There is a report that, unlucky signal timing during balance can cause
btrfs to remounted into RO mode.
This is caused by the fact that, most btrfs_start_transaction() or
delalloc metadata reserve are interruptible.
That would return -EINTR to a lot of critical code section, and under
most case, our way to handle such error is just to abort transaction,
without any consideration for -EINTR.
This is never a good idea to allow random Ctrl-C to make btrfs RO, even
if the window is pretty small for regular operations.
This patchset will address it in a different direction, since most
operations are pretty fast, we don't need that signal check in waiting
ticket.
For those long running operations, signal should be checked in their
call sites.
E.g. __generic_block_fiemap() calls fatal_signal_pending() to check if
it needs to exit, so does btrfs_clone().
We shouldn't check the signal, and just throw a -EINTR for all ticketing
system callers, they don't really want to handle that damn -EINTR.
Only long executing operations really need that signal checking, and let
them to check, not the infrastructure.
Reason for RFC:
I'm not yet completely sure if uninterruptible ticketing system would
cause extra problems.
Any advice on that would be great.
Qu Wenruo (2):
btrfs: relocation: Allow signal to cancel balance
btrfs: space-info: Don't allow signal to interrupt ticket waiting
fs/btrfs/relocation.c | 3 ++-
fs/btrfs/space-info.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)