Re: Journaling: Surviving or allowing unclean shutdown?

Daniel Phillips (phillips@innominate.de)
Thu, 04 Jan 2001 09:00:06 +0100


Alex Belits wrote:
>
> On Wed, 3 Jan 2001, Daniel Phillips wrote:
>
> > I don't doubt that if the 'power switch' method of shutdown becomes
> > popular we will discover some applications that have windows where they
> > can be hurt by sudden shutdown, even will full filesystem data state
> > being preserved. Such applications are arguably broken because they
> > will behave badly in the event of accidental shutdown anyway, and we
> > should fix them. Well-designed applications are explicitly 'serially
> > reuseable', in other words, you can interrupt at any point and start
> > again from the beginning with valid and expected results.
>
> I strongly disagree. All valid ways to shut down the system involve
> sending SIGTERM to running applications -- only broken ones would
> live long enough after that to be killed by subsequent SIGKILL.
>
> A lot of applications always rely on their file i/o being done in some
> manner that has atomic (from the application's point of view) operations
> other than system calls -- heck, even make(1) does that.

Nobody is forcing you to hit the power switch in the middle of a build.
But now that you mention it, you've provided a good example of a broken
application. Make with its reliance on timestamps for determining build
status is both painfully slow and unreliable. What happens if you
adjust your system clock? That said, Tux2 can preserve the per-write
atomicity quite easily, or better, make could take advantage of the new
journal-oriented transaction api that's being cooked up and specify its
requirement for atomicity in a precise way.

Do you have any other examples of programs that would be hurt by sudden
termination? Certainly we'd consider a desktop gui broken if it failed
to come up again just because you bailed out with the power switch
instead of logging out nicely.

--
Daniel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/