From: Kai Krakow <hurikhan77@gmail.com>
To: linux-btrfs@vger.kernel.org
Subject: Re: 4.11 relocate crash, null pointer + rolling back a filesystem by X hours?
Date: Tue, 2 May 2017 21:53:40 +0200 [thread overview]
Message-ID: <20170502215340.5b0fe86f@jupiter.sol.kaishome.de> (raw)
In-Reply-To: pan$e2463$2d3d82e9$144941f3$9eeef2a4@cox.net
Am Tue, 2 May 2017 05:01:02 +0000 (UTC)
schrieb Duncan <1i5t5.duncan@cox.net>:
> Of course on-list I'm somewhat known for my arguments propounding the
> notion that any filesystem that's too big to be practically
> maintained (including time necessary to restore from backups, should
> that be necessary for whatever reason) is... too big... and should
> ideally be broken along logical and functional boundaries into a
> number of individual smaller filesystems until such point as each one
> is found to be practically maintainable within a reasonably practical
> time frame. Don't put all the eggs in one basket, and when the bottom
> of one of those baskets inevitably falls out, most of your eggs will
> be safe in other baskets. =:^)
Hehe... Yes, you're a fan of small filesystems. I'm more from the
opposite camp, preferring one big filesystem to not mess around with
size constraints of small filesystems fighting for the same volume
space. It also gives such filesystems better chances for data locality
of data staying in totally different parts across your fs mounts and
can reduce head movement. Of course, much of this is not true if you
use different devices per filesystem, or use SSDs, or SAN where you
have no real control over the physical placement of image stripes
anyway. But well...
In an ideal world, subvolumes of btrfs would be totally independent of
each other, just only share the same volume and dynamically allocating
chunks of space from it. If one is broken, it is simply not usable and
it should be destroyable. A garbage collector would grab the leftover
chunks from the subvolume and free them, and you could recreate this
subvolume from backup. In reality, shared extents will cross subvolume
borders so it is probably not how things could work anytime in the near
of far future.
This idea is more like having thinly provisioned LVM volumes which
allocate space as the filesystems on top need them, much like doing
thinly provisioned images with a VM host system. The problem here is,
unlike subvolumes, those chunks of space could never be given back to
the host as it doesn't know if it is still in use. Of course, there's
implementations available which allow thinning the images by passing
through TRIM from the guest to the host (or by other means of
communication channels between host and guest), but that is usually not
giving good performance, if even supported.
I tried once to exploit this in VirtualBox and hoped it would translate
guest discards into hole punching requests on the host, and it's even
documented to work that way... But (a) it was horrible slow, and (b) it
was incredibly unstable to the point of being useless. OTOH, it's not
announced as a stable feature and has to be enabled by manually editing
the XML config files.
But I still like the idea: Is it possible to make btrfs still work if
one subvolume gets corrupted? Of course it should have ways of telling
the user which other subvolumes are interconnected through shared
extents so those would be also discarded upon corruption cleanup - at
least if those extents couldn't be made any sense of any longer. Since
corruption is an issue mostly of subvolumes being written to, snapshots
should be mostly safe.
Such a feature would also only make sense if btrfs had an online repair
tool. BTW, are there plans for having an online repair tool in the
future? Maybe one that only scans and fixes part of the filesystems
(for obvious performance reasons, wrt Duncans idea of handling
filesystems), i.e. those parts that the kernel discovered having
corruptions? If I could then just delete and restore affected files,
this would be even better than having independent subvolumes like above.
--
Regards,
Kai
Replies to list-only preferred.
