From owner-freebsd-hackers@FreeBSD.ORG Fri Sep 17 10:45:15 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8ECF216A4CE for ; Fri, 17 Sep 2004 10:45:15 +0000 (GMT) Received: from rosebud.otenet.gr (rosebud.otenet.gr [195.170.0.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id C804743D49 for ; Fri, 17 Sep 2004 10:45:14 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from orion.daedalusnetworks.priv (host5.bedc.ondsl.gr [62.103.39.229])i8HAj5sx028535; Fri, 17 Sep 2004 13:45:08 +0300 Received: from orion.daedalusnetworks.priv (orion [127.0.0.1]) i8HAirSN066598; Fri, 17 Sep 2004 13:44:53 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from keramida@localhost)i8HAireq066580; Fri, 17 Sep 2004 13:44:53 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Fri, 17 Sep 2004 13:44:53 +0300 From: Giorgos Keramidas To: Matthew Dillon Message-ID: <20040917104453.GB21013@orion.daedalusnetworks.priv> References: <4146316C00007833@ims3a.cp.tin.it> <20040917093712.GB94990@orion.daedalusnetworks.priv> <200409170946.i8H9kr4P021050@apollo.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200409170946.i8H9kr4P021050@apollo.backplane.com> X-Mailman-Approved-At: Fri, 17 Sep 2004 12:08:03 +0000 cc: freebsd-hackers@freebsd.org cc: gerarra@tin.it Subject: Re: FreeBSD Kernel buffer overflow X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Sep 2004 10:45:15 -0000 On 2004-09-17 02:46, Matthew Dillon wrote: > :A KASSERT() wrapped in #ifdef INVARIANTS has zero overhead for normal, > :non-debugging kernels. The developers who are responsible for writing and > :testing new system calls should use INVARIANTS anyway, so they'll quickly > :catch the mistake. > > I strongly recommend that all kernels always be compiled with INVARIANTS > turned on. Even production kernels. I believe GENERIC defaults to > INVARIANTS turned on. In -CURRENT it's enabled for all platforms: : $ grep 'INVARIANTS[[:space:]]' */conf/GENERIC : alpha/conf/GENERIC:options INVARIANTS #Enable calls of extra sanity checking : amd64/conf/GENERIC:options INVARIANTS # Enable calls of extra sanity checking : i386/conf/GENERIC:options INVARIANTS # Enable calls of extra sanity checking : pc98/conf/GENERIC:options INVARIANTS # Enable calls of extra sanity checking : powerpc/conf/GENERIC:options INVARIANTS #Enable calls of extra sanity checking : sparc64/conf/GENERIC:options INVARIANTS # Enable calls of extra sanity checking > I'm not sure what is done during release cycles but presumably > INVARIANTS is left on for the release build as well (if it isn't it > should be). I'm not sure either. I've been running HEAD for a long time; for an informed answer I'd have to ask the RE people. - Giorgos