Date: Fri, 15 Jul 2005 23:46:50 +0100 From: David Taylor <davidt@yadt.co.uk> To: Matthias Buelow <mkb@incubus.de> Cc: freebsd-stable@freebsd.org Subject: Re: dangerous situation with shutdown process Message-ID: <20050715224650.GA48516@outcold.yadt.co.uk> In-Reply-To: <20050715192928.GB1374@drjekyll.mkbuelow.net> References: <42D6B117.5080302@plab.ku.dk> <20050714191449.A8A615D07@ptavv.es.net> <20050714195253.GA23666@drjekyll.mkbuelow.net> <20050715185413.GI37261@funkthat.com> <20050715192928.GB1374@drjekyll.mkbuelow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 15 Jul 2005, Matthias Buelow wrote: > John-Mark Gurney wrote: > > >even request barries will not save the fs in a power loss if the track > >that is getting flushed durning a power loss... Some other FreeBSD > >folk has a reproducable case of where blocks that were not written to > >on ATA hardware got trashed after a power loss... > >With non-written to sectors getting trashed with the cache enabled, > >barriers don't mean squat... > > One more thought.. they _do_ protect against power loss during writing > a track -- when used in combination with a journalled fs. > > A corrupted journal can be detected. If it's corrupted, discard > the whole thing, or only the relevant entry. The filesystem will > remain consistent. > If track corruption occurs after the journal is written, it doesn't > matter, since at boot the journal will be replayed and all operations > will be performed once more. The track which is corrupted could contain data that wasn't written to in months. How would the journal help? > The combination barriers+journal really seems to be very resilient > to filesystem corruption. When it's implemented without errors, and > the hardware doesn't do things like change bits randomly, I can't > think of a way this scheme can be corrupted at all. I still don't trust ATA drives. Can you guarantee (or show any reason to believe) that disabling the write cache will actually wait for the cache to be flushed before returning? Otherwise a <disable cache><enable cache> sequence is exactly the same as a <flush cache> command. If the drive executes both immediately, without waiting for the cache to be flushed _before_ returning, what's the difference? -- David Taylor
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050715224650.GA48516>