[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.00.0908250829490.28411@asgard.lang.hm>
Date: Tue, 25 Aug 2009 08:34:46 -0700 (PDT)
From: david@...g.hm
To: Pavel Machek <pavel@....cz>
cc: Ric Wheeler <rwheeler@...hat.com>, Theodore Tso <tytso@....edu>,
Florian Weimer <fweimer@....de>,
Goswin von Brederlow <goswin-v-b@....de>,
Rob Landley <rob@...dley.net>,
kernel list <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...l.org>, mtk.manpages@...il.com,
rdunlap@...otime.net, linux-doc@...r.kernel.org,
linux-ext4@...r.kernel.org, corbet@....net
Subject: Re: [patch] ext2/3: document conditions when reliable operation is
possible
On Tue, 25 Aug 2009, Pavel Machek wrote:
> Hi!
>
>>>> If your concern is that with Linux MD, you could potentially lose an
>>>> entire stripe in RAID 5 mode, then you should say that explicitly; but
>>>> again, this isn't a filesystem specific cliam; it's true for all
>>>> filesystems. I don't know of any file system that can survive having
>>>> a RAID stripe-shaped-hole blown into the middle of it due to a power
>>>> failure.
>>>>
>>>
>>> Again, ext2 handles that in a way user expects it.
>>>
>>> At least I was teached "ext2 needs fsck after powerfail; ext3 can
>>> handle powerfails just ok".
>>
>> So, would you be happy if ext3 fsck was always run on reboot (at least
>> for flash devices)?
>
> For flash devices, MD Raid 5 and anything else that needs it; yes that
> would make me happy ;-).
the thing is that fsck would not fix the problem.
it may (if the data lost was metadata) detect the problem and tell you how
many files you have lost, but if the data lost was all in a data file you
would not detect it with a fsck
the only way you would detect the missing data is to read all the files on
the filesystem and detect that the data you are reading is wrong.
but how can you tell if the data you are reading is wrong?
on a flash drive, your read can return garbage, but how do you know that
garbage isn't the contents of the file?
on a degraded raid5 array you have no way to test data integrity, so when
the missing drive is replaced, the rebuild algorithm will calculate the
appropriate data to make the parity calculations work out and write
garbage to that drive.
David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists