From owner-freebsd-current Wed Mar 10 11:21:19 1999 Delivered-To: freebsd-current@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2]) by hub.freebsd.org (Postfix) with ESMTP id B8FFD153FA for ; Wed, 10 Mar 1999 11:20:58 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id LAA57256; Wed, 10 Mar 1999 11:20:38 -0800 (PST) (envelope-from dillon) Date: Wed, 10 Mar 1999 11:20:38 -0800 (PST) From: Matthew Dillon Message-Id: <199903101920.LAA57256@apollo.backplane.com> To: Dag-Erling Smorgrav Cc: "Daniel C. Sobral" , Jos Backus , Dmitrij Tejblum , perhaps@yes.no, freebsd-current@FreeBSD.ORG Subject: Re: panic: zone: entry not free References: <19990223094120.A97001@hal.mpn.cp.philips.com> <199902230909.MAA01169@tejblum.dnttm.rssi.ru> <19990223105939.D97001@hal.mpn.cp.philips.com> <36D329D1.73146EEF@newsguy.com> <199902250803.AAA01163@apollo.backplane.com> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :Uh, no. Invariants are for developers who want to make sure their code :is correct. There is no reason why an end user would want to build a :kernel with invariants enabled. Invariants will *not* increase data :safety. If they have any effect at all (i.e. if they actually catch a :bug), the result is a panic (whereas with a kernel without invariants, :the bug might actually go unnoticed). : :You must be thinking of the FAILSAFE option. : :DES :-- :Dag-Erling Smorgrav - des@flood.ping.uio.no I would rather the system panic then corrupt a filesystem. Invariants are most useful to developers, but just because a developer's testing doesn't hit any invariants doesn't mean that the invariant won't get hit after the developer commits his code. I think what you are missing here is the fact that allowing bugs to go unnoticed draws out the debugging process. If we had more KASSERT's in the kernel 3 years ago, we would not still have a buggy kernel today. Sweeping bugs under the rug this way does not help anyone. It goes without saying that users catch almost as many bugs as developers, they simply can't fix them. When the a production kernel does not perform extra sanity checks, a bug can remain undetected for years. Therefore, my preference is to turn invariants on on all my production kernels as well as my development kernels. -Matt Matthew Dillon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message