From: "Theodore Ts'o" <tytso@mit.edu>
To: David Laight <David.Laight@aculab.com>
Cc: "'Nikolai Zhubr'" <zhubr.2@gmail.com>,
"linux-ext4@vger.kernel.org" <linux-ext4@vger.kernel.org>,
"stable@vger.kernel.org" <stable@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"jack@suse.cz" <jack@suse.cz>
Subject: Re: ext4 damage suspected in between 5.15.167 - 5.15.170
Date: Mon, 16 Dec 2024 14:31:04 -0500 [thread overview]
Message-ID: <20241216193104.GB78919@mit.edu> (raw)
In-Reply-To: <229641a5c7f046b282c151cb1c6b9110@AcuMS.aculab.com>
On Mon, Dec 16, 2024 at 03:16:00PM +0000, David Laight wrote:
> ....
> > > The location of block allocation bitmaps never gets changed, so this
> > > sort of thing only happens due to hardware-induced corruption.
> >
> > Well, unless e.g. some modified sectors start being flushed to random
> > wrong offsets, like in [1] above, or something similar.
Well in the bug that you referenced in [1], what was happening was
that data could get written to the wrong offset in the file under
certain race conditions. This would not be the case of data block
getting written over some metadata block like the block group
descriptors.
Sectors getting written to the wrong LBA's do happen; there's a reason
why enterprise databases include a checksum in every 4k database
block. But the root cause of that generally tends to be a bit getting
flipped in the LBA number when it is being sent from the CPU to the
Controller to the storage device. It's rare, but when it does happen,
it is more often than not hardware-induced --- and again, one of those
things where RAID won't necessarily save you.
> Or cutting the power in the middle of SSD 'wear levelling'.
>
> I've seen a completely trashed disk (sectors in completely the
> wrong places) after an unexpected power cut.
Sure, but that falls in the category of hardware-induced corruption.
There have been non-power-fail certified SSD which have their flash
translation metadata so badly corrupted that you lose everything
(there's a reason why professional photographers use dual SDcard
slots, and some may use duct tape to make sure the battery access door
won't fly open if their camera gets dropped).
- Ted
prev parent reply other threads:[~2024-12-16 19:31 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-12 18:31 ext4 damage suspected in between 5.15.167 - 5.15.170 Nikolai Zhubr
2024-12-12 19:16 ` Theodore Ts'o
2024-12-13 10:49 ` Nikolai Zhubr
2024-12-13 16:12 ` Theodore Ts'o
2024-12-14 19:58 ` Nikolai Zhubr
2024-12-16 12:59 ` Jan Kara
2024-12-16 15:16 ` David Laight
2024-12-16 19:31 ` Theodore Ts'o [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241216193104.GB78919@mit.edu \
--to=tytso@mit.edu \
--cc=David.Laight@aculab.com \
--cc=jack@suse.cz \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=zhubr.2@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox