On 2016-02-10 20:59, Austin S. Hemmelgarn wrote: [...] > Again, a torn write to the metadata referencing the block (stripe in > this case I believe) will result in loosing anything written by the > update to the stripe.
I think that the order matters: first the data block are written (in a new location, so the old data are untouched), then the metadata, from the leafs up to the upper node (again in a new location), then the superblock which references to the upper node of the tree(s). If you interrupt the writes in any time, the filesystem can survive because the old superblock-metadata-tree and data-block are still valid until the last pieces (the new superblock) is written. And if this last step fails, the checksum shows that the super-block is invalid and the old one is taken in consideration. > There is no way that _any_ system can avoid > this issue without having the ability to truly atomically write out > the entire metadata tree after the block (stripe) update. It is not needed to atomically write the (meta)data in a COW filesystem, because the new data don't owerwrite the old one. The only thing that is needed is that before the last piece is written all the previous (mata)data are already written. For not COW filesystem a journal is required to avoid this kind of problem. > Doing so > would require a degree of tight hardware level integration that's > functionally impossible for any general purpose system (in essence, > the filesystem would have to be implemented in the hardware, not > software). To solve the raid-write-hole problem, a checksum system (of data and metadata) is sufficient. However to protect with checksum the data, it seems that a COW filesystem is required. The only critical thing, is that the hardware has to not lie about the fact that the data reached the platter. Most of the problem reported in the ML are related to external disk used in USB enclousure, which most of the time lie about this aspect. GB -- gpg @keyserver.linux.it: Goffredo Baroncelli <kreijackATinwind.it> Key fingerprint BBF5 1610 0B64 DAC6 5F7D 17B2 0EDA 9B37 8B82 E0B5 -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html