From: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
To: Wu Fengguang <fengguang.wu@intel.com>
Cc: Andi Kleen <andi@firstfloor.org>, "tytso@mit.edu" <tytso@mit.edu>,
"hch@infradead.org" <hch@infradead.org>,
"mfasheh@suse.com" <mfasheh@suse.com>,
"aia21@cantab.net" <aia21@cantab.net>,
"hugh.dickins@tiscali.co.uk" <hugh.dickins@tiscali.co.uk>,
"swhiteho@redhat.com" <swhiteho@redhat.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"npiggin@suse.de" <npiggin@suse.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Satoshi OSHIMA <satoshi.oshima.fk@hitachi.com>,
Taketoshi Sakuraba <taketoshi.sakuraba.hc@hitachi.com>
Subject: Re: [PATCH] [16/19] HWPOISON: Enable .remove_error_page for migration aware file systems
Date: Tue, 11 Aug 2009 12:48:36 +0900 [thread overview]
Message-ID: <4A80EA14.4030300@hitachi.com> (raw)
In-Reply-To: <20090810070745.GA26533@localhost>
Wu Fengguang wrote:
>>However, we have a way to avoid this kind of data corruption at
>>least for ext3. If we mount an ext3 filesystem with data=ordered
>>and data_err=abort, all I/O errors on file data block belonging to
>>the committing transaction are checked. When I/O error is found,
>>abort journaling and remount the filesystem with read-only to
>>prevent further updates. This kind of feature is very important
>>for mission critical systems.
>
> Agreed. We also set PG_error, which should be enough to trigger such
> remount?
ext3 doesn't check PG_error. Maybe we need to do:
1. trylock_buffer()
2. if step 1. succeeds, then clear_buffer_dirty(),
clear_buffer_uptodate(), and set_buffer_write_io_error()
Note that we can't truncate the corrupted page until the error
check is done by kjournald.
>>If we merge this patch, we would face the data corruption problem
>>again.
>>
>>I think there are three options,
>>
>>(1) drop this patch
>>(2) merge this patch with new panic_on_dirty_page_cache_corruption
>> sysctl
>>(3) implement a more sophisticated error_remove_page function
>
> In fact we proposed a patch for preventing the re-corruption case, see
>
> http://lkml.org/lkml/2009/6/11/294
>
> However it is hard to answer the (policy) question "How sticky should
> the EIO bit remain?".
It's a good approach! This approach may also solve my concern,
the re-corruption issue caused by transient IO errors.
But I also think it needs a bit more consideration. For example,
if the application has the valid data in the user space buffer,
it would try to re-write it after detecting an IO error from the
previous write. In this case, we should clear the sticky error flag.
Thanks,
--
Hidehiro Kawai
Hitachi, Systems Development Laboratory
Linux Technology Center
WARNING: multiple messages have this Message-ID (diff)
From: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
To: Wu Fengguang <fengguang.wu@intel.com>
Cc: Andi Kleen <andi@firstfloor.org>, "tytso@mit.edu" <tytso@mit.edu>,
"hch@infradead.org" <hch@infradead.org>,
"mfasheh@suse.com" <mfasheh@suse.com>,
"aia21@cantab.net" <aia21@cantab.net>,
"hugh.dickins@tiscali.co.uk" <hugh.dickins@tiscali.co.uk>,
"swhiteho@redhat.com" <swhiteho@redhat.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"npiggin@suse.de" <npiggin@suse.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Satoshi OSHIMA <satoshi.oshima.fk@hitachi.com>,
Taketoshi Sakuraba <taketoshi.sakuraba.hc@hitachi.com>
Subject: Re: [PATCH] [16/19] HWPOISON: Enable .remove_error_page for migration aware file systems
Date: Tue, 11 Aug 2009 12:48:36 +0900 [thread overview]
Message-ID: <4A80EA14.4030300@hitachi.com> (raw)
In-Reply-To: <20090810070745.GA26533@localhost>
Wu Fengguang wrote:
>>However, we have a way to avoid this kind of data corruption at
>>least for ext3. If we mount an ext3 filesystem with data=ordered
>>and data_err=abort, all I/O errors on file data block belonging to
>>the committing transaction are checked. When I/O error is found,
>>abort journaling and remount the filesystem with read-only to
>>prevent further updates. This kind of feature is very important
>>for mission critical systems.
