On 7/9/20 3:32 PM, Davide Cavalca via devel wrote: > On Thu, 2020-07-09 at 16:15 -0400, Simo Sorce wrote: >> However I have had bad kernels, power outages, loss of battery power >> (laptops on too long suspend) and other random reasons to force >> reboot >> a system. That has been the primary case of file system checks >> through >> my Fedora usage. And luckily so far I never had a loss of filesystem >> or >> data that way, fsck always ended up solving most of the issues, and >> whenever I lost file they ended up being temporary files I did not >> care >> for. >> >> I do not think those failures are common in Facebook fleets, so I am >> quite skeptical FB data and failure modes are representative of >> Fedora >> usage as a desktop/laptop OS and therefore of the behavior of btrfs >> in >> those cases. > > As someone on one of the teams at FB that has to deal with that, I can > assure you all the scenarios you listed can and do happen, and they > happen a lot. While we don't have the "laptop's out of battery" issue > on the production side, we have plenty of power events and unplanned > maintenances that can and will hit live machines and cut power off. > Force reboots (triggered by either humans or automation) are also not > at all uncommon. Rebuilding machines from scratch isn't free, even with > all the automation and stuff we have, so if power loss or reboot events > on machines using btrfs caused widespread corruption or other issues > I'm confident we'd have found that out pretty early on. It is a bare minimum expectation that filesystems like btrfs, ext4, and xfs do not suffer filesystem corruptions and inconsistencies due to reboots and power losses. So for the record I am in no way insinuating that btrfs is less crash-safe than other filesystems (though I have not tested that, so if I have time I'll throw that into the mix as well.) We do at times see corrupted filesystems when something has a writeback cache w/o a battery backup, though, because then the hardware violates its guarantees to the filesystem.... this is the sort of thing I'd put in the "misconfiguration" bucket. Which happens from time to time, and from which it is nice to be able to recover w/o heroics. -Eric _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
