Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 13 May 2006 10:52:32 -0500
From:      "Matthew D. Fuller" <fullermd@over-yonder.net>
To:        Kris Kennaway <kris@obsecurity.org>
Cc:        freebsd-stable@FreeBSD.org
Subject:   INVARIANTS (was Re: RELENG_4 -> 5 -> 6: significant performance regression)
Message-ID:  <20060513155232.GF3874@over-yonder.net>
In-Reply-To: <20060513143740.GA46313@xor.obsecurity.org>
References:  <20060427160536.M96305@atlantis.atlantis.dp.ua> <20060427181226.GA66431@xor.obsecurity.org> <20060428122448.K57436@atlantis.atlantis.dp.ua> <20060428182818.GA10410@xor.obsecurity.org> <20060512161836.R75964@atlantis.atlantis.dp.ua> <20060513020051.GB18438@xor.obsecurity.org> <20060513084236.W74146@atlantis.atlantis.dp.ua> <20060513143740.GA46313@xor.obsecurity.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 13, 2006 at 10:37:40AM -0400 I heard the voice of
Kris Kennaway, and lo! it spake thus:
> 
> With respect to INVARIANTS, you just need to get used to the fact
> that running thousands of checks for bugs is incompatible with
> running at optimal speed.

(I'm not sure what the point of saying this is, really, but I'll say
it anyway.)

I've run all my systems with INVARIANTS for at least as long as I've
known it was there.  While more performance is always good, hardly any
of my systems are so constrained as to need every bit of suds all the
time; trading off a bit of performance for a better chance of catching
a problem before it really screws something up is just a no-brainer.

Additionally (and especially on -CURRENT), I run it because I think
more people run it than don't, and while theoretically it should just
add checks, I know there are places where it changes code paths much
more than that.  So, the !(INVARIANTS) code paths don't get exercised
as much, and I worry about bugs hiding there that don't get found (I
think I recall a case or three over the years of just that happening).
Like everyone, I'm sure, I'm all for ferreting out bugs and getting
them fixed, but I'd rather not have to bust my virtual face on the
virtual concrete to do it    ;)

It's totally worth wasting 2% of the system on adding that security.
Heck, maybe even 5%.  But 10%?  25%?  I wonder.  It's been a long time
since I had a system fall over from a KASSERT, but due to the code
path issues, I'm not sure that really means I'm "safe" without it.


Yeah, I was right, there wasn't really much point in there.  But I
typed it, so y'all have to read it now    :p


-- 
Matthew Fuller     (MF4839)   |  fullermd@over-yonder.net
Systems/Network Administrator |  http://www.over-yonder.net/~fullermd/
           On the Internet, nobody can hear you scream.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060513155232.GF3874>