[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LNX.2.00.1105310001010.8082@swampdragon.chaosbits.net>
Date: Tue, 31 May 2011 00:10:41 +0200 (CEST)
From: Jesper Juhl <jj@...osbits.net>
To: "D. Jansen" <d.g.jansen@...glemail.com>
cc: david@...g.hm, Theodore Tso <tytso@....edu>,
Oliver Neukum <oneukum@...e.de>, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org, Dave Chinner <david@...morbit.com>,
njs@...ox.com, bart@...wel.tk
Subject: Re: [rfc] Ignore Fsync Calls in Laptop_Mode
On Mon, 30 May 2011, D. Jansen wrote:
> On Mon, May 30, 2011 at 8:45 PM, <david@...g.hm> wrote:
> > On Mon, 30 May 2011, D. Jansen wrote:
> >
> >> On Mon, May 30, 2011 at 8:02 PM, <david@...g.hm> wrote:
> >>>
> >>> no, you cannot just change a fsync to a barrier, in some cases the data
> >>> absolutly needs to be saved, not just ordered (remember the example of a
> >>> mail server telling the other system that the data can be deleted after a
> >>> fsync returns)
> >>
> >> I'm not really sure I why shouldn't have that choice as a user. Just
> >> because someone else could be running a mailserver on his system and
> >> configure it in a way that it doesn't behave as it should?
> >> If he really wants to do that there's really nothing we can do to stop
> >> him. I'm sure there are other ways existing kernel options can be used
> >> to make software behave different than it should. Are we going to
> >> remove them all now?
> >>
> >> The big problem is that so far only fsync existed and lots of software
> >> seemingly abuses it as an expensive write barrier. And it would really
> >> be lovely to have the choice to stop that on an opt-in basis in laptop
> >> mode.
> >
> > is the benifit of not spinning up the disk really worth the risk of loosing
> > data?
>
> Is that a choice I can make myself? Is that a choice I make with
> laptop mode? Or is that a choice I may only make if I'm willing to
> modify and compile my own kernel?
> >
> > and should this really be a global across-the-board option?
>
> The point is option imo.
> >
> > the problem is that most users don't know what their system is running, or
> > what effect disaling fsync would have. those that do can probably use
> > LD_PRELOAD to override fsync calls.
>
> As we found out, they can't. But if we export barrier, I hope a
> library could wrap fsyncs into barriers. Is that the case?
> >
> > it doesn't take running a mail server, even a mail client will have the same
> > risk. If you use POP for mail (a very common option) then you download
> > messages and tell the server to delete them. if you do not really save them
> > (one fsync after they are all saved), then you can loose everything that you
> > downloaded.
>
> Yes, I know. It's the same argument again and again. I understand not
> everybody wants this. But some do. Some prefer working 10-20% longer
> on battery (certainty) instead of possibly losing 5 % data
> (possibility) or losing all your data (possibility if you use laptop
> mode and the hard disk wakes up again and again and eventually wears
> out). That's why there's laptop mode. And this would play into laptop
> mode and prevent the hard disk from breaking down prematurely and
> saving battery.
>
But how can you say that you are only risking 5% data loss or only risking
your most recent data? You can't.
fsync provides guarantees and applications take advantage of that
guarantee and you have no way of knowing what breaking those guarantees
will mean for all applications in the system (not without a *lot* of
research work at least).
You may be willing to lose a few emails or a few recently modified plain
text files or office documents. But how would you feel if that multi
megabyte or gigabyte database that has been build up over months with your
work suddenly became completely unrecoverable because the application
maintaining it made some assumptions based on fsync's guarantees and those
guarantees were suddenly broken? My guess is you wouldn't be very happy.
Some applications may only need the ordering guarantee that fsync
provides, not the "data is safely on media" guarantee. So perhaps if a new
barrier syscall was provided that gave applications just the lighter
ordering guarantee, then over time those apps could transition to use it
instead of fsync. Apps that really do need the "data is safely on media"
guarantee would of course continue to call fsync, but the number of
overall fsync calls in the system would decrease over time - this would
help your battery life and we'd still have a working fsync for those apps
that really do need it.
How does that sound?
--
Jesper Juhl <jj@...osbits.net> http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.
Powered by blists - more mailing lists