Path: utzoo!attcan!uunet!microsoft!gordonl From: gordonl@microsoft.UUCP (Gordon LETWIN) Newsgroups: comp.os.os2.misc Subject: Re: HPFS ... (corrected) Summary: Write Behind & Power Failure Keywords: HPFS cache UPS Message-ID: <57468@microsoft.UUCP> Date: 17 Sep 90 17:39:35 GMT References: <1990Sep6.141036.11041@sun1.ruf.uni-freiburg.de> <1990Sep15.161438.15123@sun1.ruf.uni-freiburg.de> Distribution: comp Organization: Microsoft Corp., Redmond WA Lines: 45 In article <1990Sep15.161438.15123@sun1.ruf.uni-freiburg.de>, seifert@sun1.ruf.uni-freiburg.de (Ulrich Seifert) writes: > > Maybe this is the right place to post a related question. > Let us assume we have a power failure. First, I should point out that HPFS addresses this concern in several ways. OS/2 allows you to specify that a file is "write through". This means that a write call won't return until the data is safely on the disk. This also includes updating the directory entry fields so that said data could be re-read if the power were to fail at that point. An app can set write through on a per handle basis or on a per application basis (i.e., "make any I/O I do be write through"). Finally, the user can specify that he doesn't want any write behinds. "No write behinds" isn't quite the same as "write through" in that it doesn't cause us to update the directory with every write operation and it won't cause us to write a sector if the program does just a 20 byte write, the way that write through would. Write through is used for critical data and it's also used to guarantee write ordering for folks who update, say, a database and then it's index. Write through can be turned on and off, but when you turn it on after being off it doesn't apply retroactively to writes made when it was off; you need to issue a per-file flush for that. Secondly, the HPFS disk structure uses signatures and double links so that CHKDSK can do a very good job of repairing the disk in case of any damage or in case of a power failure. For example, the first N characters of a file name are stored in a backup spot away from the directory so that if you had a directory sector go bad we can not only recover the data, as CHKDSK for FAT sometimes can, but we'll also recover the first N (13?) characters of the file name. If you wipe the superblock we can still reconstruct. If you wipe the root directory we can still reconstruct. The other suggestion was to have a UPS interface to notify applications that power is failing. This is an interesting idea. UPSs are currently rare enough, on individual machines, that few people would use this. UPSs are a lot more common on network servers, and it's my vague recollection (not at all sure) that our LanMan product does have some support interfrace for UPS power fail signals. If it doesn't then this is in the works. Individual users can easily write programs to monitor the UPS signal and to send a power fail pending notification to their apps for shutdown; all that we're missing here is that the OS doesn't provide the monitor app (it's pretty trivial) and we don't define the convention for what a power failing signal looks like... gordon letwin