On Mon, Nov 28, 2011 at 03:28:29PM -0800, Darrick J. Wong wrote: > + /* > + * Ignoring corrupt revoke blocks is safe > + * because at worst it results in unnecessary > + * writes during recovery. > + */ This is *not* true. The reason why we have revoke blocks is because we have to handle the case where a metadata block (which is journaled) is released, and then the block is reused as a data block. If we then replay the block, the "unnecessary write" will result the potential corruption of a data block. So if we lose a revoke block, it's not possible to safely replay *any* part of the journal. E2fsck might be able to do something about it by saving the old copy of all blocks written during the journal replay if it detects this case, and then alerting the system administrator that a particular data file may have gotten corrupted. But it's going to be really messy... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
