From: Andy Goldstein [Goldstein@star.zko.dec.youknowwhere] Sent: Tuesday, June 29, 1999 5:08 PM To: Info-VAX@Mvb.Saic.Com Subject: Re: MOUNT/NOREBUILD (was: Re: Risk of, power off without shutdown) Don't panic. Nothing's changed. The file system is, as ever, designed to "fail safe". A disk rebuild introduces a small risk every time it occurs: It reads all the file headers to reconstruct the free space maps. Should there be a transient disk error in this process, the space allocated to that file header is unknown and cannot be marked in use. To prevent the possibility of multiply allocated blocks, if a file header cannot be read the rebuild *permanently deletes* the file, to prevent the possibility of the header coming back as good later on. The logic in rebuild that reads the headers is very conservative. Normally it does large I/Os for performance reasons. However, if an error occurs, it goes back and reads all the blocks in that range one block at a time, effectively giving the block in error another full set of chances beyond the normal disk error recovery. The disk rebuild has worked this way since it was introduced in V3.0. Given my druthers, I would rather shut down the system cleanly and avoid a rebuild if I had the choice. Nigel Arnot wrote: ] ] (see attached) ] ] WHAT? Has something changed recently? ] ] One of VMS's strengths has always been an intrinsically safe filestore. In other ] words, an abrupt power-off could never cause any sort of filestore corruption, ] and nothing like fsck is needed. The only thing that happens is that blocks ] which are actually free are still marked as in use, and it's these blocks ] that /REBUILD on MOUNT or SET VOLUME frees up again. ] ] Since this is rarely urgent, its SOP in many places to MOUNT/NOREBUILD during ] system startup, and $SET VOLUME/REBUILD late at night. ] ] So, has something very dangerous been changed? Or do we here have a Compaq ] employee who knows about Unix thinking that VMS is the same, which is ] perhaps almost as worrying? ] ] > ] > Trevor wrote: ] > > ] > > Hi ] > > ] > > Can someone give an informed view of the risk (to data integrity) in ] > > powering off a ] > > VMS machine without shuting down the operating system first. I know ] > > it's not a ] > > good idea for all sorts of reasons, but I would like to know what risk ] > > there might be to the system and user disk contents. ] > ] > Trevor, ] > ] > I know of a Customer here in Paris who added "mount/norebuild" in the ] > systartup_vms.com file "because it took too much time when rebooting ] > from a powerfailure". ] > ] > PLEASE avoid this kind of madness for your data sake :-)