[jira] [Commented] (HDFS-7587) Edit log corruption can happen if append fails with a quota violation

Tue, 17 Mar 2015 19:21:07 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-7587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14366499#comment-14366499
 ] 

Tsz Wo Nicholas Sze commented on HDFS-7587:
-------------------------------------------

- In verifyQuotaForUCBlock,
-* let's add a precondition check to make sure delta >= 0 (for append).
-* It should check if (!fsd.getFSNamesystem().isImageLoaded() || 
fsd.shouldSkipQuotaChecks()); see FSDirConcatOp.verifyQuota and 
FSDirRenameOp.verifyQuotaForRename.

- We should also verity quota by storage types; see 
FSDirConcatOp.computeQuotaDeltas.

- For truncate, the quota should be updated differently as following:
-* Copy-on-truncate for snapshot: need quota check for creating the new block.  
Quota usage count is increased.
-* Non-copy-on-truncate OR Copy-on-truncate for upgrade but not snapshot: Quota 
usage count is decreased.  No quota check is needed.

Do you want to fix truncate in a different JIRA?


> Edit log corruption can happen if append fails with a quota violation
> ---------------------------------------------------------------------
>
>                 Key: HDFS-7587
>                 URL: https://issues.apache.org/jira/browse/HDFS-7587
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: namenode
>            Reporter: Kihwal Lee
>            Assignee: Jing Zhao
>            Priority: Blocker
>         Attachments: HDFS-7587.001.patch, HDFS-7587.002.patch, HDFS-7587.patch
>
>
> We have seen a standby namenode crashing due to edit log corruption. It was 
> complaining that {{OP_CLOSE}} cannot be applied because the file is not 
> under-construction.
> When a client was trying to append to the file, the remaining space quota was 
> very small. This caused a failure in {{prepareFileForWrite()}}, but after the 
> inode was already converted for writing and a lease added. Since these were 
> not undone when the quota violation was detected, the file was left in 
> under-construction with an active lease without edit logging {{OP_ADD}}.
> A subsequent {{append()}} eventually caused a lease recovery after the soft 
> limit period. This resulted in {{commitBlockSynchronization()}}, which closed 
> the file with {{OP_CLOSE}} being logged.  Since there was no corresponding 
> {{OP_ADD}}, edit replaying could not apply this.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to