Date: Thu, 8 Apr 2004 21:44:41 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: Scott Long <scottl@freebsd.org> Cc: current@freebsd.org Subject: Re: panic on one cpu leaves others running... Message-ID: <20040408114441.GB6458@server.vk2pj.dyndns.org> In-Reply-To: <40751A74.50504@freebsd.org> References: <Pine.NEB.3.96L.1040408001234.39416A-100000@fledge.watson.org> <20040408091030.GA6458@server.vk2pj.dyndns.org> <40751A74.50504@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 08, 2004 at 03:25:08AM -0600, Scott Long wrote: >Peter Jeremy wrote: >>On Thu, Apr 08, 2004 at 12:13:39AM -0400, Robert Watson wrote: >> >>>Funky, eh? I thought we used to have code to ipi the other cpu's and halt >>>them until the cpu in ddb was out agian. I guess I mis-remember, or that >>>code is broken... >> >> >>Look on it as a feature - most other Unices can't survive a panic. >>Being able to continue running in a degraded mode until a suitable >>maintenance window is available would be a real selling point in >>HA applications. Even being able to shutdown cleanly would be >>better than coming to a screaming halt. :-) (sort of). > >Not sure if you're joking or not here. I was joking about the FreeBSD behaviour (hence the smiley) but serious about the (potential) benefits of being able to degrade rather than die. > A panic usually means that >something unrecoverable happened, and that continuing on is not safe. I realise that. Hence actually being able to continue after a panic would be extremely difficult to do safely. (Probably not possible in general, though it might be in some special cases). Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040408114441.GB6458>