From: liubo <liubo2009@cn.fujitsu.com>
To: Chris Mason <chris.mason@oracle.com>
Cc: Linux Btrfs <linux-btrfs@vger.kernel.org>
Subject: Re: [PATCH] Btrfs: forced readonly mounts on errors
Date: Tue, 18 Jan 2011 10:06:15 +0800 [thread overview]
Message-ID: <4D34F597.9020304@cn.fujitsu.com> (raw)
In-Reply-To: <1295293927-sup-5879@think>
On 01/18/2011 03:56 AM, Chris Mason wrote:
> Excerpts from liubo's message of 2011-01-06 06:30:25 -0500:
>> This patch comes from "Forced readonly mounts on errors" ideas.
>>
>> As we know, this is the first step in being more fault tolerant of disk
>> corruptions instead of just using BUG() statements.
>>
>> The major content:
>> - add a framework for generating errors that should result in filesystems
>> going readonly.
>> - keep FS state in disk super block.
>> - make sure that all of resource will be freed and released at umount time.
>> - make sure that after FS is forced readonly on error, there will be no more
>> disk change before FS is corrected. For this, we should stop write operation.
>>
>> After this patch is applied, the conversion from BUG() to such a framework can
>> happen incrementally.
>
> I think this is a good overall framework and it will meet our needs
> nicely as we scale up the error handling in the filesystem.
>
> One concern I have is where we save the error state to disk:
>
>> +static void __save_error_info(struct btrfs_fs_info *fs_info)
>> +{
>> + struct btrfs_super_block *disk_super = &fs_info->super_copy;
>> +
>> + fs_info->fs_state = BTRFS_SUPER_FLAG_ERROR;
>> + disk_super->flags |= cpu_to_le64(BTRFS_SUPER_FLAG_ERROR);
>> +
>> + mutex_lock(&fs_info->trans_mutex);
>> + memcpy(&fs_info->super_for_commit, disk_super,
>> + sizeof(fs_info->super_for_commit));
>> + mutex_unlock(&fs_info->trans_mutex);
>
> The super_for_commit isn't changed until we have a fully consistent set
> of fields in the super block. The super_copy is changed as the
> transaction progresses.
>
> So, this memcpy isn't quite safe. We should simply set the flag on the
> super_for_commit and the super_copy individually.
>
Got it, thanks for pointing it out.
> I'll make this change and pull it in. We can build from here.
>
Great!
thanks,
Liubo
> -chris
> --
> To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
prev parent reply other threads:[~2011-01-18 2:06 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4D24160C.6070900@cn.fujitsu.com>
[not found] ` <4D252E42.5060803@cn.fujitsu.com>
[not found] ` <4D258BC7.8040105@cn.fujitsu.com>
2011-01-06 11:30 ` [PATCH] Btrfs: forced readonly mounts on errors liubo
2011-01-17 19:56 ` Chris Mason
2011-01-18 2:06 ` liubo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D34F597.9020304@cn.fujitsu.com \
--to=liubo2009@cn.fujitsu.com \
--cc=chris.mason@oracle.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.