Description of problem: At 100% full, the snapshot data becomes invalid, all access to it returns -EIO. I obviously see why the write should fail, but a user should still be able to recover their data. A full filesystem still allows the ability to read.
Only possible situation to keep snapshot full and readable is when snapshots is overfilled by writes to snapshot only. (In this sitation will fail only last write). Any write to origin must invalidate snapshot immediatelly (inconsistent data). This scenario can be usefull if origin is read only and snapshots are maintained as separate COW devices (Xen clients etc.) Implementation depends on upstream status (preliminary patch exist).
This request makes me curious since I find the opposite situation to be a bigger problem, i.e. snapshots are still readable when they are full (and inconsistent). How do you make them "not readable" without first unmounting them?
Yes, there are two parts of problem - block device and actions in upper level (e.g. filesystem). Currently, full snapshot returns -EIO to all io requests. But filesystem is still mounted and see incosistent data then. On the block level it's is sufficient solution in comment #1 - in kernel. Unmounting filesystem should precede deactivation of snapshot and this should be done in userspace by dmeventd - it listens to messages from dm core and can take appropriate action - e.g. warning (bug 178979) or force umount or user action. DMeventd need extend functionality to manage this.
Final state should be that dmeventd will handle snapshot resize (so 100% full is only temporary state). Dmeventd should resize snapshot or umount filesystem and remove snapshot... Setting dependence on snapshot DSO bug.
It's not quite spring yet, but I'm cleaning up BZ a little. I know this is filed under RHEL 4, but I suppose we'll only address this in 5 anyway? *** This bug has been marked as a duplicate of bug 427298 ***