Date: Sat, 13 May 2006 10:52:32 -0500 From: "Matthew D. Fuller" <fullermd@over-yonder.net> To: Kris Kennaway <kris@obsecurity.org> Cc: freebsd-stable@FreeBSD.org Subject: INVARIANTS (was Re: RELENG_4 -> 5 -> 6: significant performance regression) Message-ID: <20060513155232.GF3874@over-yonder.net> In-Reply-To: <20060513143740.GA46313@xor.obsecurity.org> References: <20060427160536.M96305@atlantis.atlantis.dp.ua> <20060427181226.GA66431@xor.obsecurity.org> <20060428122448.K57436@atlantis.atlantis.dp.ua> <20060428182818.GA10410@xor.obsecurity.org> <20060512161836.R75964@atlantis.atlantis.dp.ua> <20060513020051.GB18438@xor.obsecurity.org> <20060513084236.W74146@atlantis.atlantis.dp.ua> <20060513143740.GA46313@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 13, 2006 at 10:37:40AM -0400 I heard the voice of Kris Kennaway, and lo! it spake thus: > > With respect to INVARIANTS, you just need to get used to the fact > that running thousands of checks for bugs is incompatible with > running at optimal speed. (I'm not sure what the point of saying this is, really, but I'll say it anyway.) I've run all my systems with INVARIANTS for at least as long as I've known it was there. While more performance is always good, hardly any of my systems are so constrained as to need every bit of suds all the time; trading off a bit of performance for a better chance of catching a problem before it really screws something up is just a no-brainer. Additionally (and especially on -CURRENT), I run it because I think more people run it than don't, and while theoretically it should just add checks, I know there are places where it changes code paths much more than that. So, the !(INVARIANTS) code paths don't get exercised as much, and I worry about bugs hiding there that don't get found (I think I recall a case or three over the years of just that happening). Like everyone, I'm sure, I'm all for ferreting out bugs and getting them fixed, but I'd rather not have to bust my virtual face on the virtual concrete to do it ;) It's totally worth wasting 2% of the system on adding that security. Heck, maybe even 5%. But 10%? 25%? I wonder. It's been a long time since I had a system fall over from a KASSERT, but due to the code path issues, I'm not sure that really means I'm "safe" without it. Yeah, I was right, there wasn't really much point in there. But I typed it, so y'all have to read it now :p -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ On the Internet, nobody can hear you scream.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060513155232.GF3874>