on 04/06/2008 19:10 Kostik Belousov said the following:
SU are irrelevant to the problem I am thinking of.vfs_write_suspend() returns 0 when the filesystem being suspended is already in suspend state. vfs_write_resume() clears the suspend state. vfs_write_suspend/vfs_write_resume are used both by snapshot code and the gjournal. If two users of these interfaces interleave, then you could get: thread1 thread2 vfs_write_suspend() <- fs is suspended there vfs_write_suspend() <- returns 0 vfs_write_resume() <- fs is no more suspended thread2 is burned in flame Snapshots are protected against this because they are created through the mount(2). The mount(2) locks the covered vnode and thus serializes snapshot creation (I think there are further serialization points that prevent simultaneous snapshotting of the same fs). There is nothing I can see that protects snapshots/gjournal interaction.
Looks like something to be quite concerned about. Thank you for the analysis. -- Andriy Gapon _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
