All of lore.kernel.org
 help / color / mirror / Atom feed
From: Austin S Hemmelgarn <ahferroin7@gmail.com>
To: Chris Mason <clm@fb.com>, Hugo Mills <hugo@carfax.org.uk>,
	Btrfs mailing list <linux-btrfs@vger.kernel.org>
Subject: Re: Bug/regression: Read-only mount not read-only
Date: Mon, 30 Nov 2015 12:08:40 -0500	[thread overview]
Message-ID: <565C8298.9010006@gmail.com> (raw)
In-Reply-To: <20151130164801.GD2162@ret.masoncoding.com>

[-- Attachment #1: Type: text/plain, Size: 2584 bytes --]

On 2015-11-30 11:48, Chris Mason wrote:
> On Sat, Nov 28, 2015 at 01:46:34PM +0000, Hugo Mills wrote:
>>     We've just had someone on IRC with a problem mounting their FS. The
>> main problem is that they've got a corrupt log tree. That isn't the
>> subject of this email, though.
>>
>>     The issue I'd like to raise is that even with -oro as a point
>> option, the FS is trying to replay the log tree. The dmesg output from
>> mount -oro is at the end of the email.
>>
>>     Now, my memory, experience and understanding is that the FS
>> doesn't, and shouldn't replay the log tree on a RO mount, because the
>> FS should still be consistent even without the reply, and
>> RO-means-actually-RO is possible and desirable. (Compared to a
>> journalling FS, where journal replay is required for a consistent,
>> usable FS).
>>
>>     So, this looks to me like a regression that's come in somewhere.
>>
>>     (Just for completeness, the system in question usually runs 4.2.5,
>> but the live CD the OP is using is 4.2.3).
>
> We do need to replay the log tree, even on readonly mounts.  Otherwise
> files created and fsunk before crashing may not even exist.
I would argue that if a user is trying to mount read-only after a crash 
(that is, the user requests a read-only mount, not if the kernel forces 
it), then that probably means that the user has a specific reason for 
doing so, and doesn't want us writing to the filesystem at all.  I 
understand wanting consistency, but if your system just crashed and your 
FS won't mount RW, then it's probably not a good idea to do anything 
that would cause it to be written to until you've figured out what's 
wrong and fixed it.  Because of how BTRFS is designed, about half of the 
things that are needed for recovery on average, need a mounted 
filesystem.  If you can't mount RW, then something _is_ broken, and you 
shouldn't be doing anything to the FS unless the user tells you to.
>
> We'll bail out of the log replay on readonly media, but otherwise the
> replay always happens.
We have the ability to make a RO mount truly RO, so we should have some 
way to do that without needing to jump through hoops to make the media 
read-only.  Not needing to jump through hoops to do this is a BIG 
selling point for some people (myself included) for a filesystem. 
Perhaps we should provide an option to control if the log replay happens 
at all (and then we wouldn't need btrfs-zero-log)?  Or we could replay 
the log in memory, and only write changes to disk if the FS is mounted RW.


[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 3019 bytes --]

  parent reply	other threads:[~2015-11-30 17:08 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-28 13:46 Bug/regression: Read-only mount not read-only Hugo Mills
2015-11-30 14:59 ` Austin S Hemmelgarn
2015-11-30 15:28   ` Hugo Mills
2015-11-30 16:00     ` Austin S Hemmelgarn
2015-11-30 16:48 ` Chris Mason
2015-11-30 17:06   ` Hugo Mills
2015-12-01 19:00     ` Chris Mason
2015-12-01 19:05       ` Eric Sandeen
2015-12-02  6:25         ` Russell Coker
2015-12-02  9:06           ` Qu Wenruo
2015-12-02  9:23             ` Qu Wenruo
2015-12-02 16:54               ` Eric Sandeen
2015-12-02 17:48                 ` Austin S Hemmelgarn
2015-12-02 18:53                   ` Hugo Mills
2015-12-02 22:48                   ` Eric Sandeen
2015-12-02 23:40                     ` Qu Wenruo
2015-12-02 23:51                       ` Hugo Mills
2015-12-03  6:44                         ` Duncan
2015-12-04 12:32                         ` Austin S Hemmelgarn
2015-12-04 12:23                       ` Austin S Hemmelgarn
2015-11-30 17:08   ` Austin S Hemmelgarn [this message]
2015-12-01  6:46   ` Qu Wenruo
2015-12-01 18:54     ` Chris Mason
2015-12-01 23:47       ` Qu Wenruo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=565C8298.9010006@gmail.com \
    --to=ahferroin7@gmail.com \
    --cc=clm@fb.com \
    --cc=hugo@carfax.org.uk \
    --cc=linux-btrfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.