[Top] [All Lists]

Re: XFS filesystem corruption

To: Stan Hoeppner <stan@xxxxxxxxxxxxxxxxx>
Subject: Re: XFS filesystem corruption
From: Dave Chinner <david@xxxxxxxxxxxxx>
Date: Sat, 9 Mar 2013 20:11:52 +1100
Cc: Ric Wheeler <rwheeler@xxxxxxxxxx>, Julien FERRERO <jferrero06@xxxxxxxxx>, xfs@xxxxxxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <513A350A.508@xxxxxxxxxxxxxxxxx>
References: <CAPcwv6wZJSBtgF-L6KNSn6N6Y+wUZJFXdbcg+zYRwoaB2sDdjw@xxxxxxxxxxxxxx> <20130306161519.2c28d911@xxxxxxxxxxxxxx> <CAPcwv6wqv0b_CPqDpBfOwVDg23uBi=tpGQSy9XuH2uWS5oVMWQ@xxxxxxxxxxxxxx> <20130306232100.6286f640@xxxxxxxxxxxxxx> <5137CD46.6070909@xxxxxxxxxx> <5139A3B6.3040805@xxxxxxxxxxxxxxxxx> <5139D792.4090304@xxxxxxxxxx> <513A350A.508@xxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
On Fri, Mar 08, 2013 at 12:59:22PM -0600, Stan Hoeppner wrote:
> On 3/8/2013 6:20 AM, Ric Wheeler wrote:
> > On 03/08/2013 03:39 AM, Stan Hoeppner wrote:
> >> On 3/6/2013 5:12 PM, Ric Wheeler wrote:
> >>
> >>> We actually test brutal "Power off" for xfs, ext4 and other file
> >>> systems. If your storage is configured properly and you have barriers
> >>> enabled, they all pass without corruption.
> I think you missed the context.  Please reread this:
> >> Something that none of us mentioned WRT write barriers is that while the
> >> filesystem structure may avoid corruption when the power is cut, files
> >> may still be corrupted, in conditions such as any/all of these:
> I made it very clear I was discussing file corruption here, not
> filesystem corruption.  You already covered that base.  I was
> specifically addressing the fact that XFS performs barriers on metadata
> writes but not file data writes.

Actually, you're not correct there, either, Stan. ;)

XFS only issues cache flushes/FUA writes for log IO. Metadata IO is
done exactly the same way that data IO is done - without barriers.
It's because metadata lost in drive caches at the time of a crash is
rewritten by journal replay that filesystem corruption does not

As it is, if the application uses direct IO (likely, as it
sounds like video capture/editing/playout here) then log IO
will also ensure that the data written by the app is on disk (i.e.
that's ithe mechanism by which fsync works).

Hence even assumptions that there will be data loss are dependent on
how the application is doing it's IO....

> > Also, if there are active writers, this is inherently racy. A better
> > script would unmount the file systems :)
> Yes, a umount would be even better.

Change the bios so that the power button does not cause a power down
so the OS can capture the button event and trigger an orderly
shutdown. Laptops use power button events for all sorts of different
things (e.g. suspend rather than shutdown) and you can do exactly
the same sort of event triggered shutdown for any server or


Dave Chinner

<Prev in Thread] Current Thread [Next in Thread>