On 2019/10/16 下午10:05, Johannes Thumshirn wrote: > The manual page of btrfsck clearly states 'btrfs check --repair' is a > dangerous operation. > > Although this warning is in place users do not read the manual page and/or > are used to the behaviour of fsck utilities which repair the filesystem, > and thus potentially cause harm. > > Similar to 'btrfs balance' without any filters, add a warning and a > countdown, so users can bail out before eventual corrupting the filesystem > more than it already is. > > Signed-off-by: Johannes Thumshirn <[email protected]> > --- > check/main.c | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) > > diff --git a/check/main.c b/check/main.c > index fd05430c1f51..acded927281a 100644 > --- a/check/main.c > +++ b/check/main.c > @@ -9970,6 +9970,23 @@ static int cmd_check(const struct cmd_struct *cmd, int > argc, char **argv) > exit(1); > } > > + if (repair) { > + int delay = 10;
Any delay would make the selftest miserably slow.
And in fact, recent btrfs check --repair is no longer that dangerous.
Sure, it still can't handle everything yet, but at least it's not making
things (that) worse.
Deadly bugs like the lack of flush/fua is already solved, so I'm not
100% sure if we still need such a big warning.
Thanks,
Qu
> + printf("WARNING:\n\n");
> + printf("\tDo not use --repair unless you are advised to do so
> by a developer\n");
> + printf("\tor an experienced user, and then only after having
> accepted that no\n");
> + printf("\tfsck successfully repair all types of filesystem
> corruption. Eg.\n");
> + printf("\tsome other software or hardware bugs can fatally
> damage a volume.\n");
> + printf("\tThe operation will start in %d seconds.\n", delay);
> + printf("\tUse Ctrl-C to stop it.\n");
> + while (delay) {
> + printf("%2d", delay--);
> + fflush(stdout);
> + sleep(1);
> + }
> + printf("\nStarting repair.\n");
> + }
> +
> /*
> * experimental and dangerous
> */
>
signature.asc
Description: OpenPGP digital signature
