From owner-freebsd-questions@FreeBSD.ORG Tue Dec 8 10:39:44 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 65AB9106566B for ; Tue, 8 Dec 2009 10:39:44 +0000 (UTC) (envelope-from cronfy@sprinthost.ru) Received: from odin.from.sh (odin.from.sh [80.93.50.112]) by mx1.freebsd.org (Postfix) with ESMTP id 2228F8FC18 for ; Tue, 8 Dec 2009 10:39:43 +0000 (UTC) Received: from odin.from.sh ([80.93.50.112]) by odin.from.sh with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1NHxTV-0004Ei-8k for freebsd-questions@freebsd.org; Tue, 08 Dec 2009 13:39:21 +0300 Received: from [194.8.176.106] (helo=[192.168.0.3]) by odin.from.sh with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1NHxTO-0004EH-Be for freebsd-questions@freebsd.org; Tue, 08 Dec 2009 13:39:14 +0300 Message-ID: <4B1E2D40.9060900@sprinthost.ru> Date: Tue, 08 Dec 2009 13:41:04 +0300 From: cronfy User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <4B1DF953.4050504@sprinthost.ru> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: FreeBSD is too filesystem errors sensitive X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2009 10:39:44 -0000 >> Please forgive me for probably a very stupid question. But why is >> FreeBSD so sensitive to filesystem errors that it ends up with panics >> like 'freeing free block' or 'ffs_valloc: dup alloc'? I just can't >> get it. Failed to allocate vnode? Go allocate another one! Freeing >> free block? Leave it free then! I understand these situations should >> never happen, but the hell why is it required to panic and kill >> everything that would be working happily even if something very >> disasterous happen to /backup partition, in example? > Probably because UFS is not designed to be a backup file system but a > working one :) > > All those errors indicate file system corruption. To protect other > data from getting corrupted (e.g. by invalid pointers or > calculations), the kernel panics. To protect us against terrorists our government do strange things too ;-) After panic data *is* getting corrupted anyway - MySQL tables that were open are broken, soft-updates are unsync'ed etc etc. Server is required to reboot, fsck, time is wasted while this occurs. Why all this should happen because of a single vnode fail? Why not just throw message in /var/log/messages, return "oh, I failed to save a file" to the process that initiated the operation and just go on? Are consequences of attept to "free already free block" *so* dangerous that it is needed to give up on EVERYTHING? Let's say it was not /backup partition, ok, it was /var/tmp/some-php-session or even /var/cron/tabs/someuser file that failed. So what? Even /boot/kernel/kernel corruption is not critical if you are not going to reboot right now (or if you have /boot/kernel.old :) Is there a way to say "Dear kernel, don't panic, I'am holding your hand, keep working please-please-please?" If so, can it lead to complete filesystem corruption indeed or it is not so serious? Thanks.