Date: Wed, 3 May 2006 16:15:45 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: freebsd-fs@freebsd.org, Kris Kennaway <kris@obsecurity.org> Subject: Re: Stress testing the UFS2 filesystem Message-ID: <20060503201545.GA33457@xor.obsecurity.org> In-Reply-To: <20060503200406.GF3335@garage.freebsd.pl> References: <20060502193900.GA94069@peter.osted.lan> <1541458526.20060503003229@merdin.com> <20060502221306.GD95348@xor.obsecurity.org> <44584421.3000807@cs.tu-berlin.de> <20060503072013.GA2926@xor.obsecurity.org> <18034.193.3.141.124.1146642890.squirrel@webmail7.pair.com> <20060503184408.GA31172@xor.obsecurity.org> <20060503200406.GF3335@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 03, 2006 at 10:04:06PM +0200, Pawel Jakub Dawidek wrote: > On Wed, May 03, 2006 at 02:44:08PM -0400, Kris Kennaway wrote: > +> Modulo modern disk hardware violating these assumptions anyway, bg > +> fsck more or less works as long as you only have "power failure" > +> shutdowns. > +>=20 > +> When your kernel panics instead (especially if it's a > +> filesystem-related panic), all bets are off. With its dying breath, > +> your kernel may decide to scribble all over your filesystem, causing > +> arbitrary damage to it. Many of these types of damage are not > +> "survivable", as you have demonstrated -- in fact the very existence > +> of fsck is proof that the kernel is not designed to handle arbitrary > +> damage at runtime. > +>=20 > +> So the moral is that if your kernel is panicking a lot, turn off bg > +> fsck or you'll probably hit other filesystem panics at runtime. > +>=20 > +> I don't think you can completely prevent this problem, but one thing > +> that may help would be for the kernel to attempt to write a marker to > +> the dump device when it panics, and if this marker is present at boot > +> time a fg fsck is forced. Of course the kernel will not always be > +> able to do this, but it should work most of the time (since crashdumps > +> usually work for most panics). >=20 > Actually my feelings are exactly opposite. When you have a panic (ok, > maybe not file system related), your system just stops, but disks write > cache is flushed (at least from what I tested). Per Peter's webpage (also my own experiences and those of others), further filesystem panics are very common after your system previously panics and you are running bg fsck. The panics stop after you force a fg fsck. Personally I usually disable bg fsck on all my machines because this problem hits me too often :-) Kris --a8Wt8u1KmwUX3Y2C Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEWQ9xWry0BWjoQKURAt5UAKDLAwfrclXacYQwvH/Lj/Vlf1aPbQCgwJx/ dIeAt6DrGe+dBN15bH+Z6vE= =1zvp -----END PGP SIGNATURE----- --a8Wt8u1KmwUX3Y2C--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060503201545.GA33457>