From: Dmitriy Gorokh <dmitriy.gorokh@gmail.com>
To: linux-btrfs@vger.kernel.org
Subject: [PATCH v2] btrfs: raid56: data corruption on a device removal
Date: Fri, 14 Dec 2018 20:48:50 +0300 [thread overview]
Message-ID: <CANYdAbLNAxoAXcxuC+ugpdhsCpTbh0zVjY3T5rtOcpVufnmWRA@mail.gmail.com> (raw)
In-Reply-To: <66F8D435-4E51-4761-B6CF-BA96F4BC5986@wdc.com>
RAID5 or RAID6 filesystem might get corrupted in the following scenario:
1. Create 4 disks RAID6 filesystem
2. Preallocate 16 10Gb files
3. Run fio: 'fio --name=testload --directory=./ --size=10G
--numjobs=16 --bs=64k --iodepth=64 --rw=randrw --verify=sha256
--time_based --runtime=3600’
4. After few minutes pull out two drives: 'echo 1 >
/sys/block/sdc/device/delete ; echo 1 > /sys/block/sdd/device/delete’
About 5 of 10 times the test is run, it led to a silent data
corruption of a random stripe, resulting in ‘IO Error’ and ‘csum
failed’ messages while trying to read the affected file. It usually
affects only small portion of the files.
It is possible that few bios which were being processed during the
drives removal, contained non zero bio->bi_iter.bi_done field despite
of EIO bi_status. bi_sector field was also increased from original one
by that 'bi_done' value. Looks like this is a quite rare condition.
Subsequently, in the raid_rmw_end_io handler that failed bio can be
translated to a wrong stripe number and fail wrong rbio.
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Dmitriy Gorokh <dmitriy.gorokh@wdc.com>
---
fs/btrfs/raid56.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index 3c8093757497..cd2038315feb 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -1451,6 +1451,12 @@ static int find_bio_stripe(struct btrfs_raid_bio *rbio,
struct btrfs_bio_stripe *stripe;
physical <<= 9;
+ /*
+ * Since the failed bio can return partial data, bi_sector might be
+ * incremented by that value. We need to revert it back to the
+ * state before the bio was submitted.
+ */
+ physical -= bio->bi_iter.bi_done;
for (i = 0; i < rbio->bbio->num_stripes; i++) {
stripe = &rbio->bbio->stripes[i];
--
2.17.0
next prev parent reply other threads:[~2018-12-14 17:49 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-12 0:25 [PATCH] btrfs: raid56: data corruption on a device removal Dmitriy Gorokh
2018-12-12 9:09 ` Johannes Thumshirn
2018-12-12 15:53 ` David Sterba
2018-12-14 17:48 ` Dmitriy Gorokh [this message]
2018-12-26 0:15 ` [PATCH v2] " Liu Bo
2019-01-04 16:49 ` David Sterba
2019-01-07 11:03 ` Johannes Thumshirn
2019-01-07 15:34 ` David Sterba
2019-01-10 16:49 ` Johannes Thumshirn
2019-01-11 8:08 ` Johannes Thumshirn
2019-01-11 9:26 ` Ming Lei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANYdAbLNAxoAXcxuC+ugpdhsCpTbh0zVjY3T5rtOcpVufnmWRA@mail.gmail.com \
--to=dmitriy.gorokh@gmail.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).