From: "Jun'ichi Nomura" <j-nomura@ce.jp.nec.com>
To: Andi Kleen <andi@firstfloor.org>
Cc: Theodore Ts'o <tytso@mit.edu>, Dave Chinner <david@fromorbit.com>,
"Luck, Tony" <tony.luck@intel.com>,
Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>,
"Kleen, Andi" <andi.kleen@intel.com>,
"Wu, Fengguang" <fengguang.wu@intel.com>,
Andrew Morton <akpm@linux-foundation.org>,
Jan Kara <jack@suse.cz>, Akira Fujita <a-fujita@rs.jp.nec.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"linux-ext4@vger.kernel.org" <linux-ext4@vger.kernel.org>
Subject: Re: [PATCH 2/3] ext4: introduce ext4_error_remove_page
Date: Mon, 29 Oct 2012 20:05:51 +0900 [thread overview]
Message-ID: <508E630F.2080800@ce.jp.nec.com> (raw)
In-Reply-To: <m27gq9r2cu.fsf@firstfloor.org>
On 10/29/12 19:37, Andi Kleen wrote:
> Theodore Ts'o <tytso@mit.edu> writes:
>> On Mon, Oct 29, 2012 at 12:16:32PM +1100, Dave Chinner wrote:
>>> Except that there are filesystems that cannot implement such flags,
>>> or require on-disk format changes to add more of those flags. This
>>> is most definitely not a filesystem specific behaviour, so any sort
>>> of VFS level per-file state needs to be kept in xattrs, not special
>>> flags. Filesystems are welcome to optimise the storage of such
>>> special xattrs (e.g. down to a single boolean flag in an inode), but
>>> using a flag for something that dould, in fact, storage the exactly
>>> offset and length of the corruption is far better than just storing
>>> a "something is corrupted in this file" bit....
>>
>> Agreed, if we're going to add an xattr, then we might as well store
>
> I don't think an xattr makes sense for this. It's sufficient to keep
> this state in memory.
>
> In general these error paths are hard to test and it's important
> to keep them as simple as possible. Doing IO and other complexities
> just doesn't make sense. Just have the simplest possible path
> that can do the job.
And since it's difficult to prove, I think it's nice to have an
option to panic if the memory error was on dirty page cache.
It's theoretically same as disk I/O error; dirty cache is marked invalid
and next read will go to disk.
Though in practice, the next read will likely to fail if disk was broken.
(Given that transient errors are usually recovered by retries and fail-overs
in storage stack and not visible to applications which don't care.)
So it's "consistent" in some sense.
OTOH, the next read will likely succeed reading old data from disk
in case of the memory error.
I'm afraid the read-after-write inconsistency could cause silent data
corruption.
--
Jun'ichi Nomura, NEC Corporation
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2012-10-29 11:07 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-25 15:12 [PATCH 0/3] HWPOISON: improve error_remove_page() Naoya Horiguchi
2012-10-25 15:12 ` [PATCH 1/3] mm: print out information of file affected by memory error Naoya Horiguchi
2012-10-25 19:32 ` Jan Kara
2012-10-25 20:34 ` Naoya Horiguchi
2012-10-25 15:12 ` [PATCH 2/3] ext4: introduce ext4_error_remove_page Naoya Horiguchi
2012-10-25 19:39 ` Jan Kara
2012-10-26 6:12 ` Theodore Ts'o
2012-10-26 16:55 ` Luck, Tony
2012-10-26 18:46 ` Theodore Ts'o
2012-10-26 22:24 ` Luck, Tony
2012-10-27 22:16 ` Theodore Ts'o
2012-10-28 1:57 ` Naoya Horiguchi
2012-10-29 1:16 ` Dave Chinner
2012-10-29 2:40 ` Theodore Ts'o
2012-10-29 10:37 ` Andi Kleen
2012-10-29 11:05 ` Jun'ichi Nomura [this message]
2012-10-29 18:24 ` Theodore Ts'o
2012-10-29 18:55 ` Jan Kara
2012-10-29 19:07 ` Andi Kleen
2012-10-29 21:47 ` Naoya Horiguchi
2012-10-30 0:00 ` Jun'ichi Nomura
2012-10-29 18:11 ` Luck, Tony
2012-10-31 0:21 ` Dave Chinner
2012-10-26 18:50 ` Naoya Horiguchi
2012-10-25 15:12 ` [PATCH 3/3] ext3: introduce ext3_error_remove_page Naoya Horiguchi
2012-10-25 19:45 ` Jan Kara
2012-10-25 20:35 ` Naoya Horiguchi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=508E630F.2080800@ce.jp.nec.com \
--to=j-nomura@ce.jp.nec.com \
--cc=a-fujita@rs.jp.nec.com \
--cc=akpm@linux-foundation.org \
--cc=andi.kleen@intel.com \
--cc=andi@firstfloor.org \
--cc=david@fromorbit.com \
--cc=fengguang.wu@intel.com \
--cc=jack@suse.cz \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=n-horiguchi@ah.jp.nec.com \
--cc=tony.luck@intel.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox