Date: Fri, 28 Jan 2005 03:32:47 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: David Schultz <das@freebsd.org> Cc: freebsd-fs@freebsd.org Subject: Re: ufs+softupdates / consistency Message-ID: <20050128031722.C58410@delplex.bde.org> In-Reply-To: <20050126172541.GA13950@VARK.MIT.EDU> References: <20050126140058.19161.qmail@web41203.mail.yahoo.com> <20050126172541.GA13950@VARK.MIT.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 26 Jan 2005, David Schultz wrote: > On Wed, Jan 26, 2005, Arne WXrner wrote: > > On > > http://e2fsprogs.sourceforge.net/ext2intro.html > > I found the strings > > "BSD-like synchronous updates" > > "it can cause corruption in the user data" . > > > > On > > http://www.mckusick.com/softdep/ > > I did not find such a statement. > > ... > > The ext2fs paper you refer to was published at about the same time > as Ganger and Patt's Soft Updates paper, so I think it's safe to > say that the authors of the former didn't know about Soft Updates. > The comments you refer to that seem to imply that synchronous > updates are unsafe and asynchronous updates are safer are wrong in > general (synchronous updates are safer), but the authors may be > referring to bugs in the ext2fs implementation at that time. > Soft Updates, in contrast, provides asynchronous updates, issued > in an order that makes them safe. I think part of the argument for async updates being safer (than sync metadata and async data) is that the latter gives a larger window where the data pointed to by the metadata might be garbage (because the pointers to it are up to date but the data might not be). Syncing everything at once gives a smaller window, especially if the sync is in a burst like FreeBSD tries not to do. http://e2fsprogs.sourceforge.net/ext2intro.html doesn't seem to be making exactly that argument. Completing the above quote gives: "it can cause corruption in the user data which will not be flagged by the file system checker." This just says that fsck cannot even guess that the data is corrupt when the metadata is not corrupt. Using async for both gives a better chance that either both are corrupt or neither is corrupt. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050128031722.C58410>