From: Mike Snitzer <snitzer@redhat.com>
To: John Stoffel <john@stoffel.org>
Cc: dm-devel@redhat.com, Mikulas Patocka <mpatocka@redhat.com>,
Milan Broz <mbroz@redhat.com>
Subject: Re: dm-integrity: fix inefficient allocation of stack space
Date: Wed, 19 Jul 2017 15:02:30 -0400 [thread overview]
Message-ID: <20170719190230.GC20480@redhat.com> (raw)
In-Reply-To: <22895.42876.199753.299282@quad.stoffel.home>
On Wed, Jul 19 2017 at 2:39pm -0400,
John Stoffel <john@stoffel.org> wrote:
> >>>>> "Mikulas" == Mikulas Patocka <mpatocka@redhat.com> writes:
>
> Mikulas> When using block size greater than 512 bytes, the dm-integrity target
> Mikulas> allocates journal space inefficiently, it allocates one entry for each
> Mikulas> 512-byte chunk of data, fills entries for each block of data and leaves
> Mikulas> the remaining entries unused. This doesn't cause data corruption, but it
> Mikulas> causes severe performance degradation.
>
> Mikulas> This patch fixes the journal allocation. As a safety it also
> Mikulas> adds BUG that fires if the variables representing journal
> Mikulas> usage get out of sync (it's better to crash than continue and
> Mikulas> corrupt data, so BUG is justified).
>
> No, I don't agree. You should lock down the block device(s) using the
> dm-integrity target, but you should NOT take down the entire system
> because of this. Just return a failure up the stack that forces the
> device into read only mode so that there's a chance to debug this
> issue.
>
> Using a BUG_ON, especially for code that isn't proven, is just wrong.
> Do a WARN_ONCE() and then return an error instead.
I'll remove the BUG_ON from this stable@ fix. Mikulas, please have a
look at handling the failure more gracefully (maybe like John suggests).
In general, there are too many BUG_ON()s in the dm-integrity code. I
let them slide for inclusion but it would probably be a good idea to
look at eliminating them and putting the dm-integrity device into "fail
mode" in the face of critical errors -- much like dm-thinp and dm-cache
has.
Mike
next prev parent reply other threads:[~2017-07-19 19:02 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-19 15:23 [PATCH] dm-integrity: fix inefficient allocation of stack space Mikulas Patocka
2017-07-19 18:39 ` John Stoffel
2017-07-19 19:02 ` Mike Snitzer [this message]
2017-07-19 21:07 ` John Stoffel
2017-07-20 10:59 ` Mikulas Patocka
2017-07-20 11:25 ` Mikulas Patocka
[not found] ` <22896.56378.568488.989656@quad.stoffel.home>
2017-07-21 12:15 ` Mikulas Patocka
2017-07-20 15:46 ` John Stoffel
2017-07-20 10:45 ` Mikulas Patocka
2017-07-20 10:26 ` [PATCH] " Mikulas Patocka
2017-07-20 15:43 ` John Stoffel
2017-07-21 12:29 ` Mikulas Patocka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170719190230.GC20480@redhat.com \
--to=snitzer@redhat.com \
--cc=dm-devel@redhat.com \
--cc=john@stoffel.org \
--cc=mbroz@redhat.com \
--cc=mpatocka@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.