git: hammer2 - Add emergency mode to allow recovery of ENOSPC edge cases

Matthew Dillon dillon at crater.dragonflybsd.org
Sun Sep 29 11:18:21 PDT 2019 

commit acbbd0efe8096cf0ef822670582da7d2cf5c137b
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Sun Sep 29 11:06:08 2019 -0700

    hammer2 - Add emergency mode to allow recovery of ENOSPC edge cases
    
    * Because HAMMER2 is a copy-on-write filesystem, even 'rm' operations
      require block allocations.  H2 gives 'rm' operations extra reserve
      but it is still relatively easy to get into a situation where the
      normal copy-on-write allocation fails and the filesystem gets stuck
      in a ENOSPC situation that cannot be recovered from under normal
      operation.
    
      We add two directives, 'emergency-mode-enable' and
      'emergency-mode-disable' as a fail-safe to allow recovery of
      filesystems that have gotten into this situation.
    
    * When this mode is enabled HAMMER2 will still attempt to use a
      copy-on-write operation for any blocks that might have been
      snapshotted.  However, any blocks which have not been snapshotted
      (or if the copy-on-write fails) will now be modified in-place,
      allowing chflags and rm operations to be run even when the filesystem
      is over-full.
    
      Such operation is fragile because the tree cannot be updated safely,
      so this mode can permanently destroy the filesystem if power is lost
      or a panic occurs during the file removal or chflags/chmod operations.
      Great care must be taken when using this mode.
    
      In addition, use of this mode will likely corrupt any snapshots sharing
      the same meta-data.  If you use this mode and have snapshots it is
      recommended that the snapshots be deleted.
    
    * If you have to use this mode, be sure to disable it after the
      filesystem is operational again.
    
    * The bulkfree scan now reports which PFS(es) a CRC failure occurs on.
      Bulkfree will attempt to alert the user as to which snapshots are
      corrupt, but it isn't perfect.

Summary of changes:
 sbin/hammer2/Makefile                              |   1 +
 .../dsynth/html.c => sbin/hammer2/cmd_emergency.c  |  70 ++++-------
 sbin/hammer2/hammer2.8                             |  71 ++++++++++-
 sbin/hammer2/hammer2.h                             |   2 +
 sbin/hammer2/main.c                                |  12 ++
 sys/vfs/hammer2/hammer2.h                          |   6 +-
 sys/vfs/hammer2/hammer2_bulkfree.c                 | 139 +++++++++++++++++----
 sys/vfs/hammer2/hammer2_chain.c                    | 107 +++++++++++++---
 sys/vfs/hammer2/hammer2_disk.h                     |   1 +
 sys/vfs/hammer2/hammer2_ioctl.c                    |  50 ++++++--
 sys/vfs/hammer2/hammer2_ioctl.h                    |  14 +--
 sys/vfs/hammer2/hammer2_mount.h                    |   1 +
 sys/vfs/hammer2/hammer2_vnops.c                    |  26 ++--
 13 files changed, 387 insertions(+), 113 deletions(-)
 copy usr.bin/dsynth/html.c => sbin/hammer2/cmd_emergency.c (70%)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/acbbd0efe8096cf0ef822670582da7d2cf5c137b


-- 
DragonFly BSD source repository

More information about the Commits mailing list