current-users: Re: Why not softdep per default?

Subject: Re: Why not softdep per default?
To: None <current-users@netbsd.org>
From: Karsten Kruse <tecneeq@tecneeq.de>
List: current-users
Date: 03/29/2005 20:19:39
Johnny Billquist wrote:

>>I guess that your writeback cache is active. In that case softdep can not
>>safe you from powerfailure because the disk writes when it's in the mood,
>>not when it got the command to write.

>>But even in this case a fs with softdep is safer than one without- It
>>safes you when you accidently press reset or a kernel-panic occurs (the
>>dirty stuff in the writeback cache can be written to disk as long as you
>>have power).

> Huh? How do you figure that one? If you don't have softdep, the data will
> already have been written to disk.

It's written to the writeback cache first.

Lets say you have written a file that contains "Hello World" half into the
cache and you press reset.

With softdep you can be sure your filesystem is ok. Softdep writes the
data and marks it ok later. Obviously the half file that now contains
"Hello" is not marked ok, therefore it is as if the write to disk did not
happen at all.

Ok, it is a little bit more complex :). Here are the details:
http://www.usenix.org/publications/library/proceedings/usenix99/full_papers/mckusick/mckusick.pdf

And a quote:
"The current implementation of soft updates guarantees the consistency of
all filesystem resources, including the inode and block bitmaps. With soft
updates, the only inconsistency that can arise in the filesystem (barring
software bugs and media failures) is that some unreferenced blocks may not
appear in the bitmaps and some inodes may have to have overly high link
counts reduced."

That is of course only true if the writeback cache works. Should be no
problem with a reset, i dunno if there are panics that affect the
writeback cache, but i doubt it.

> You might get into the panic in a state where it isn't possible to flush
> the cache you know.

I believe the disk flushes the cache after some time in any case, but i'm
not sure. Where can one find that information? If the disk does not flush
it's cache for some reason it is like powerfailure and you loose, with or
without softdep.

> But without it, you always know that the data already is on the disk,
> except for the just absolutely recent stuff, and the state of the data on
> disk is much more predictable and fixable anyhow.

It is? If i understand the paper right you win with softdep, even if your
writeback cache is off. Why? Because your filesystem is always in a good
state without the need to run fsck. You might loose the last writes, but
your filesystem is ok (you run fsck if you have the time to recover the
unclaimed blocks/inodes).

>>Performance is a bonus, i think the safety alone is worth it.

> Performance is the point, I believe. It is not as safe. If I'm wrong, I'm
> sure someone will correct me.

I quote from http://www.mckusick.com/softdep/:

"Indeed, the ability of soft updates to aggregate many operations
previously done individually and synchronously reduces the number of disk
writes by 40 to 70% for file-intensive environments (e.g., program
development, mail servers, etc.). In addition to performance enhancement,
soft updates can also maintain better disk consistency. By ensuring that
the only inconsistencies are unclaimed blocks or inodes, soft updates can
eliminate the need to run a filesystem check program after every system
crash."



Karsten

-- 
        Homepage, Mac68k, A/UX-Links und Shorties: www.tecneeq.de
  ()    Linux/NetBSD-Anleitungen, Forum  und Chat: www.newbie-net.de
 <\/>
 _/\_   NetBSD - because Unix isn't just #include <linux.h>