From: Andrew Morton <akpm@linux-foundation.org>
To: Jan Kara <jack@suse.cz>
Cc: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com>,
sct@redhat.com, adilger@sun.com, linux-kernel@vger.kernel.org,
linux-ext4@vger.kernel.org, jbacik@redhat.com, cmm@us.ibm.com,
tytso@mit.edu, yumiko.sugita.yf@hitachi.com,
satoshi.oshima.fk@hitachi.com
Subject: Re: [PATCH 1/5] jbd: strictly check for write errors on data buffers
Date: Wed, 4 Jun 2008 11:19:11 -0700 [thread overview]
Message-ID: <20080604111911.c1fe09c6.akpm@linux-foundation.org> (raw)
In-Reply-To: <20080604101925.GB16572@duck.suse.cz>
On Wed, 4 Jun 2008 12:19:25 +0200 Jan Kara <jack@suse.cz> wrote:
> On Tue 03-06-08 15:30:50, Andrew Morton wrote:
> > On Mon, 02 Jun 2008 19:43:57 +0900
> > Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> wrote:
> >
> > >
> > > In ordered mode, we should abort journaling when an I/O error has
> > > occurred on a file data buffer in the committing transaction.
> >
> > Why should we do that?
> I see two reasons:
> 1) If fs below us is returning IO errors, we don't really know how severe
> it is so it's safest to stop accepting writes. Also user notices the
> problem early this way. I agree that with the growing size of disks and
> thus probability of seeing IO error, we should probably think of something
> cleverer than this but aborting seems better than just doing nothing.
>
> 2) If the IO error is just transient (i.e., link to NAS is disconnected for
> a while), we would silently break ordering mode guarantees (user could be
> able to see old / uninitialized data).
>
Does any other filesystem driver turn the fs read-only on the first
write-IO-error?
It seems like a big policy change to me. For a lot of applications
it's effectively a complete outage and people might get a bit upset if
this happens on the first blip from their NAS.
<waves vigorously at linux-ext4 people>
next prev parent reply other threads:[~2008-06-04 18:32 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-02 10:40 [PATCH 0/5] jbd: possible filesystem corruption fixes (take 2) Hidehiro Kawai
2008-06-02 10:43 ` [PATCH 1/5] jbd: strictly check for write errors on data buffers Hidehiro Kawai
2008-06-03 22:30 ` Andrew Morton
2008-06-04 10:19 ` Jan Kara
2008-06-04 18:19 ` Andrew Morton [this message]
2008-06-04 21:22 ` Theodore Tso
2008-06-04 21:58 ` Andrew Morton
2008-06-04 22:51 ` Theodore Tso
2008-06-05 9:35 ` Jan Kara
2008-06-05 11:33 ` Hidehiro Kawai
2008-06-05 14:29 ` Theodore Tso
2008-06-05 16:20 ` Andrew Morton
2008-06-05 18:49 ` Andreas Dilger
2008-06-09 10:09 ` Hidehiro Kawai
2008-06-11 12:35 ` Jan Kara
2008-06-12 13:19 ` Hidehiro Kawai
2008-06-05 3:28 ` Mike Snitzer
2008-06-04 21:58 ` Andreas Dilger
2008-06-04 10:53 ` Hidehiro Kawai
2008-06-02 10:45 ` [PATCH 2/5] jbd: ordered data integrity fix Hidehiro Kawai
2008-06-02 11:59 ` Jan Kara
2008-06-03 22:33 ` Andrew Morton
2008-06-04 10:55 ` Hidehiro Kawai
2008-06-02 10:46 ` [PATCH 3/5] jbd: abort when failed to log metadata buffers Hidehiro Kawai
2008-06-02 12:00 ` Jan Kara
2008-06-03 22:35 ` Andrew Morton
2008-06-04 10:57 ` Hidehiro Kawai
2008-06-02 10:47 ` [PATCH 4/5] jbd: fix error handling for checkpoint io Hidehiro Kawai
2008-06-02 12:44 ` Jan Kara
2008-06-03 4:31 ` Hidehiro Kawai
2008-06-03 4:40 ` Hidehiro Kawai
2008-06-03 5:11 ` Hidehiro Kawai
2008-06-03 5:20 ` Andrew Morton
2008-06-03 8:02 ` Jan Kara
2008-06-23 11:14 ` Hidehiro Kawai
2008-06-23 12:22 ` Jan Kara
2008-06-24 11:52 ` Hidehiro Kawai
2008-06-24 13:33 ` Jan Kara
2008-06-27 8:06 ` Hidehiro Kawai
2008-06-27 10:24 ` Jan Kara
2008-06-30 5:09 ` Hidehiro Kawai
2008-07-07 10:07 ` Jan Kara
2008-06-02 10:48 ` [PATCH 5/5] ext3: abort ext3 if the journal has aborted Hidehiro Kawai
2008-06-02 12:49 ` Jan Kara
2008-06-02 12:05 ` [PATCH 0/5] jbd: possible filesystem corruption fixes (take 2) Jan Kara
2008-06-03 4:30 ` Hidehiro Kawai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080604111911.c1fe09c6.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=adilger@sun.com \
--cc=cmm@us.ibm.com \
--cc=hidehiro.kawai.ez@hitachi.com \
--cc=jack@suse.cz \
--cc=jbacik@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=satoshi.oshima.fk@hitachi.com \
--cc=sct@redhat.com \
--cc=tytso@mit.edu \
--cc=yumiko.sugita.yf@hitachi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox