At Wed, 10 Apr 2013 14:10:52 +0800,
Liu Yuan wrote:
>
> On 04/10/2013 12:32 AM, Hitoshi Mitake wrote:
> > if (do_recover(old) < 0)
> > - return -1;
> > + sd_iprintf("recoverying from journal file (old) failed");
> > if (do_recover(new) < 0)
> > - return -1;
> > -
> > - return 0;
> > + sd_iprintf("recoverying from journal file (new) failed");
> > }
>
> Suppose following case:
>
> Sheep crash and has some logs in the journal. When sheep init, journal
> is replayed and some disk is read-only, so replay fails. I think we
> should exit at this case, because users can works on this broken disk
> and get it write capable again or replace it with a new disk and put the
> old data on it. In either way, users can re-start the sheep and the
> reply will go well.
>
> So I think we should exit on do_recover().
I couldn't suppose the above case. I'll add panic() when do_recover()
fails in v2.
Thanks,
Hitoshi
|
|