git.openafs.org Git - openafs.git/commit

author	Andrew Deason <adeason@sinenomine.net>
	Mon, 30 Apr 2018 22:58:43 +0000 (17:58 -0500)
committer	Benjamin Kaduk <kaduk@mit.edu>
	Fri, 11 May 2018 14:40:17 +0000 (10:40 -0400)
commit	46d5695a383b2b993fdd598b770f4e3c0e1a41f3
tree	afe92b46020e004a91326c18957b8e6b4c4076ac	tree \| snapshot
parent	22e64df8e043fa7bd78bff263866ee2bd6a6e13d	commit \| diff

afs: WriteThroughDSlots: Avoid write error panic

Currently, afs_WriteThroughDSlots panics if our call to
afs_WriteDCache fails. Since afs_WriteThroughDSlots is called every
minute by a background daemon, this means that if our cache fs becomes
inaccessible (by being forced read-only, or for any other reason), we
are virtually guaranteed to panic relatively quickly.

To try to avoid this at least for some cases, change
afs_WriteThroughDSlots to return an error to our caller when we
encounter such an error. For our background task, we can just ignore
the error and retry the writes on a future iteration. During shutdown,
we still panic if we encounter an error, to try to avoid silently
allowing a corrupt cache to be used on subsequent boots.

Change-Id: Ia5f180a5c709881c3e884629c02e9ff93729fa88
Reviewed-on: https://gerrit.openafs.org/13047
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

src/afs/afs_daemons.c		diff \| blob \| history
src/afs/afs_dcache.c		diff \| blob \| history
src/afs/afs_init.c		diff \| blob \| history
src/afs/afs_prototypes.h		diff \| blob \| history