Date: Wed, 20 Feb 2008 12:31:58 -0800 From: Maxim Sobolev <sobomax@FreeBSD.org> To: d@delphij.net Cc: freebsd-fs@FreeBSD.org, Alexander Leidinger <Alexander@Leidinger.net>, FreeBSD Current <freebsd-current@FreeBSD.org> Subject: Re: [PATCH FOR REVIEW] fsck_ffs: Recover from catastrophic damage Message-ID: <47BC8E3E.2090706@FreeBSD.org> In-Reply-To: <47BBF9CC.4030404@delphij.net> References: <47BBD864.3070905@delphij.net> <20080220105614.eydtkfap4gogk0cw@webmail.leidinger.net> <47BBF9CC.4030404@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin LI wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Alexander Leidinger wrote: >> Quoting Xin LI <delphij@delphij.net> (from Tue, 19 Feb 2008 23:36:04 >> -0800): >> >>> Change summary: >>> >>> fsutil.c: >>> - Really update standard superblock. fsck_ffs -b used to update the >>> backup superblock which does not recover file systems which have bad >>> master superblocks. >>> - Instead of coredump, zero out whole cg if its signature is bad. >>> >>> inode.c: >>> - Instead of coredump, zero out whole cg if its signature is bad. >> Does this modify (zero out) on-disk blocks? If yes, shouldn't this ask >> for confirmation? > > My assumption is that if a cylinder group's magic number is damaged, > then the whole stuff can not be trusted at all, but yes, I think this > should come with a prompt, will add tomorrow. Does it make sense to make this functionality only available if some special command-line flag has been specified? For example in the presence of silent data corruption (which as we all know now is real) it is possible that read would return incorrect data, while it's still perfectly OK on disk. Zeroing data would make an irreversible damage in such case. IMHO, fsck should bail by default in such case, since it can't tell for sure what the source of the error is. -Maxim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47BC8E3E.2090706>