From: Dave Chinner <david@fromorbit.com>
To: Theodore Ts'o <tytso@mit.edu>
Cc: Eric Sandeen <sandeen@redhat.com>,
Ext4 Developers List <linux-ext4@vger.kernel.org>
Subject: Re: [PATCH] ext4: add ratelimiting to ext4 messages
Date: Mon, 21 Oct 2013 10:15:40 +1100 [thread overview]
Message-ID: <20131020231540.GA16161@dastard> (raw)
In-Reply-To: <20131020111800.GA31086@thunk.org>
On Sun, Oct 20, 2013 at 07:18:00AM -0400, Theodore Ts'o wrote:
> On Sat, Oct 19, 2013 at 06:04:55PM -0500, Eric Sandeen wrote:
> > > When xfs "shuts down" the file system, it doesn't allow any read or
> > > write accesses, right? So it's basically an even stronger version of
> > > errors=remount-ro. We should perhaps discuss whether it would be
> > > better to squelch errors if we've remounted the file system read-only,
> > > or whether we should implement a complete shutdown errors option.
> >
> > Yeah, there is no errors=continue type option, that is probably too
> > dangerous in general for the majority of users.
>
> What I was asking was whether it might make sense for us to implement
> a errors=shutdown-fs option which causes all read operations (in
> addition to write operations) to immediately return EIO. That would
> certainly reduce the error flood risk, but if you did this on the root
> file system, you might as well set errors=panic. This is what XFS's
> default behavior on fserrors, correct?
No. XFS's behaviour is dependent on the context the error occurs in.
If it's a fatal or corruption inducing error, then it shuts down and
returns errors to any attempt to read, write or modify anything in
the filesystem. If the error is not fatal, then XFS behaves like
errors=continue.
IOWs, if you read a directory and trip over a corruption, the XFS
filesystem will not shut down - it will just throw the
EFSCORRUPTED/EIO error back to userspace and log it. However, if you
are trying to modify that directory, and the IO error occurs after
modifications have already been made to the directory but are not
yet committed, then that's a fatal error and a shutdown will occur.
i.e. IO errors in metadata are only fatal if we can't back out
cleanly, otherwise they are simply logged and reported to userspace
like any other IO error during a data read...
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
next prev parent reply other threads:[~2013-10-20 23:15 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-18 1:28 [PATCH] ext4: add ratelimiting to ext4 messages Theodore Ts'o
2013-10-18 13:08 ` Lukáš Czerner
2013-10-18 14:08 ` Eric Sandeen
2013-10-18 18:59 ` Theodore Ts'o
2013-10-19 23:04 ` Eric Sandeen
2013-10-20 11:18 ` Theodore Ts'o
2013-10-20 23:15 ` Dave Chinner [this message]
2013-10-21 9:43 ` Zheng Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131020231540.GA16161@dastard \
--to=david@fromorbit.com \
--cc=linux-ext4@vger.kernel.org \
--cc=sandeen@redhat.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).