Date: Thu, 22 Feb 2007 15:53:36 +0100 From: =?ISO-8859-1?Q?Bj=F6rn_K=F6nig?= <bjoern.koenig@alpha-tierchen.de> To: Eric Anderson <anderson@freebsd.org> Cc: freebsd-fs@freebsd.org Subject: Re: The patch delete no umount eject flash disk freebsd panic Message-ID: <45DDAE70.8010508@alpha-tierchen.de> In-Reply-To: <45DC59C0.8080206@freebsd.org> References: <4d3557900702210155n2f57761fl6b8b4df500a1cf77@mail.gmail.com> <45DC59C0.8080206@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Eric Anderson schrieb: > So what happens when you have a regular drive fail then? Or yank a SATA > or other drive out from under the OS? > > This patch seems awfully dangerous to me.. I don't want to disagree. This is dangerous. Seriously, I have another thought: is it less dangerous to risk data loss or corruption of other file systems that are not affected just because we killed the whole system immediately? I had this problem several times: device removed and access to one of its file systems causes the death of the machine. For example: - insert a disk into floppy disk drive - mount its file system - remove floppy disk (oops!) - insert it again (quickly, before anything notice) - umount the file system => kernel panic The result is that other well running file systems on this machine became corrupt or inconsistent. This issue definitively needs a solution. I understand if you don't want to ignore and override the disappearance of a file system, but in this case we probably either need a kind of "soft panic" that tries to unmount other file systems before death blow, a safe way to force unmounting a broken file system without kernel panic explicitely or a configurable case differentiation. Regards Björn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45DDAE70.8010508>