From: Elladan <elladan@eskimo.com>
To: Kenichi Okuyama <okuyamak@dd.iij4u.or.jp>
Cc: elladan@eskimo.com, Valdis.Kletnieks@vt.edu,
fs@ercist.iscas.ac.cn, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org
Subject: Re: [RFD] What error should FS return when I/O failure occurs?
Date: Thu, 19 May 2005 08:44:38 -0700 [thread overview]
Message-ID: <20050519154438.GG7537@eskimo.com> (raw)
In-Reply-To: <20050518.062640.06257517.okuyamak@dd.iij4u.or.jp>
On Wed, May 18, 2005 at 06:26:40AM +0900, Kenichi Okuyama wrote:
> >>>>> "J" == Elladan <elladan@eskimo.com> writes:
>
> J> This is basically the problem people have had with removable storage for
> J> years... You can't really solve it perfectly, since as you note one
> J> could always place the storage in another machine and change it.
>
> Unfortunately, this problem does happen even on case of
> non-removable storage. HDD will break, and will ( accidentally ) be
> removed from OS perspective. FS does not treat them differently.
>
> In old days, HDD nor any device had a way to detect problem at all,
> except for detecting timeout. THAT was the reason why old OS used to
> use cache for read/write even after human detected HW failure.
> They simply DID NOT KNOW about HW failure, and therefore
> optimistically assumed cache image was still valid.
>
> But look at USB case. If you look at /var/log/messages, you will
> find USB device driver detecting your cable-unplug as soon as you
> unplugged it.
>
> File System should not ASSUME HW to be healthy without asking to
> Device Driver about it. It is device driver who is responsible for
> health check of HW, not FS.
This isn't an issue that can be fixed perfectly. If you just pull a USB
device out, data damage is likely. However, if the device isn't
modified before re-inserting, attempting to finish the write will often
work fine.
Other OS's, even older ones, typically do have a near-immediate
notification that the device has gone away. For example, old floppy
disk based systems such as the Amiga may have had manual eject, but they
did have the capability to detect floppy disk presence. Yelling at the
user is a way to (possibly) complete the IO and prevent FS corruption.
Sometimes it works, sometimes it doesn't. If you hold the last few
seconds of IO in memory as well as the remaining dirty buffers, the
probability of avoiding corruption (provided the device wasn't placed in
another machine) is fairly good.
You're right though, other than possibly having some start/stop support,
this does not need much FS support. It's a driver and UI issue for the
most part.
To implement some of the fancier versions of this, such as being able to
pull out a floppy, place a different one in a drive, and have two apps
using two floppies at once (as some systems have implemented) this would
require placing a volume manager on top of the device driver as well,
and implementing this sort of logic in there. The problem there is that
the volume manager needs to understand the disk label well enough to
identify a particular device.
-J
next prev parent reply other threads:[~2005-05-19 15:45 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-16 17:14 [RFD] What error should FS return when I/O failure occurs? fs
2005-05-16 6:35 ` Valdis.Kletnieks
2005-05-16 18:04 ` fs
2005-05-16 17:58 ` Valdis.Kletnieks
2005-05-17 16:47 ` fs
[not found] ` <200505171057.10540.vda@ilport.com.ua>
2005-05-17 19:41 ` fs
2005-05-16 20:11 ` Kenichi Okuyama
2005-05-16 20:35 ` Valdis.Kletnieks
2005-05-16 21:39 ` Kenichi Okuyama
2005-05-16 22:04 ` Brad Boyer
2005-05-16 22:30 ` Elladan
2005-05-17 6:17 ` Denis Vlasenko
2005-05-17 21:26 ` Kenichi Okuyama
2005-05-19 15:44 ` Elladan [this message]
2005-05-16 22:57 ` Coywolf Qi Hunt
2005-05-16 22:54 ` Coywolf Qi Hunt
2005-05-17 16:06 ` fs
2005-05-16 17:36 ` Hans Reiser
-- strict thread matches above, loose matches on Subject: below --
2005-05-17 5:36 Hua Zhong (hzhong)
2005-05-17 16:55 ` fs
2005-05-17 6:00 Hua Zhong (hzhong)
2005-05-17 17:20 ` fs
[not found] <05May16.114248edt.32448@gpu.utcc.utoronto.ca>
2005-05-17 15:43 ` fs
[not found] <OF18BF4790.4053D6B0-ON88257004.0063F34D-88257004.006557CA@us.ibm.com>
2005-05-18 17:10 ` fs
2005-05-18 7:57 ` Valdis.Kletnieks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050519154438.GG7537@eskimo.com \
--to=elladan@eskimo.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=fs@ercist.iscas.ac.cn \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=okuyamak@dd.iij4u.or.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox