ffs_alloc panic patch

Pavel Merdine fbsdlist at merdin.com
Sat Aug 28 01:43:16 PDT 2004


Hello ,

Yes. That I was trying to say.
For  example,  the  Windows  does  not  show  the  blue screen in such
situations.  In  my practice I saw many times the situation of panic()
when file system was not fsck'd.
Actually it may even lead to security holes. E.g. a user may change an
fs somehow to make it loop in panic forever...

Friday, August 27, 2004, 11:55:39 PM, you wrote:

> At 12:36 27/08/2004, Ken Smith wrote:
>>          ... Here you again wind up in a
>>          situation where the filesystem data structures on the disk can
>>          become corrupted.  Typically at some point the ffs code will
>>          recognize that the metadata is incorrect and again a panic is
>>          better than trying to carry on pretending nothing is wrong.

> Shouldn't a corrupt filesystem be handled by forcibly dismounting it,
> rather than invoking panic()?  We certainly don't want to keep on using
> a corrupt filesystem, but we should attempt to isolate a single failing
> piece of hardware rather than allowing it to bring down the entire
> system.

> Colin Percival





-- 
/ Pavel Merdine



More information about the freebsd-stable mailing list