On Wed, 2010-07-28, Julian Foad wrote: > On Wed, 2010-07-28 at 10:13 -0700, Blair Zajac wrote: > > On 07/28/2010 06:18 AM, julianf...@apache.org wrote: > > > Author: julianfoad > > > Date: Wed Jul 28 13:18:28 2010 > > > New Revision: 980046 > > > > > > URL: http://svn.apache.org/viewvc?rev=980046&view=rev > > > Log: > > > Add assertions in FSFS to trap an internal error that is believed to have > > > occurred in real life. > > > > Propose this one for a 1.6.x backport? > > I don't think so. It doesn't provide an enhanced experience for the > user. Quite the opposite, in fact - as Bert pointed out, if the server > terminates because of this error, that can be worse than it failing a > commit and returning the error message to the client. > > So these assertions are more to help us spot the location of the bug > more quickly if we ever manage to reproduce the problem in a test > environment, and to help us avoid writing any more silly bugs of this > kind. > > Regarding Bert's concern about DOS attacks: if we can't find and fix the > bug that leads to this condition then I suppose we should add a > "friendly error message" instead of the assertion, and a comment > explaining why it's not just a simple assertion.
Done in r991182. Now *this* error handling should be back-ported to 1.6.x. - Julian
