From owner-svn-src-head@FreeBSD.ORG Fri Apr 5 15:43:23 2013 Return-Path: Delivered-To: svn-src-head@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 2488D8DF; Fri, 5 Apr 2013 15:43:23 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from mail107.syd.optusnet.com.au (mail107.syd.optusnet.com.au [211.29.132.53]) by mx1.freebsd.org (Postfix) with ESMTP id DEB9CF10; Fri, 5 Apr 2013 15:43:22 +0000 (UTC) Received: from c211-30-173-106.carlnfd1.nsw.optusnet.com.au (c211-30-173-106.carlnfd1.nsw.optusnet.com.au [211.30.173.106]) by mail107.syd.optusnet.com.au (Postfix) with ESMTPS id 81666D41011; Sat, 6 Apr 2013 02:21:51 +1100 (EST) Date: Sat, 6 Apr 2013 02:21:47 +1100 (EST) From: Bruce Evans X-X-Sender: bde@besplex.bde.org To: Alexander Motin Subject: Re: svn commit: r249105 - in head/sys/cam: ata scsi In-Reply-To: <515DE949.6050309@FreeBSD.org> Message-ID: <20130406020010.P1319@besplex.bde.org> References: <201304041904.r34J4F2I065527@svn.freebsd.org> <515DE949.6050309@FreeBSD.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Optus-CM-Score: 0 X-Optus-CM-Analysis: v=2.0 cv=S7iBW/QP c=1 sm=1 a=EUEtXETBbRoA:10 a=kj9zAlcOel0A:10 a=PO7r1zJSAAAA:8 a=JzwRw_2MAAAA:8 a=a83PX5LfBjoA:10 a=LWI0q0meCa_2A8PdsIIA:9 a=CjuIK1q_8ugA:10 a=TEtd8y5WR3g2ypngnwZWYw==:117 Cc: svn-src-head@FreeBSD.org, Adrian Chadd , src-committers@FreeBSD.org, svn-src-all@FreeBSD.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Apr 2013 15:43:23 -0000 On Thu, 4 Apr 2013, Alexander Motin wrote: > On 04.04.2013 23:53, Adrian Chadd wrote: >> Hi, >> >> Isn't this a prime candidate to replace with KASSERT()? > > It could be, but NULL dereference attempt will crash system no less reliably > then KASSERT. Much more reliably: - if INAVRIANTS is not configured, then the NULL dereference still crashes properly - if INAVRIANTS is configured, then the NULL dereference gives a nice (restartable) fault, while KASSERT() calls panic() and there is no way to get back to the original context so as to to restart or debug it more easily. KASSERT() could be improved by replacing it by a a null dereference or other restartable fault, at least before calling panic() or taking any other unrestartable actions. The panic() call would still prevent restarting very easily -- you would have to back out to before the KASSERT() and fix up all the asserted conditions (usually more than a single null pointer). This method works well in userland too. Instead of assert() or abort(), use an null dereference, or more portably, a signal, or less portably, an asm with a breakpoint instruction or with the null pointer dereference (so that the compiler can't see that it gives undefined behaviour and optimize it away). I use this more to debug than to restart. Even if optimization or the debugger doesn't lose the local variables when assert() or abort() is called, it is easier to debug if you don't have to go up several frames to see the variables. Bruce