From owner-svn-src-head@FreeBSD.ORG Wed Dec 12 22:38:26 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 19E5069; Wed, 12 Dec 2012 22:38:26 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com [209.85.212.170]) by mx1.freebsd.org (Postfix) with ESMTP id A6E488FC08; Wed, 12 Dec 2012 22:38:24 +0000 (UTC) Received: by mail-wi0-f170.google.com with SMTP id hq7so3633813wib.1 for ; Wed, 12 Dec 2012 14:38:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=/MfOXlFcUv2fotprf/gWSXH9zuWKhhyH1ywbr+IQe/M=; b=lzppjTdzgSGZ5OXZlqPgMKDU82G8jUAjbAkjCAte2jluL7fAtW9VDqWZN8JlOUEFZ4 ehjT6guFs8yOAqZ4AH7tuH9XsviaLRuBz9zTN3i7kLlCkPIMLtCZ7fzRM2+gq3QiJ0il a4nYDp/lxWrQ693b4Gjl2T+ksVdRUex5mIGUFMnL5MmCL0BOMfOaWvNPCuzD0J1kDWfB iNTV+J8HNAv/xLhNvAuIc2A/EcGj/RUdN9GnKIfn1cje7naSgiJaI7fZWREMXmOJa4R2 pAMCfLXEuXPG4jx9pty0qUMDJHEobwIb4hoQE6htu2pItIQ9Jl+984PyIr1fFL3acaEB 7D8g== MIME-Version: 1.0 Received: by 10.194.179.34 with SMTP id dd2mr4578225wjc.1.1355351903711; Wed, 12 Dec 2012 14:38:23 -0800 (PST) Sender: adrian.chadd@gmail.com Received: by 10.217.57.9 with HTTP; Wed, 12 Dec 2012 14:38:23 -0800 (PST) In-Reply-To: <50C90567.8080406@FreeBSD.org> References: <201212110708.qBB78EWx025288@svn.freebsd.org> <201212121046.43706.jhb@freebsd.org> <201212121658.49048.jhb@freebsd.org> <50C90567.8080406@FreeBSD.org> Date: Wed, 12 Dec 2012 14:38:23 -0800 X-Google-Sender-Auth: Rxvk9D1QatkccT8hXviMMQFbcgk Message-ID: Subject: Re: svn commit: r244112 - head/sys/kern From: Adrian Chadd To: Andriy Gapon Content-Type: text/plain; charset=ISO-8859-1 Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, Alfred Perlstein , src-committers@freebsd.org, John Baldwin X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Dec 2012 22:38:26 -0000 There are two parts to this; * don't compile in invariants. Panics panic. Invariant conditions aren't checked. You end up with data corruption still if there are bugs. * compile in invariants. Panics panic. Invariant conditions are checked and immediately panic. You can't run this in production to get debugging info because our debugging info is "create a crash dump and reboot." Now, the crash dump is great for us developers. But crap for say, a file server. If it's some very subtle issue that only occasionally pops up once a week and doesn't obviously screw with your data: * you can enable invariants and get a crash dump each time - then us developers get lots of information, but the user experiences outages once a week; * they just give the hell up, disable invariants in production and occasionally hit odd issues they can't explain. So now there's a third option: * enable invariants, get told when you hit that condition, and continue running. Now, we ship _right now_ generic with INVARIANTS disabled, because in theory the releases are supposed to be stable enough for us not to need the extra debugging information. That means that for those very occasional, very subtle bugs that invariants may catch, we don't have any way of getting told about them. Now, enabling some alternative to panic() is a different story and not what's being addressed here. HTH, Adrian