Date: Wed, 06 Sep 2000 00:30:06 +0100 From: Paul Richards <paul@netsynergy.co.uk> To: Don Lewis <truckman@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern init_main.c kern_exec.c kern_exit.ckern_fork.c kern_proc.c kern_prot.c kern_resource.c uipc_socket.cuipc_socket2.c uipc_usrreq.c vfs_aio.c src/sys/sys proc.hresourcevar.h ucred.h Message-ID: <39B581FE.7E78128B@netsynergy.co.uk> References: <200009052211.PAA70424@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Don Lewis wrote: > > Change KASSERTs in this code to unconditional tests and calls to panic(). I think we should have some style guidelines about KASSERTS, INVARIANTS and panic et al. I don't think panic should be used unless it is an environmental effect that the kernel needs to trap i.e. a disk is failing and it's better to panic if data looks funny than make corruption worse, for example. A panic shouldn't be used to catch bugs, those should be tested for using debugging tools such as KASSERTS wrapped in INVARIANTS, even if they then call panic to get a core dump. (I haven't looked at these diffs and there may be good security reasons for always checking and calling panic in this case but in general there's been a trend recently to put debugging code in the production code rather than putting it inside INVARIANTS.) Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39B581FE.7E78128B>