On Tue, 2018-03-13 at 20:36 +0100, Goffredo Baroncelli wrote: > A checksum mismatch, is returned as -EIO by a read() syscall. This is > an event handled badly by most part of the programs. Then these programs must simply be fixed... otherwise they'll also fail under normal circumstances with btrfs, if there is any corruption.
> The problem is the following: there is a time window between the > checksum computation and the writing the data on the disk (which is > done at the lower level via a DMA channel), where if the data is > update the checksum would mismatch. This happens if we have two > threads, where the first commits the data on the disk, and the second > one updates the data (I think that both VM and database could behave > so). Well that's clear... but isn't that time frame also there if the extent is just written without CoW (regardless of checksumming)? Obviously there would need to be some protection here anyway, so that such data is taken e.g. from RAM, before the write has completed, so that the read wouldn't take place while the write has only half finished?! So I'd naively assume one could just enlarge that protection to the completion of checksum writing,... > In btrfs, a checksum mismatch creates an -EIO error during the > reading. In a conventional filesystem (or a btrfs filesystem w/o > datasum) there is no checksum, so this problem doesn't exist. If ext writes an extent (can't that be up to 128MiB there?), then I'm sure it cannot write that atomically (in terms of hardware)... so there is likely some protection around this operation, that there are no concurrent reads of that particular extent from the disk, while the write hasn't finished yet. > > Even if not... I should be only a problem in case of a crash during > > that,.. and than I'd still prefer to get the false positive than > > bad > > data. > > How you can know if it is a "bad data" or a "bad checksum" ? Well as I've said, in my naive thinking this should only be a problem in case of a crash... and then, yes, one cannot say whether it's bad data or checksum (that's exactly what I'm saying)... but I rather prefer to know that something might be fishy, then not knowing anything and perhaps even get good data "RAID-repaired" with bad one... Cheers, Chris. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html