Re: hunt for 2.6.37 dm-crypt+ext4 corruption? (was: Re: dm-cryptbarrier support is effective)
From: Jon Nelson
Date: Tue Dec 07 2010 - 15:49:27 EST
On Tue, Dec 7, 2010 at 2:41 PM, Chris Mason <chris.mason@xxxxxxxxxx> wrote:
> Excerpts from Jon Nelson's message of 2010-12-07 15:25:47 -0500:
>> On Tue, Dec 7, 2010 at 2:02 PM, Chris Mason <chris.mason@xxxxxxxxxx> wrote:
>> > Excerpts from Jon Nelson's message of 2010-12-07 14:34:40 -0500:
>> >> On Tue, Dec 7, 2010 at 12:52 PM, Chris Mason <chris.mason@xxxxxxxxxx> wrote:
>> >> >> postgresql errors. Typically, header corruption but from the limited
>> >> >> visibility I've had into this via strace, what I see is zeroed pages
>> >> >> where there shouldn't be.
>> >> >
>> >> > This sounds a lot like a bug higher up than dm-crypt. ÂZeros tend to
>> >> > come from some piece of code explicitly filling a page with zeros, and
>> >> > that often happens in the corner cases for O_DIRECT and a few other
>> >> > places in the filesystem.
>> >> >
>> >> > Have you tried triggering this with a regular block device?
>> >>
>> >> I just tried the whole set of tests, but with /dev/sdb directly (as
>> >> ext4) without any crypt-y bits.
>> >> It takes more iterations but out of 6 tests I had one failure: same
>> >> type of thing, 'invalid page header in block ....'.
>> >>
>> >> I can't guarantee that it is a full-page of zeroes, just what I saw
>> >> from the (limited) stracing I did.
>> >
>> > Fantastic. Now for our usual suspects:
>> >
>> > 1) Is postgres using O_DIRECT? ÂIf yes, please turn it off
>>
>> According to strace, O_DIRECT didn't show up once during the test.
>>
>> > 2) Is postgres allocating sparse files? ÂIf yes, please have it fully
>> > allocate the file instead.
>>
>> That's a tough one. I don't think postgresql does that, but I'm not an
>> expert here.
>
> Ok, please compare du -k and du -k --apparent-size for each of the
> files involved in the postgres run.
Because this is all done in a transaction (which fails), and because
the table is a TEMPORARY table, there *are* no files once the
transaction fails because postgresql unlinks them.
I can modify the test to use real tables and do things outside of a
transaction, however.
I was using fdatasync[1] and now I'm using sync. I'm on 9 iterations
without a failure (on ext4 - no crypt). Theoretically, these settings
only make a difference in the event of a crash. However, could they
make a difference in terms of the paths taken in the kernel?
[1] for wal_sync_method
--
Jon
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/