Date: Wed, 23 May 2018 21:47:46 -0700 From: Gleb Smirnoff <glebius@FreeBSD.org> To: Mateusz Guzik <mjguzik@gmail.com> Cc: "Jonathan T. Looney" <jtl@freebsd.org>, Matthew Macy <mmacy@freebsd.org>, John Baldwin <jhb@freebsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r334104 - in head/sys: netinet sys Message-ID: <20180524044746.GX71675@FreeBSD.org> In-Reply-To: <CAGudoHFi6T3tNCy8NUq=oF6h_4=i0cc3peiD%2BE5-NRYKQZX9Tg@mail.gmail.com> References: <201805231700.w4NH05hs047395@repo.freebsd.org> <2281830.zrSQodBeDb@ralph.baldwin.cx> <CAPrugNo8_h5jnn2Yt250ZH1crwxHhK46QK1vfdyWssYjuuSAqQ@mail.gmail.com> <CADrOrmtmSYtMt4vrqdFHrLqAArBaws8bAeynPa8X_sz7ui86uw@mail.gmail.com> <CAGudoHFi6T3tNCy8NUq=oF6h_4=i0cc3peiD%2BE5-NRYKQZX9Tg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 24, 2018 at 06:44:20AM +0200, Mateusz Guzik wrote: M> I fundamentally disagree with this part. M> M> If a known value of a given field is needed for assertion purposes, you M> can add (possibly conditional) code setting this specific value. It M> probably should not be zero if it can be helped. M> M> Conditional zeroing of the *whole* struct depending on invariants will M> *hide* uninitialized memory read bugs - production kernel will have M> whatever it happens to find, while *debug* kernel will guarantee to M> have all the values zeroed. In fact the flag actively combats redzoning. M> if the resulting allocation is zeroed, poisoning is actively neutered. M> But only if debug is enabled. M> M> That said, I find the change harmful. +1 on fundamentally disagree with M_ZERO_INVARIANTS. It makes the INVARIANTS-enabled kernels to crash _later_ than production kernels, since instead of uma_junk it places clean zeroes. May be changes like that deserve more than a 30 minute time frame for review? -- Gleb Smirnoff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180524044746.GX71675>