Date: Sat, 28 Aug 2004 05:04:44 +1000 From: Antony Mawer <fbsd-stable@mawer.org> To: Pavel Merdine <fbsdlist@merdin.com> Cc: freebsd-stable@freebsd.org Subject: Re: ffs_alloc panic patch Message-ID: <412F85CC.5090806@mawer.org> In-Reply-To: <1076237332.20040827215245@kaluga.ru> References: <1076237332.20040827215245@kaluga.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Pavel Merdine wrote: > Panic is VERY undesirable situation. And I'm in doubt why those people > who wrote ffs like panics so devotedly: > > # grep -c "panic" ffs_alloc.c ffs_softdep.c > ffs_alloc.c:37 > ffs_softdep.c:108 > > I think such things are not acceptable in production environment. Why > those functions cannot just return a failure state and leave system > working? Taking a stab in the dark here, I'd suspect that this is a safety mechanism -- if something goes awry in the filesystem code, the implications could have something of a domino effect and wind up leaving you with a hosed filesystem. Rather than take that chance, the system panics, which attempts to minimising the impact the code could have on your filesystem(s) by otherwise continuing on. Someone correct me if I'm off-base here... Antony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?412F85CC.5090806>