Re: FFS: wrong superblock check ~> crash

To: tech-kern%netbsd.org@localhost
Subject: Re: FFS: wrong superblock check ~> crash
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 20 Oct 2014 16:53:59 +0000 (UTC)

In article <20141020155832.EA8AE605C2%jupiter.mumble.net@localhost>,
Taylor R Campbell  <campbell+netbsd-tech-kern%mumble.net@localhost> wrote:
>   Date: Mon, 20 Oct 2014 17:46:06 +0200
>   From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
>
>   Sure. There's lot of other ways to crash the kernel with a broken ffs.
>   In this specific case it's OK to return an error, but in the general
>   case I prefer to have the kernel panic when an inconsistency is
>   detected in ffs, than return an error and try to continue running with
>   a bogus filesystem.
>
>Continuing to run with a bogus file system is no good, but panicking
>the kernel is worse.  If the kernel takes any drastic action beyond
>merely returning an error, it should remount the file system
>read-only.

This is wishful thinking (unless we fix the current set of bugs
that prevent us from doing so even in a healthy filesystem for example
PR/30525). I would be happy if we could isolate the broken filesystem
from all I/O operations instead of crashing.

There are many different recipes that keep filedescriptors for R/W that
corrupt the filesystem during R/O downgrades.

christos

Follow-Ups:
- Re: FFS: wrong superblock check ~> crash
  - From: Taylor R Campbell

References:
- Re: FFS: wrong superblock check ~> crash
  - From: Manuel Bouyer
- Re: FFS: wrong superblock check ~> crash
  - From: Taylor R Campbell

Prev by Date: Re: FFS: wrong superblock check ~> crash
Next by Date: Re: FFS: wrong superblock check ~> crash
Previous by Thread: Re: FFS: wrong superblock check ~> crash
Next by Thread: Re: FFS: wrong superblock check ~> crash
Indexes:

Home | Main Index | Thread Index | Old Index