ZFS recovery after power failure
James R. Van Artsdalen
james-freebsd-fs2 at jrv.org
Mon Dec 20 13:12:33 UTC 2010
On 12/20/2010 12:59 AM, Sergey Gavrilov wrote:
> Could you tell about why it can damage the pool in more details, please.
Once the last uberblock write in a pool during a transaction group write
has completed, ZFS may start reallocating and overwriting all blocks
freed in the previous transaction group. Some of those blocks may
contain necessary high-level pool data and metadata from the previous
uberblock.
If a power failure happens and an incorrectly-deferred uberblock update
never happens, yet a write to a "free" block from above does commit to
media, you can wind up with no uberblocks pointing to valid pool data.
v28 "fixes" this by deferring reallocation of freed blocks for 3
transaction group updates. There is still a chance of failure but in
the real world the odds of failure should be very low, although a disk
controller with a big enough write-back cache might still run into a
problem if it doesn't handle SYNC correctly.
More information about the freebsd-fs
mailing list