From: Stan Hoeppner <stan@hardwarefreak.com>
To: Ric Wheeler <rwheeler@redhat.com>
Cc: Julien FERRERO <jferrero06@gmail.com>, xfs@oss.sgi.com
Subject: Re: XFS filesystem corruption
Date: Fri, 08 Mar 2013 12:59:22 -0600 [thread overview]
Message-ID: <513A350A.508@hardwarefreak.com> (raw)
In-Reply-To: <5139D792.4090304@redhat.com>
On 3/8/2013 6:20 AM, Ric Wheeler wrote:
> On 03/08/2013 03:39 AM, Stan Hoeppner wrote:
>> On 3/6/2013 5:12 PM, Ric Wheeler wrote:
>>
>>> We actually test brutal "Power off" for xfs, ext4 and other file
>>> systems. If your storage is configured properly and you have barriers
>>> enabled, they all pass without corruption.
I think you missed the context. Please reread this:
>> Something that none of us mentioned WRT write barriers is that while the
>> filesystem structure may avoid corruption when the power is cut, files
>> may still be corrupted, in conditions such as any/all of these:
I made it very clear I was discussing file corruption here, not
filesystem corruption. You already covered that base. I was
specifically addressing the fact that XFS performs barriers on metadata
writes but not file data writes.
>> 1. unwritten data still in buffer cache
>
> This is true only for user data, not the file system metadata. We should
> always be able to drop power without seeing corruption (like the garbled
> ls output).
>
>> 2. drive caches are enabled
>
> Write barriers will take care of drives with write cache enabled, as
> long as the hardware RAID card is not in the middle and misleading us.
>
>> 3. BBWC not working properly
>
> This should not be a worry. If the battery (or in more modern cards,
> flash backed) is not working, a good card will flip into write through
> caching. Should be slow, but safe.
>
> Note that the write cache state on the drives is still a question mark -
> that needs to be disabled normally.
>
>>
>> If the techs are determined to hard cut power because they don't have
>> the time or the knowledge to do a clean shutdown, it may be well worth
>> your time/effort to write a script and teach the field techs to execute
>> it, before flipping the master switch. Your simple script would run as
>> root, or you'd need to do some sudo foo within, and would contain
>> something like:
>>
>> #! /bin/sh
>> sync
>> echo 2 > /proc/sys/vm/drop_caches
>> echo "Ready for power down."
>>
>> This will flush pending writes in buffer cache to disk, and assumes of
>> course that drive caches are disabled, and/or that BBWC, if present, is
>> functioning properly. It also assumes no applications are still
>> actively writing files, in which case you're screwed regardless. It's
>> not a perfect solution and there's no guarantee you won't suffer file
>> corruption, but this greatly increases your odds against it.
>>
>
> For file system *metadata* consistency, you should not have to do this
> ever if the stack is properly configured. The application data will
> still be lost.
>
> Also, if there are active writers, this is inherently racy. A better
> script would unmount the file systems :)
Yes, a umount would be even better.
--
Stan
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2013-03-08 18:59 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-06 15:08 XFS filesystem corruption Julien FERRERO
2013-03-06 15:15 ` Emmanuel Florac
2013-03-06 16:16 ` Julien FERRERO
2013-03-06 16:47 ` Ric Wheeler
2013-03-06 22:21 ` Emmanuel Florac
2013-03-06 23:12 ` Ric Wheeler
2013-03-07 13:15 ` Julien FERRERO
2013-03-07 13:40 ` Ric Wheeler
2013-03-07 23:22 ` Dave Chinner
2013-03-08 10:16 ` Julien FERRERO
2013-03-12 9:57 ` Martin Steigerwald
2013-03-08 8:39 ` Stan Hoeppner
2013-03-08 10:17 ` Julien FERRERO
2013-03-08 12:20 ` Ric Wheeler
2013-03-08 18:59 ` Stan Hoeppner [this message]
2013-03-09 9:11 ` Dave Chinner
2013-03-09 18:51 ` Stan Hoeppner
2013-03-10 22:45 ` Dave Chinner
2013-03-10 23:54 ` Stan Hoeppner
2013-03-11 0:50 ` Dave Chinner
2013-03-11 9:29 ` Stan Hoeppner
2013-03-11 22:45 ` Dave Chinner
2013-03-11 9:25 ` Julien FERRERO
2013-03-12 10:54 ` Emmanuel Florac
2013-03-12 10:42 ` Martin Steigerwald
2013-03-12 22:16 ` Stan Hoeppner
2013-03-07 3:56 ` Stan Hoeppner
2013-03-07 13:04 ` Julien FERRERO
2013-03-07 13:32 ` Stan Hoeppner
2013-03-10 2:50 ` Eric Sandeen
2013-03-10 22:11 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=513A350A.508@hardwarefreak.com \
--to=stan@hardwarefreak.com \
--cc=jferrero06@gmail.com \
--cc=rwheeler@redhat.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.