From owner-freebsd-stable@FreeBSD.ORG Fri Jul 15 22:45:22 2005 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7AE9516A41C for ; Fri, 15 Jul 2005 22:45:22 +0000 (GMT) (envelope-from davidt@yadt.co.uk) Received: from outcold.yadt.co.uk (outcold.yadt.co.uk [81.187.204.178]) by mx1.FreeBSD.org (Postfix) with ESMTP id E532043D49 for ; Fri, 15 Jul 2005 22:45:19 +0000 (GMT) (envelope-from davidt@yadt.co.uk) Received: from localhost (localhost [127.0.0.1]) by outcold.yadt.co.uk (Postfix) with ESMTP id 3A7111DD562; Fri, 15 Jul 2005 23:46:54 +0100 (BST) Received: from outcold.yadt.co.uk ([127.0.0.1]) by localhost (outcold.yadt.co.uk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 32232-17; Fri, 15 Jul 2005 23:46:50 +0100 (BST) Received: by outcold.yadt.co.uk (Postfix, from userid 1001) id 754791DD6CA; Fri, 15 Jul 2005 23:46:50 +0100 (BST) Date: Fri, 15 Jul 2005 23:46:50 +0100 From: David Taylor To: Matthias Buelow Message-ID: <20050715224650.GA48516@outcold.yadt.co.uk> Mail-Followup-To: Matthias Buelow , freebsd-stable@freebsd.org References: <42D6B117.5080302@plab.ku.dk> <20050714191449.A8A615D07@ptavv.es.net> <20050714195253.GA23666@drjekyll.mkbuelow.net> <20050715185413.GI37261@funkthat.com> <20050715192928.GB1374@drjekyll.mkbuelow.net> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline In-Reply-To: <20050715192928.GB1374@drjekyll.mkbuelow.net> User-Agent: Mutt/1.4.2.1i X-Virus-Scanned: amavisd-new 2.3.1 (20050509) at yadt.co.uk Cc: freebsd-stable@freebsd.org Subject: Re: dangerous situation with shutdown process X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jul 2005 22:45:22 -0000 On Fri, 15 Jul 2005, Matthias Buelow wrote: > John-Mark Gurney wrote: > > >even request barries will not save the fs in a power loss if the track > >that is getting flushed durning a power loss... Some other FreeBSD > >folk has a reproducable case of where blocks that were not written to > >on ATA hardware got trashed after a power loss... > >With non-written to sectors getting trashed with the cache enabled, > >barriers don't mean squat... > > One more thought.. they _do_ protect against power loss during writing > a track -- when used in combination with a journalled fs. > > A corrupted journal can be detected. If it's corrupted, discard > the whole thing, or only the relevant entry. The filesystem will > remain consistent. > If track corruption occurs after the journal is written, it doesn't > matter, since at boot the journal will be replayed and all operations > will be performed once more. The track which is corrupted could contain data that wasn't written to in months. How would the journal help? > The combination barriers+journal really seems to be very resilient > to filesystem corruption. When it's implemented without errors, and > the hardware doesn't do things like change bits randomly, I can't > think of a way this scheme can be corrupted at all. I still don't trust ATA drives. Can you guarantee (or show any reason to believe) that disabling the write cache will actually wait for the cache to be flushed before returning? Otherwise a sequence is exactly the same as a command. If the drive executes both immediately, without waiting for the cache to be flushed _before_ returning, what's the difference? -- David Taylor