> UFS will panic on EIO also. Most other file systems, too. In which cases will UFS panic on an I/O error?
A quick browse through the UFS code shows several cases where we can panic if we have bad metadata on disk, but none if a disk read (or write) fails altogether. If UFS fails to read a block, it returns EIO (in most cases, occasionally a different error depending on the context) to its caller. (In a few cases, it can continue past the error; for instance, if it can't read a cylinder group header and wants to allocate a block there, it will go on to a different cylinder group.) If UFS fails to write a block, the buffer cache or page cache will just keep retrying. QFS won't even panic on bad metadata, unless enabled with an /etc/system variable; it will just returns errors to its caller. (It won't panic on I/O errors at all.) --- As for why expectations with ZFS are higher? I suspect that it's primarily because ZFS has been sold (deservedly) as being very good at dealing with hardware problems. This means that it should not only detect the problems, but continue on past them whenever possible. Ditto blocks are a first step in this direction. Bringing down the machine when a read or write fails is so 1980s; ZFS needs a bit of fine-tuning here. We don't need to be defensive. ZFS is a new file system. It will take some time to work all the quirks out and it will take some time to eliminate all the panic cases. But we will. This message posted from opensolaris.org _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
