Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 14 Oct 2013 14:04:45 -0700
From:      Charles Swiger <cswiger@mac.com>
To:        Daniel Feenberg <feenberg@nber.org>
Cc:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: SU+J Lost files after a power failure
Message-ID:  <2351E8C5-4FC0-4AE9-AC21-312DA46C0EE8@mac.com>
In-Reply-To: <alpine.LRH.2.03.1310141447520.16969@nber.org>
References:  <525A6831.5070402@gmail.com> <l3gc7e$c91$1@ger.gmane.org> <20131014133953.58f74659@gumby.homeunix.com> <525C1D1C.9050708@gmail.com> <CA+tpaK2Pr2po2cQ1yanQK9+wLp77SYqYHjxiXaU5FfXwHrkGow@mail.gmail.com> <CAFYkXjn-1wTJcQ4a_fyXCvwh9ukt3+djM2qsMeaH1HhVJNvhiA@mail.gmail.com> <525C2554.7080203@pchotshots.com> <CAFYkXjm8y0Br31_pqRZc0sNFbqCNtKHhjeQuiLXkGT2zxSu0GA@mail.gmail.com> <525C2FBC.4080808@cran.org.uk> <alpine.LRH.2.03.1310141447520.16969@nber.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Hi--

On Oct 14, 2013, at 11:51 AM, Daniel Feenberg <feenberg@nber.org> wrote:
> This discussion skirts the critical issue - are files that are not open for writing endangered? No description of the uses of journaling can be considered informative if it doesn't address that explicitly. As a naive user I have always assumed that once closed, a file was invulnerable to improper shutdowns, but this discussion shakes that belief.

Well, it's good to be a little paranoid if the data matters.  :-)

First, unless you call fsync() before close() and your OS and/or drive hardware isn't being deceptive when fsync() returns about whether the bits have made it to permanent storage, then you might be surprised at just how long the unwritten buffers containing the last updates to the file data take to get properly flushed to disk.

> I expect the answer may be different for SSD and spinning disks.

Second, this is an excellent point: however, it also applies to anything where the actual hardware block size does not match the device blocksize that the filesystem thinks it has-- so new "4K sector" rotational disks also have some risk.

The basic issue with SSDs is that you (or the drive firmware, more precisely) need to read in an entire hardware sector, update the portion with changes in cache memory, do a bulk-erase of that block, and then scribble that back out.  Good drive firmware actually writes out to a different block than the original for wear-leveling purposes and only updates the flash translation layer once the new version of that block is written.  That makes the drive mostly immune to major data integrity issues even if powered off in the middle of the process.

Less-than-good firmware, aka buggy firmware, can lead from power-failure to data loss of files which were not being modified at the time.  And may you possess recent working backups if the FTL somehow ever gets confused!

Regards,
-- 
-Chuck




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?2351E8C5-4FC0-4AE9-AC21-312DA46C0EE8>