Date: Thu, 22 Feb 2007 09:38:46 -0600 From: Eric Anderson <anderson@freebsd.org> To: =?ISO-8859-1?Q?Bj=F6rn_K=F6nig?= <bjoern.koenig@alpha-tierchen.de> Cc: freebsd-fs@freebsd.org Subject: Re: The patch delete no umount eject flash disk freebsd panic Message-ID: <45DDB906.1070405@freebsd.org> In-Reply-To: <45DDAE70.8010508@alpha-tierchen.de> References: <4d3557900702210155n2f57761fl6b8b4df500a1cf77@mail.gmail.com> <45DC59C0.8080206@freebsd.org> <45DDAE70.8010508@alpha-tierchen.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/22/07 08:53, Björn König wrote: > Eric Anderson schrieb: > >> So what happens when you have a regular drive fail then? Or yank a SATA >> or other drive out from under the OS? >> >> This patch seems awfully dangerous to me.. > > I don't want to disagree. This is dangerous. Seriously, I have another > thought: is it less dangerous to risk data loss or corruption of other > file systems that are not affected just because we killed the whole > system immediately? > > I had this problem several times: device removed and access to one of > its file systems causes the death of the machine. For example: > > - insert a disk into floppy disk drive > - mount its file system > - remove floppy disk (oops!) > - insert it again (quickly, before anything notice) > - umount the file system > => kernel panic > > The result is that other well running file systems on this machine > became corrupt or inconsistent. This issue definitively needs a > solution. I understand if you don't want to ignore and override the > disappearance of a file system, but in this case we probably either need > a kind of "soft panic" that tries to unmount other file systems before > death blow, a safe way to force unmounting a broken file system without > kernel panic explicitely or a configurable case differentiation. I agree that other file systems should not be messed with. I suppose instead of panicking another option is the remove the mount point, blast anything in cache for it, and then kill any processes touching it? How would one deal with daemons like mountd, and nfsd though? This would be a good thing for servers too, since a missing file system would hopefully not kill everything. Maybe someone with more locking/file system/geom knowledge could provide some input here.. Eric
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45DDB906.1070405>