We should probably keep this panic for consistency with UFS, which also panics on this case.

In D19325#414951, @pfg wrote:

We should probably keep this panic for consistency with UFS, which also panics on this case.

I prefer to remove the panic in this case, because we can return error clearly.
It just mean that the inode cannot be allocated in the requested cg.
Also, there is for example, the ext2_dirbad (), here the panic is more preferable, because it is difficult to figureout, what will happen if dirver will not call panic().
So, just decrease ext2fs panic () probability.

Hi Kirk;
We have this as a panic in UFS, as well.

Fedor wants to relax it but it's probably weird enough to justify a panic ... I will let you both agree on what to do here :).

I recently added the new error EINTEGRITY which is intended for use when a cylinder group or other filesystem structure has an integrity error. My initial plan is to use it for check-hash failures, but this is another good place to use it. It means that the callers of the functions that return this error need to be prepared to handle it. Specifically when allocating blocks or files trying to allocate from a different cylinder group. When deleting blocks or files, not immediately giving up, but trying to release all the remaining blocks of the file. A similar analysis would need to be used for this error (notably trying to allocate from a different cylinder group).

In D19325#415619, @mckusick wrote:

I recently added the new error EINTEGRITY which is intended for use when a cylinder group or other filesystem structure has an integrity error.

Ah yes, ext2fs also has hash checks so it will be good to keep the consistency among both implementations.

Small reminder: when we start using the new error we will have to decode it into something sensible for the linuxulator as well.