[Top] [All Lists]

Re: [PATCH 3/3] Add timeout feature

To: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Subject: Re: [PATCH 3/3] Add timeout feature
From: Eric Sandeen <sandeen@xxxxxxxxxxx>
Date: Mon, 29 Sep 2008 09:45:31 -0500
Cc: Takashi Sato <t-sato@xxxxxxxxxxxxx>, Ric Wheeler <rwheeler@xxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Oleg Nesterov <oleg@xxxxxxxxxx>, linux-fsdevel@xxxxxxxxxxxxxxx, dm-devel@xxxxxxxxxx, viro@xxxxxxxxxxxxxxxxxx, linux-ext4@xxxxxxxxxxxxxxx, xfs@xxxxxxxxxxx, axboe@xxxxxxxxx, mtk.manpages@xxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx
In-reply-to: <20080929143749.GA13286@xxxxxxxxxxxxx>
References: <20080908205337t-sato@xxxxxxxxxxxxxxx> <20080908171119.GB22521@xxxxxxxxxxxxx> <48DBFD42.6030307@xxxxxxxxxx> <D0B0D91F884647D6808626CDFF81E532@xxxxxxxxxxxxxxxx> <20080929141326.GA31781@xxxxxxxxxxxxx> <48E0E7D4.1090409@xxxxxxxxxxx> <20080929143749.GA13286@xxxxxxxxxxxxx>
User-agent: Thunderbird (Macintosh/20080914)
Christoph Hellwig wrote:
> On Mon, Sep 29, 2008 at 09:36:04AM -0500, Eric Sandeen wrote:
>> Christoph Hellwig wrote:
>>> On Fri, Sep 26, 2008 at 05:52:35PM +0900, Takashi Sato wrote:
>>>> I think that your concern is that the freezer cannot recognize the 
>>>> occurrence
>>>> of a timeout and it continues the backup process and the backup data is
>>>> corrupted finally.
>>> What timeout should happen?  the freeze ioctl must not return until the
>>> filesystem is a clean state and all writes are blocked.
>> The suggestion was that *UN*freeze would return ETIMEDOUT if the
>> filesystem had already unfrozen itself, I think.  That way you know that
>> the snapshot you just took is worthless, at least.
> But why would the filesystem every unfreeze itself?  That defeats the
> whole point of freezing it.

I agree.  Was just trying to clarify the above point.

But there have been what, 12 submissions now, with the unfreeze timeout
in place so it's a persistent theme ;)

Perhaps a demonstration of just how easy (or not easy) it is to deadlock
a filesystem by freezing the root might be in order, at least.

And even if it is relatively easy, I still maintain that it is the
administrator's role to not inflict damage on the machine being
administered.  There are a lot of potentially dangerous tools at root's
disposal; why this particular one needs a nanny I'm still not quite sure.


<Prev in Thread] Current Thread [Next in Thread>