[Tfug] Should ZFS have an fsck tool? I thought this was interesting

[Zack Williams]

> I've read that ZFS makes some assumptions as well, which can be a
> problem. For example, apparently ZFS assumes that when it asks a disk
> controller to sync its cache, the controller absolutely complies and
> isn't flaky about it.

There are several schools of thought I've come across - here are two
extreme examples:

 -  Unsafe behaviors should be explicitly disallowed - for example,
you shouldn't be able to turn off the nfs "sync" option, as it breaks
assumptions (much like the zfs problem).  Similarly, disk caches, etc.
should strictly follow only the safest way to do things, even if there
are huge performance disadvantages to doing so.

 -   All systems should be fault tolerant.  Instead of gracefully
shutting a system down, you should unceremoniously pull the plug on it
for shutdown, and it should be able to deal with that gracefully.
For processes, a "kill -9" should be the only command you need to end
it.

Fundamentally, there are a lot of trade offs, and most current systems
fall somewhere in the middle.    ZFS is incompletely attempting to
support the latter, while still making assumptions from the former,
which seems to be the problem.

That all said, I use ZFS on quite a few systems in production, and
it's very solid with a great feature set.   I also keep backups.   And
I shut down my machines cleanly when possible.

- Zack