[dm-devel] Re: [PATCH] crash in dm-io when signal is pending
Mikulas Patocka
mpatocka at redhat.com
Fri Jan 23 19:59:56 UTC 2009
On Fri, 23 Jan 2009, Alasdair G Kergon wrote:
> On Wed, Jan 21, 2009 at 10:04:39PM -0500, Mikulas Patocka wrote:
> > If someone sends signal to a process performing synchronous dm-io call,
> > the kernel may crash.
>
> > There is no way to cancel in-progress IOs, so the best solution is to ignore
> > signals at this point.
>
> So what is the impact of this patch at a higher level?
Avoid crash if the admin kills lvm or dmsetup with SIGKILL at a certain
point.
AFAIK lvm blocks all the blockable signals while it is performing critical
operations, so there should be no crash from pressing ^C, terminal loss or
so.
> - What userspace operations are there that you can interrupt now, but that
> after this patch you won't be able to?
When I grepped for interruptible sleep, I found one another possibility:
aborting a suspend with signal. I didn't find crash condition that could
be caused by this, but it could unfortunatelly confuse targets.
If suspend is aborted this way, presuspend method is called, but
postsuspend, preresume and resume isn't --- this will confuse target
drivers --- you end up with an active mirror that stopped recovering or
active snapshot that stopped merging.
I don't know if aborting suspend this way should be allowed or not.
> (Are there any situations where the io will not complete without a reboot,
> that could actually be safe today?)
If the io will not complete, you can't reboot with normal reboot script.
Unmount/remount-ro waits for ios on a filesystem to complete, so they will
deadlock.
Mikulas
> Alasdair
> --
> agk at redhat.com
>
More information about the dm-devel
mailing list