>
> Agreed. We also set PG_error, which should be enough to trigger such
> remount?
ext3 doesn't check PG_error. Maybe we need to do:
1. trylock_buffer()
2. if step 1. succeeds, then clear_buffer_dirty(),
clear_buffer_uptodate(), and set_buffer_write_io_error()
Note that we can't truncate the corrupted page until the error
check is done by kjournald.
>>If we merge this patch, we would face the data corruption problem
>>again.
>>
>>I think there are three options,
>>
>>(1) drop this patch
>>(2) merge this patch with new panic_on_dirty_page_cache_corruption
>> sysctl
>>(3) implement a more sophisticated error_remove_page function
>
> In fact we proposed a patch for preventing the re-corruption case, see
>
> http://lkml.org/lkml/2009/6/11/294
>
> However it is hard to answer the (policy) question "How sticky should
> the EIO bit remain?".
It's a good approach! This approach may also solve my concern,
the re-corruption issue caused by transient IO errors.
But I also think it needs a bit more consideration. For example,
if the application has the valid data in the user space buffer,
it would try to re-write it after detecting an IO error from the
previous write. In this case, we should clear the sticky error flag.
Thanks,
--
Hidehiro Kawai
Hitachi, Systems Development Laboratory
Linux Technology Center
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2009-08-11 12:00 UTC|newest]
Thread overview: 106+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-05 9:36 [PATCH] [0/19] HWPOISON: Intro Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [1/19] HWPOISON: Add page flag for poisoned pages Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [2/19] HWPOISON: Export some rmap vma locking to outside world Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [3/19] HWPOISON: Add support for poison swap entries v2 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [4/19] HWPOISON: Add new SIGBUS error codes for hardware poison signals Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [5/19] HWPOISON: Add basic support for poisoned pages in fault handler v3 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [6/19] HWPOISON: Add various poison checks in mm/memory.c v2 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [7/19] HWPOISON: x86: Add VM_FAULT_HWPOISON handling to x86 page fault handler v2 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [8/19] HWPOISON: Use bitmask/action code for try_to_unmap behaviour Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [9/19] HWPOISON: Handle hardware poisoned pages in try_to_unmap Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [10/19] HWPOISON: check and isolate corrupted free pages v2 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [11/19] HWPOISON: Refactor truncate to allow direct truncating of page v2 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 10:20 ` Nick Piggin
2009-08-05 10:20 ` Nick Piggin
2009-08-05 12:37 ` Wu Fengguang
2009-08-05 12:37 ` Wu Fengguang
2009-08-05 13:46 ` Andi Kleen
2009-08-05 13:46 ` Andi Kleen
2009-08-05 14:01 ` Nick Piggin
2009-08-05 14:01 ` Nick Piggin
2009-08-05 14:10 ` Andi Kleen
2009-08-05 14:10 ` Andi Kleen
2009-08-05 14:16 ` Nick Piggin
2009-08-05 14:16 ` Nick Piggin
