it could
be argued the bio_split() calls should not fail. So far I have just
fixed up the md RAID code to handle these errors, as that is my interest
now.

The motivator for this series was initial md RAID atomic write support in
https://lore.kernel.org/linux-block/20241030094912.3960234-1-john.g.garry@oracle.com/T/#m5859ee900de8e6554d5bb027c0558f0147c32df8

There I wanted to ensure that we don't split an atomic write bio, and it
made more sense to handle this in bio_split() (instead of the bio_split()
caller).

Based on (block/for-6.13/block) 5fcfcd51ea1c zram: fix NULL pointer in comp_algorithm_show()

Changes since v3:
- Rebase
- Add RB tags from Hannes and Kuai (thanks!)

Changes since v2:
- Drop "block: Use BLK_STS_OK in bio_init()" change (Christoph)
- Use proper rdev indexing in raid10_write_request() (Kuai)
- Decrement rdev nr_pending in raid1 read error path (Kuai)
- Add RB tags from Christoph, Johannes, and Kuai (thanks!)

John Garry (6):
  block: Rework bio_split() return value
  block: Error an attempt to split an atomic write in bio_split()
  block: Handle bio_split() errors in bio_submit_split()
  md/raid0: Handle bio_split() errors
  md/raid1: Handle bio_split() errors
  md/raid10: Handle bio_split() errors

 block/bio.c                 | 14 +++++++----
 block/blk-crypto-fallback.c |  2 +-
 block/blk-merge.c           | 15 ++++++++----
 drivers/md/raid0.c          | 12 ++++++++++
 drivers/md/raid1.c          | 33 ++++++++++++++++++++++++--
 drivers/md/raid10.c         | 47 ++++++++++++++++++++++++++++++++++++-
 6 files changed, 110 insertions(+), 13 deletions(-)

Comments

Jens Axboe Nov. 11, 2024, 3:35 p.m. UTC | #1

On Mon, 11 Nov 2024 11:21:44 +0000, John Garry wrote:
> bio_split() error handling could be improved as follows:
> - Instead of returning NULL for an error - which is vague - return a
>   PTR_ERR, which may hint what went wrong.
> - Remove BUG_ON() calls - which are generally not preferred - and instead
>   WARN and pass an error code back to the caller. Many callers of
>   bio_split() don't check the return code. As such, for an error we would
>   be getting a crash still from an invalid pointer dereference.
> 
> [...]

Applied, thanks!

[1/6] block: Rework bio_split() return value
      commit: e546fe1da9bd47a6fddce6b37c17b1aa1811f7d3
[2/6] block: Error an attempt to split an atomic write in bio_split()
      commit: 27b26f09a7e6ae3ecae460299349b31fe0b5452f
[3/6] block: Handle bio_split() errors in bio_submit_split()
      commit: 6eb09685885a4445da31097aa6418ee1875f9cec
[4/6] md/raid0: Handle bio_split() errors
      commit: 74538fdac3e85aae55eb4ed786478ed2384cb85d
[5/6] md/raid1: Handle bio_split() errors
      commit: b1a7ad8b5c4fa28325ee7b369a2d545d3e16ccde
[6/6] md/raid10: Handle bio_split() errors
      commit: 4cf58d9529097328b669e3c8693ed21e3a041903

Best regards,