Transaction Log Supports NTFS Recoverability

• Microsoft Windows NT operating system, version 3.1
• Microsoft Windows NT Advanced Server, version 3.1

SUMMARY

The Windows NT file system (NTFS) provided by Microsoft Windows NT and Windows NT Advanced Server use transaction logging to ensure recoverability. The text below details how Windows NT implements this feature.

MORE INFORMATION

The file system processes each I/O operation that modifies a file on an NTFS volume as a transaction. Each file on an NTFS volume is listed as a record in a special file called the Master File Table (MFT). The first record in the table describes the MFT itself and the second record is an MFT "mirror" record. If the first MFT record is corrupted, NTFS uses the second record to find the MFT mirror file, the first record of which is identical to the first record of the MFT. The boot sector records the locations of the MFT and MFT mirror file. Windows NT stores a duplicate copy of the boot sector at the logical center of the disk.

The third record in the MFT is the log file which records all file transaction information. NTFS and the Log File Service use the DATA attribute of the log file to implement file system recoverability. The Log File Service is a component of the Windows NT Executive and the text below describes it in greater detail. Because the log file is a system file, it can be found early in the boot process and used to recover the disk volume, if necessary. When a user updates a file, the Log File Service records all redo and undo information for the transaction. For recoverability, redo information allows NTFS to roll the transaction forward (repeat the transaction if necessary), and undo allows NTFS to roll the transaction back if an error occurs.

If a transaction completes successfully, NTFS commits the file update to disk. If the transaction is not complete, NTFS ends or rolls back the transaction according to the undo information. If NTFS detects an error in the transaction, it rolls back the transaction. If NTFS cannot guarantee that a transaction completed successfully, it rolls the transaction back. Incomplete modifications to the volume are not allowed.

If the system crashes (due to power failure or other cause), NTFS performs three passes through the data on the disk: an analysis pass, a redo pass, and an undo pass. During the analysis pass, NTFS appraises the damage, if any, and determines which clusters it must update using the information in the log file. The redo pass performs any steps logged from the last checkpoint. Then the undo pass rolls back any incomplete (uncommitted) transactions.

The NTFS recovery pass involves the following six steps:

1. When Windows NT recognizes an NTFS volume, it reads the MFT.

2. NTFS calls the Log File Service to open the log file. This causes the Log File Service Recovery to take place.

3. NTFS calls the Log File Service to read its restart area and reads all the data from the last checkpoint operation. This data initializes the transaction table, dirty pages table, and open file table so they can be used in the recovery process.

4. NTFS performs an analysis pass on its last checkpoint record. At the end of this pass, the transaction table contains only transactions that were active when the crash occurred.

5. NTFS performs a redo pass. At the end of this pass, the cache reflects the state of the volume when the crash occurred.

6. NTFS performs an undo pass. At the end of this pass, the volume is recovered to a stable state.

• The restart area. A status area used to transfer information about a client's last checkpoint operation before a crash to the client's recovery procedure. The Log File Service maintains two restart areas to guarantee that at least one valid area is always available.
• The infinite log file. The Log File is a circularly reused file. When a new record is added, it is appended to the end of the file. When the Log File reaches its capacity, the Log File Service waits for writes to occur and frees space for new entries.