Re: Question: errors=continue behaviour for failed external journal device

public inbox for linux-ext4@vger.kernel.org
 help / color / mirror / Atom feed

From: "Lukáš Czerner" <lczerner@redhat.com>
To: "Theodore Ts'o" <tytso@mit.edu>
Cc: Vlad Dobrotescu <vlad@dobrotescu.ca>, linux-ext4@vger.kernel.org
Subject: Re: Question: errors=continue behaviour for failed external journal device
Date: Mon, 28 Jul 2014 15:25:52 +0200 (CEST)	[thread overview]
Message-ID: <alpine.LFD.2.00.1407281522110.2077@localhost.localdomain> (raw)
In-Reply-To: <20140728131742.GP6725@thunk.org>

[-- Attachment #1: Type: TEXT/PLAIN, Size: 2239 bytes --]

On Mon, 28 Jul 2014, Theodore Ts'o wrote:

> Date: Mon, 28 Jul 2014 09:17:42 -0400
> From: Theodore Ts'o <tytso@mit.edu>
> To: Lukáš Czerner <lczerner@redhat.com>
> Cc: Vlad Dobrotescu <vlad@dobrotescu.ca>, linux-ext4@vger.kernel.org
> Subject: Re: Question: errors=continue behaviour for failed external journal
>     device
> 
> On Mon, Jul 28, 2014 at 11:11:45AM +0200, Lukáš Czerner wrote:
> > 
> > I very much agree with that, that's why I was quite surprised that I
> > found out recently that this is the default. I was living in the
> > delusion that the default was ERRORS_RO for as long as I can remember.
> > So my question is, should we change it ? This really does not seem
> > like a sane default.
> 
> Yeah, I've been thinking that this would be a good thing to change for
> 1.43.
> 
> The only reason that errors=continue was the default was for
> historical reasons.  I could imagine some system administrators being
> surprised when all of a sudden their production systems start getting
> lots of EROFS errors getting reported by applications.  So I could
> potentially imagine some Help Desks / Support folks at distributions
> not being enthusiastic about such a change.
> 
> Hmm.... we are starting to have some errors where we can allow the
> system to stagger on, even if we need to disallow new allocations in
> some block groups.  I wonder if it is worthwhile to have a "continue
> for correctable errors".  The danger, of course, is that some errors,
> even if they are correctable, (such as freeing a block which is
> already freed), could be a hint that there are other fs corruptions,
> not yet detected, that might lead to data loss if we reboot and fsck,
> or remount readonly right away.  So the question is while there is
> some value, is it worth the added complexity to add an
> "errors=continue-correctable" option?

Right,

I like the idea of the new errors option, even though the name is a
bit long (maybe "auto") which will try the best to continue, but is
allowed to remount read only if we can not recover from that error.

This would however need some work to make it work reliably and most
importantly a fair amount of testing. Though I think it's worth the
work.

-Lukas

> 
> 							- Ted

next prev parent reply	other threads:[~2014-07-28 13:26 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-07-26 23:07 Question: errors=continue behaviour for failed external journal device Vlad Dobrotescu
2014-07-27  0:07 ` Theodore Ts'o
2014-07-27  0:34   ` Vlad Dobrotescu
2014-07-27  1:07     ` Theodore Ts'o
2014-07-28  9:11   ` Lukáš Czerner
2014-07-28 13:17     ` Theodore Ts'o
2014-07-28 13:25       ` Lukáš Czerner [this message]
2014-07-28 13:31         ` Vlad Dobrotescu
2014-07-28 15:00           ` Theodore Ts'o
2014-07-28 16:09       ` Darrick J. Wong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=alpine.LFD.2.00.1407281522110.2077@localhost.localdomain \
    --to=lczerner@redhat.com \
    --cc=linux-ext4@vger.kernel.org \
    --cc=tytso@mit.edu \
    --cc=vlad@dobrotescu.ca \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox