panic on one cpu leaves others running...

Scott Long scottl at
Thu Apr 8 02:26:25 PDT 2004

Peter Jeremy wrote:
> On Thu, Apr 08, 2004 at 12:13:39AM -0400, Robert Watson wrote:
>>Funky, eh?  I thought we used to have code to ipi the other cpu's and halt
>>them until the cpu in ddb was out agian.  I guess I mis-remember, or that
>>code is broken...
> Look on it as a feature - most other Unices can't survive a panic.
> Being able to continue running in a degraded mode until a suitable
> maintenance window is available would be a real selling point in
> HA applications.  Even being able to shutdown cleanly would be
> better than coming to a screaming halt.  :-) (sort of).
> Peter

Not sure if you're joking or not here.  A panic usually means that
something unrecoverable happened, and that continuing on is not safe.
Disregarding that, what if the process that paniced was holding a
lock or other resources?  It really doesn't make much sense to try to
keep running.  And yes, Linux has this 'feature' but is even more
blatant about it; exceptions caused by a process in the top half of
the kernel only result in that process being terminated.  Other than
possible syslog output, there is no other indication that something
went wrong.  I consider this to be an egregious violation of reliable


More information about the freebsd-current mailing list