From owner-svn-src-all@FreeBSD.ORG Wed Dec 12 17:06:24 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0DA609E; Wed, 12 Dec 2012 17:06:24 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-we0-f182.google.com (mail-we0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id E84E08FC12; Wed, 12 Dec 2012 17:06:22 +0000 (UTC) Received: by mail-we0-f182.google.com with SMTP id u54so418831wey.13 for ; Wed, 12 Dec 2012 09:06:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=DAhzWk/fjvbloefMjql2Ti8WiDIoJV+ieMomQOcBr8U=; b=Kd4gZT7TjTQ9641DmYl1uGs9N6cdKwP56bBjLw5uWuHxCkveZ3rEp7GI4BG/1JoEoG 5CE6QWW4WvYwzKbYQyMhj1xjrq+p8YIUnzoZYuGvKGOm+ly/eSAppB7rlXTDmCgQots9 vKwhJ2rNuvC6XmK0zsO2Ue+Jmbx9DxrTJvaIeXZAMVR1WBiYWyrg2aQPrI1YhD2u55UK ItxobgJJYgIhV9C4u+S2N1CgsqyTsvKb3a+3yWI1yFA3bufgnVIIGzzDdiodGAbQ+niD NOjOaGxtwFiZ4vEyQQfc37b0VO86VxnbvtXEeNjlUJxTOkt67KEbXRrT88HqF8hcKVTS WSyg== MIME-Version: 1.0 Received: by 10.180.104.69 with SMTP id gc5mr24094269wib.13.1355331982184; Wed, 12 Dec 2012 09:06:22 -0800 (PST) Sender: adrian.chadd@gmail.com Received: by 10.217.57.9 with HTTP; Wed, 12 Dec 2012 09:06:22 -0800 (PST) In-Reply-To: <201212121046.43706.jhb@freebsd.org> References: <201212110708.qBB78EWx025288@svn.freebsd.org> <201212121046.43706.jhb@freebsd.org> Date: Wed, 12 Dec 2012 09:06:22 -0800 X-Google-Sender-Auth: uJqPpGQklYocA9GEPmvBMd8ljMc Message-ID: Subject: Re: svn commit: r244112 - head/sys/kern From: Adrian Chadd To: John Baldwin Content-Type: text/plain; charset=ISO-8859-1 Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, Alfred Perlstein , src-committers@freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Dec 2012 17:06:24 -0000 kassert()s are already optional. Ie, you can choose to not compile them in. So the __dead2() code path bit for doing KASSERT() -> kassert_panic() at compile time isn't a problem. The problem is where you do panic() -> kassert_panic() (eg in the Witness code) which is what Alfred discovered shortly after doing up his initial patch. Anything which is a KASSERT() can and should be treated as a run-time warning just as much as a run-time "crash here so I can figure out what broke." Having the warning in a production box is going to be helpful for developers. Adrian On 12 December 2012 07:46, John Baldwin wrote: > On Tuesday, December 11, 2012 2:08:14 am Alfred Perlstein wrote: >> Author: alfred >> Date: Tue Dec 11 07:08:14 2012 >> New Revision: 244112 >> URL: http://svnweb.freebsd.org/changeset/base/244112 >> >> Log: >> Cleanup more of the kassert_panic. >> >> fix compile warnings on !amd64 and NULL derefs that would happen >> if kassert_panic() would return. > > This is one reason why having kassert not panic is such a bad idea. There are > tons of places where the compiler knows that panic() is __dead2, and there is > no cleanup code to handle what happens when an invariant is violated. This is > not safe to run in the field unless your customers do not care about their > data. If you are interested in doing regression tests, I am using a very > different approach for some locking regression tests I am working on in p4 > that allow you to use a wrapper around setjmp/longjmp to "catch" panics > somewhat like exception handling in C++/Java (though much cruder). However, > evne that is only intended for testing, not for production cases where > production data is at stake. > > -- > John Baldwin