Date: Sun, 25 Nov 2012 14:20:12 +0000 From: Attilio Rao <attilio@freebsd.org> To: Pawel Jakub Dawidek <pjd@freebsd.org> Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>, Adrian Chadd <adrian@freebsd.org>, Giovanni Trematerra <giovanni.trematerra@gmail.com>, freebsd-arch@freebsd.org Subject: Re: [RFQ] make witness panic an option Message-ID: <CAJ-FndCuvctScmCzV_9qgEJ4mfbPtGX%2BtJG8SGyezHoTvrhe9Q@mail.gmail.com> In-Reply-To: <20121125131252.GJ1460@garage.freebsd.pl> References: <CAJ-Vmo=i=Amo_QqHi4GnGie0Gc0YnK3XaRKjvBO-=SFboFYPmA@mail.gmail.com> <CACfq090EiEiG7Ou2ZMUafWN6GLT9RNK1Q4tiOHnOBWe8GYJDjA@mail.gmail.com> <CAJ-VmonE3myRyeZ%2BAe0ZOXf7wKvC44rRVkFfDaEwnk8C-=5uoA@mail.gmail.com> <CAJ-FndCZPand_rx_uXUeetGMUZu1syGwjdFS7jv9BwdzuXvXOA@mail.gmail.com> <20121125123920.GI1460@garage.freebsd.pl> <CAJ-FndCnfqG4b_StS26WcPT-RhAhvJOOVryJ7rhi__y8Xkr92g@mail.gmail.com> <20121125131252.GJ1460@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 25, 2012 at 1:12 PM, Pawel Jakub Dawidek <pjd@freebsd.org> wrote: > On Sun, Nov 25, 2012 at 12:42:16PM +0000, Attilio Rao wrote: >> On Sun, Nov 25, 2012 at 12:39 PM, Pawel Jakub Dawidek <pjd@freebsd.org> wrote: >> > WITNESS is a development tool. We don't ship production kernels with >> > WITNESS even compiled in. What is more efficient use of developer time: >> > going through full reboot cycle every time or reading the warning from >> > console, unloading a module, fixing the bug and loading it again? >> > >> > And if this option is turned off by default what is the problem? >> >> Yes, so, why do you write here? > > I'm trying to understand why do you object. Until now the only concern > you have that I found is that you are afraid of it being abused. I don't > see how this can be abused if it is turned off by default. If someone > will commit a change that will turn it on by default, believe me, I'll > unleash hell personally. > > As I said, WITNESS is development tool, a very handy one. This doesn't > mean we can't make it even more handy. It is there to help find bugs > faster, right? Adrian is proposing a change that will make it help to > find and fix bugs maybe even faster. > >> Go ahead and fix BLESSED, make it the default, etc. > > This is another story, but BLESSED is much less controversial to me. > It is turned off by default in assumption that all the code that runs in > our kernel is developed for FreeBSD, which is not true. For example ZFS > is, I think, the biggest locking consumer in our kernel (around 120 > locks), which wasn't originally developed for FreeBSD and locking order > was verified using different tools. Now on FreeBSD it triggers massive > LOR warnings from WITNESS, eventhough those are not bugs. At some point > I verified many of them and they were all false-positives, so I simply > turned off WITNESS warnings for ZFS locks. Why? Because BLESSED is > turned off in fear of abuse, and this is turn is the cause of mentioned > hack in ZFS. Just a few notes about this: to my knowledge you never discussed publically this. WITNESS is not a perfect tool and it has several issues (I tried to summarize them a bit at the beginning of this thread), where the biggest problem is that its file/line approach doesn't help when willing to shutdown specific LOR without shutting down all of them involving the lock pair, etc. I have no idea what are the problems you are facing here with WITNESS and ZFS but if you could summarize them we can work on getting something which is useful also with ZFS. Attilio -- Peace can only be achieved by understanding - A. Einstein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-FndCuvctScmCzV_9qgEJ4mfbPtGX%2BtJG8SGyezHoTvrhe9Q>