linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jakob Oestergaard <jakob@unthought.net>
To: "Stephen C. Tweedie" <sct@redhat.com>
Cc: linux-kernel@vger.kernel.org, Andrew Morton <akpm@zip.com.au>
Subject: Re: jbd bug(s) (?)
Date: Thu, 26 Sep 2002 14:21:24 +0200	[thread overview]
Message-ID: <20020926122124.GS2442@unthought.net> (raw)
In-Reply-To: <20020925173605.A12911@redhat.com>

On Wed, Sep 25, 2002 at 05:36:05PM +0100, Stephen C. Tweedie wrote:
> Hi,
..
> > Isn't this a problem ?
> 
> Nah.  In fact I should just remove the loop entirely.  For commit
> processing, only the header at the very, very start of a commit block
> is cared about --- that way, we get atomic commits even if the commit
> block is partially written out-of-order on disk.  As long as sector
> writes within the fs block are atomic, the header remains intact.

Ok, fair enough.

The loop (which performs a number of repeated identical writes to the
*same* location) along with the comment does look pretty scary though

  8)

> 
> > The jbd superblocks contains an index into the journal for the first
> > transaction - but there is only *one* copy of the index, and there is no
> > reasonable way to detect if it got written correctly to disk.
> > 
> > If the system loses power while updating the superblock, and only *half*
> > of this index is written correctly, we have a journal which we cannot
> > reach.
> 
> Again, only the data in the first sector matters there, and we assume
> that disks write individual sectors atomically, or return IO failure
> if things get messed up.

Yep - so does Reiser. I originally believed that this was not the case
with modern disks, but I think I was corrected on that one in the Reiser
bug thread   :)

...
> > Sort of removes the point of having the journal in the first place. (If
> > my above assertion is true).
> 
> Actually, the number of single points of failure in a filesystem is
> huge.
[snip]

Originally it was my impression that the index was written fairly
frequently, *and* that you did not have the atomic-sector-write
guarantee.

That's why I was very worried.

> So if we detect incomplete sector writes, we can recover by forcing a
> fsck, but if you want to be able to survive actual data loss, you need
> raid.

RAID wouldn't save me in the case where the journal index is screwed due
to a partial sector write and a power loss.

But anyway, that is a moot point  :)


Thank you for explaining,

(/me hopes the scary-loop dies  ;)

-- 
................................................................
:   jakob@unthought.net   : And I see the elder races,         :
:.........................: putrid forms of man                :
:   Jakob Østergaard      : See him rise and claim the earth,  :
:        OZ9ABN           : his downfall is at hand.           :
:.........................:............{Konkhra}...............:

  reply	other threads:[~2002-09-26 12:16 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-09-24  7:21 jbd bug(s) (?) Jakob Oestergaard
2002-09-25 16:36 ` Stephen C. Tweedie
2002-09-26 12:21   ` Jakob Oestergaard [this message]
2002-09-26 12:27     ` Stephen C. Tweedie
2002-09-26 12:56       ` Jakob Oestergaard
2002-09-26 13:44         ` Theodore Ts'o
2002-09-26 14:05           ` Christoph Hellwig
2002-09-26 14:25             ` Theodore Ts'o
2002-09-26 14:41               ` Christoph Hellwig

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20020926122124.GS2442@unthought.net \
    --to=jakob@unthought.net \
    --cc=akpm@zip.com.au \
    --cc=linux-kernel@vger.kernel.org \
    --cc=sct@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).