On Wed, Jun 16, 2021 at 04:55:49PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <djwong@xxxxxxxxxx> > > If any part of log intent item recovery fails, we should shut down the > log immediately to stop the log from writing a clean unmount record to > disk, because the metadata is not consistent. The inability to cancel a > dirty transaction catches most of these cases, but there are a few > things that have slipped through the cracks, such as ENOSPC from a > transaction allocation, or runtime errors that result in cancellation of > a non-dirty transaction. > > This solves some weird behaviors reported by customers where a system > goes down, the first mount fails, the second succeeds, but then the fs > goes down later because of inconsistent metadata. > > Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx> Looks good, Reviewed-by: Christoph Hellwig <hch@xxxxxx>
