Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751332AbcDQTRa (ORCPT <rfc822;w@1wt.eu>);
	Sun, 17 Apr 2016 15:17:30 -0400
Received: from mx2.suse.de ([195.135.220.15]:42076 "EHLO mx2.suse.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1750926AbcDQTR1 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Sun, 17 Apr 2016 15:17:27 -0400
Date: Sun, 17 Apr 2016 17:05:32 +0200
From: Jan Kara <jack@suse.cz>
To: Florian Margaine <florian@margaine.com>
Cc: Dave Chinner <david@fromorbit.com>,
        Alexander Viro <viro@zeniv.linux.org.uk>,
        Jeff Layton <jlayton@poochiereds.net>,
        "J. Bruce Fields" <bfields@fieldses.org>,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fs: add the FIGETFROZEN ioctl call
Message-ID: <20160417150532.GB12223@quack2.suse.cz>
References: <CABRjmp_FK8PYyAhBjAqE3Er8gfPo+EkJA5+yzVg7SdBYEwjJeA@mail.gmail.com>
 <20160415021737.GZ567@dastard>
 <1460809099.28221.2.camel@margaine.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1460809099.28221.2.camel@margaine.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1929
Lines: 47

On Sat 16-04-16 14:18:19, Florian Margaine wrote:
> On Fri, 2016-04-15 at 12:17 +1000, Dave Chinner wrote:
> > On Thu, Apr 14, 2016 at 09:57:07AM +0200, Florian Margaine wrote:
> > > This lets userland get the filesystem freezing status, aka whether
> > > the
> > > filesystem is frozen or not. This is so that an application can
> > > know if
> > > it should freeze the filesystem or if it isn't necessary when
> > > taking a
> > > snapshot.
> > 
> > freezing nests, so there is no reason for avoiding a freeze when
> > doing a snapshot. Indeed, if you don't wrap freeze/thaw around a
> > snapshot, then if the fs is thawed while the snapshot is in progress
> > then you are going to get a corrupt snapshot....
> > 
> > And, besides, polling for frozenness from userspace is inherently
> > racy - by the time the syscall returns, the information may be
> > incorrect, so you can't rely on it for decision making purposes in
> > userspace.
> 
> The example I have is mostly about unfreezing. If I freeze, make a
> snapshot, then unfreeze. If my program crashes after the
> snapshot/before unfreezing, I'll be left with a frozen filesystem,
> which is undesirable, at best.
> 
> One way to mitigate this is to keep the state of the snapshot, but it
> seems silly to keep this information separately (e.g. in a database)
> when the kernel has it available.

Well, administrator can always unfreeze manually if he sees some glitch
like you described above has happened. And as Dave said, the interface you
propose is racy - how would you recognize the following two situations?

1) Your app has crashed with frozen fs.

2) Some other application is just snapshotting the fs and will unfreeze it
eventually.

In the first case you need additional thaw, in the second case you must not
thaw the fs. That's why we kept the decision about thawing the fs to the
administrator...

								Honza
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR