On Wed, Apr 23, 2003 at 11:20:52AM +0200, Bruce Martin wrote:
> This is just a request to see if NetBSD 1.6 has included any measures to
> increase the robustness of filesystem integrity when systems are power
> cycled without being shut down properly. Under the 1.5.* distributions (on
> i386 specifically) we have had quite a number of problems where fsck's have
> either failed and needed to be run manually from single user mode, or where
> we have actually lost files and directories.

NetBSD has *always* had measures to prevent these problems, at last without
softdeps (I've got some problems with softdeps too).
Now, there are issues with the drives. Some drives have a write-back cache,
which mean they claim to have wrote the data to media when it's actually
not done. Worse, they can reorder writes internally, which mean the
OS doesn't have much control on what is really on disk and what is only
in the disk's cache, and can't guarantee filesystem integrity on unclean
shutdown.
Basically, IDE disks have write-back cache by default. Turning off the write
cache makes them really slow.
SCSI disks usually have write-back caches off by default, but there are
tools to turn it on. The lack of write-back cache on SCSI is not that bad,
because there's an efficient way to queue multiple commands to the disk
(wich can be seen as write-back with write notification).

So: with IDE disks not much more can be done than what is acually done, without
serious performances loss. SCSI disks are safe, provided the defaults didn't
get changed on the disk (and the disk has safe defaults).

I've seen fsck fail on occasion on systems with IDE disks, but never with
SCSI disks (exept because of hardware failure).

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 24 ans d'experience feront toujours la difference
--