2009-08-05 14:41 ` Andi Kleen
2009-08-05 14:41 ` Andi Kleen
2009-08-05 14:44 ` Nick Piggin
2009-08-05 14:44 ` Nick Piggin
2009-08-05 15:00 ` Matthew Wilcox
2009-08-05 15:00 ` Matthew Wilcox
2009-08-06 11:48 ` Martin Schwidefsky
2009-08-06 11:48 ` Martin Schwidefsky
2009-08-06 12:04 ` Andi Kleen
2009-08-06 12:04 ` Andi Kleen
2009-08-05 15:12 ` Wu Fengguang
2009-08-05 15:12 ` Wu Fengguang
2009-08-05 9:36 ` [PATCH] [12/19] HWPOISON: Add invalidate_inode_page Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [13/19] HWPOISON: Define a new error_remove_page address space op for async truncation Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [14/19] HWPOISON: Add PR_MCE_KILL prctl to control early kill behaviour per process Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [15/19] HWPOISON: The high level memory error handler in the VM v7 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [16/19] HWPOISON: Enable .remove_error_page for migration aware file systems Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 11:12 ` Christoph Hellwig
2009-08-05 11:12 ` Christoph Hellwig
2009-08-05 11:52 ` Wu Fengguang
2009-08-05 11:52 ` Wu Fengguang
2009-08-05 13:50 ` Andi Kleen
2009-08-05 13:50 ` Andi Kleen
2009-08-10 6:36 ` Hidehiro Kawai
2009-08-10 6:36 ` Hidehiro Kawai
2009-08-10 7:07 ` Wu Fengguang
2009-08-10 7:07 ` Wu Fengguang
2009-08-11 3:48 ` Hidehiro Kawai [this message]
2009-08-11 3:48 ` Hidehiro Kawai
2009-08-11 6:59 ` Andi Kleen
2009-08-11 6:59 ` Andi Kleen
2009-08-11 12:38 ` Wu Fengguang
2009-08-11 12:38 ` Wu Fengguang
2009-08-10 7:44 ` Andi Kleen
2009-08-10 7:44 ` Andi Kleen
2009-08-11 3:50 ` Hidehiro Kawai
2009-08-11 3:50 ` Hidehiro Kawai
2009-08-11 7:17 ` Andi Kleen
2009-08-11 7:17 ` Andi Kleen
2009-08-12 2:49 ` Hidehiro Kawai
2009-08-12 2:49 ` Hidehiro Kawai
2009-08-12 7:46 ` Andi Kleen
2009-08-12 7:46 ` Andi Kleen
2009-08-12 9:52 ` Hidehiro Kawai
2009-08-12 9:52 ` Hidehiro Kawai
2009-08-12 10:16 ` Andi Kleen
2009-08-12 10:16 ` Andi Kleen
2009-08-12 8:05 ` Nick Piggin
2009-08-12 8:05 ` Nick Piggin
2009-08-12 8:23 ` Andi Kleen
2009-08-12 8:23 ` Andi Kleen
2009-08-12 8:46 ` Nick Piggin
2009-08-12 8:46 ` Nick Piggin
2009-08-12 8:57 ` Andi Kleen
2009-08-12 8:57 ` Andi Kleen
2009-08-12 9:05 ` Nick Piggin
2009-08-12 9:05 ` Nick Piggin
2009-08-12 9:39 ` Wu Fengguang
2009-08-12 9:39 ` Wu Fengguang
2009-08-05 9:36 ` [PATCH] [17/19] HWPOISON: Enable error_remove_page for NFS Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [18/19] HWPOISON: Add madvise() based injector for hardware poisoned pages v3 Andi Kleen
2009-08-05 9:36 ` Andi Kleen
2009-08-05 9:36 ` [PATCH] [19/19] HWPOISON: Add simple debugfs interface to inject hwpoison on arbitary PFNs Andi Kleen
2009-08-05 9:36 ` Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A80EA14.4030300@hitachi.com \
--to=hidehiro.kawai.ez@hitachi.com \
--cc=aia21@cantab.net \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=fengguang.wu@intel.com \
--cc=hch@infradead.org \
--cc=hugh.dickins@tiscali.co.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mfasheh@suse.com \
--cc=npiggin@suse.de \
--cc=satoshi.oshima.fk@hitachi.com \
--cc=swhiteho@redhat.com \
--cc=taketoshi.sakuraba.hc@hitachi.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.