next prev parent reply other threads:[~2017-05-02 20:00 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-20 14:39 4.11.3: BTRFS critical (device dm-1): unable to add free space :-17 => btrfs check --repair runs clean Marc MERLIN
2017-06-20 15:23 ` Hugo Mills
2017-06-20 15:26 ` Marc MERLIN
2017-06-20 15:36 ` Hugo Mills
2017-06-20 15:44 ` Marc MERLIN
2017-06-20 23:12 ` Marc MERLIN
2017-06-20 23:58 ` Marc MERLIN
2017-06-21 3:31 ` Chris Murphy
2017-06-21 3:43 ` Marc MERLIN
2017-06-21 15:13 ` How to fix errors that check --mode lomem finds, but --mode normal doesn't? Marc MERLIN
2017-06-21 23:22 ` Chris Murphy
2017-06-22 0:48 ` Marc MERLIN
2017-06-22 2:22 ` Qu Wenruo
2017-06-22 2:53 ` Marc MERLIN
2017-06-22 4:08 ` Qu Wenruo
2017-06-23 4:06 ` Marc MERLIN
2017-06-23 8:54 ` Lu Fengqi
2017-06-23 16:17 ` Marc MERLIN
2017-06-24 2:34 ` Marc MERLIN
2017-06-26 10:46 ` Lu Fengqi
2017-06-27 23:11 ` Marc MERLIN
2017-06-28 7:10 ` Lu Fengqi
2017-06-28 14:43 ` Marc MERLIN
2017-05-01 17:06 ` 4.11 relocate crash, null pointer Marc MERLIN
2017-05-01 18:08 ` 4.11 relocate crash, null pointer + rolling back a filesystem by X hours? Marc MERLIN
2017-05-02 1:50 ` Chris Murphy
2017-05-02 3:23 ` Marc MERLIN
2017-05-02 4:56 ` Chris Murphy
2017-05-02 5:11 ` Marc MERLIN
2017-05-02 18:47 ` btrfs check --repair: failed to repair damaged filesystem, aborting Marc MERLIN
2017-05-03 6:00 ` Marc MERLIN
2017-05-03 6:17 ` Marc MERLIN
2017-05-03 6:32 ` Roman Mamedov
2017-05-03 20:40 ` Marc MERLIN
2017-07-07 5:37 ` ctree.c:197: update_ref_for_cow: BUG_ON `ret` triggered, value -5 Marc MERLIN
2017-07-07 5:39 ` Marc MERLIN
2017-07-07 9:33 ` Lu Fengqi
2017-07-07 16:38 ` Marc MERLIN
2017-07-09 4:34 ` 4.11.6 / more corruption / root 15455 has a root item with a more recent gen (33682) compared to the found root node (0) Marc MERLIN
2017-07-09 5:05 ` We really need a better/working btrfs check --repair Marc MERLIN
2017-07-09 6:34 ` 4.11.6 / more corruption / root 15455 has a root item with a more recent gen (33682) compared to the found root node (0) Marc MERLIN
2017-07-09 7:57 ` Martin Steigerwald
2017-07-09 9:16 ` Paul Jones
2017-07-09 11:17 ` Duncan
2017-07-09 13:00 ` Martin Steigerwald
2017-07-29 19:29 ` Imran Geriskovan
2017-07-29 23:38 ` Duncan
2017-07-30 14:54 ` Imran Geriskovan
2017-07-31 4:53 ` Duncan
2017-07-31 20:32 ` Imran Geriskovan
2017-08-01 1:36 ` Duncan
2017-08-01 15:18 ` Imran Geriskovan
2017-07-31 21:07 ` Ivan Sizov
2017-07-31 21:17 ` Marc MERLIN
2017-07-31 21:39 ` Ivan Sizov
2017-08-01 16:41 ` Ivan Sizov
2017-07-31 22:00 ` Justin Maggard
2017-08-01 6:38 ` Marc MERLIN
2017-05-02 19:59 ` 4.11 relocate crash, null pointer + rolling back a filesystem by X hours? Kai Krakow
2017-05-02 5:01 ` Duncan
2017-05-02 19:53 ` Kai Krakow [this message]
2017-05-23 16:58 ` Marc MERLIN
2017-05-24 10:16 ` Duncan
2017-05-05 1:19 ` Qu Wenruo
2017-05-05 2:10 ` Qu Wenruo
2017-05-05 2:40 ` Marc MERLIN
2017-05-05 5:03 ` Qu Wenruo
2017-05-05 15:43 ` Marc MERLIN
2017-05-17 18:23 ` Kai Krakow
2017-05-05 1:13 ` Qu Wenruo
2017-06-29 13:36 ` How to fix errors that check --mode lomem finds, but --mode normal doesn't? Lu Fengqi
2017-06-29 15:30 ` Marc MERLIN
2017-06-30 14:59 ` Lu Fengqi
2017-06-22 4:08 ` Qu Wenruo
2017-06-21 12:04 ` 4.11.3: BTRFS critical (device dm-1): unable to add free space :-17 => btrfs check --repair runs clean Duncan
2017-06-21 3:26 ` Chris Murphy
2017-06-21 4:06 ` Marc MERLIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170502215340.5b0fe86f@jupiter.sol.kaishome.de \
--to=hurikhan77@gmail.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.