Stress testing the UFS2 filesystem

Pawel Jakub Dawidek pjd at FreeBSD.org
Wed May 3 20:05:59 UTC 2006 

On Wed, May 03, 2006 at 02:44:08PM -0400, Kris Kennaway wrote:
+> Modulo modern disk hardware violating these assumptions anyway, bg
+> fsck more or less works as long as you only have "power failure"
+> shutdowns.
+> 
+> When your kernel panics instead (especially if it's a
+> filesystem-related panic), all bets are off.  With its dying breath,
+> your kernel may decide to scribble all over your filesystem, causing
+> arbitrary damage to it.  Many of these types of damage are not
+> "survivable", as you have demonstrated -- in fact the very existence
+> of fsck is proof that the kernel is not designed to handle arbitrary
+> damage at runtime.
+> 
+> So the moral is that if your kernel is panicking a lot, turn off bg
+> fsck or you'll probably hit other filesystem panics at runtime.
+> 
+> I don't think you can completely prevent this problem, but one thing
+> that may help would be for the kernel to attempt to write a marker to
+> the dump device when it panics, and if this marker is present at boot
+> time a fg fsck is forced.  Of course the kernel will not always be
+> able to do this, but it should work most of the time (since crashdumps
+> usually work for most panics).

Actually my feelings are exactly opposite. When you have a panic (ok,
maybe not file system related), your system just stops, but disks write
cache is flushed (at least from what I tested).

On a power failure disk's write cache won't be flushed, which may left
your file systems in totally unexpected state and I wouldn't be
surprised if chances are that such a file system can't be repaired at
all (also by fgfsck).

In my opinion, bgfsck is only safe when write cache is turned off or
there are no power failure problems. Of course this assumes there are no
bugs in soft-updates code, which, given the size of SU code, is quite
risky assumption.

-- 
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd at FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-fs/attachments/20060503/4c1f6199/attachment.pgp

More information about the freebsd-fs mailing list