Date: Sat, 21 Apr 2018 10:58:59 -0700 From: Conrad Meyer <cem@freebsd.org> To: Bruce Evans <brde@optusnet.com.au> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r332860 - head/sys/kern Message-ID: <CAG6CVpU2pF1qq69kze2rFfbe2fASJ=X9pohFqSppcqK2K-ENCg@mail.gmail.com> In-Reply-To: <20180422032027.D1653@besplex.bde.org> References: <201804211705.w3LH50Dk056339@repo.freebsd.org> <20180422032027.D1653@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 21, 2018 at 10:41 AM, Bruce Evans <brde@optusnet.com.au> wrote: > panic() can't return, but I see that KASSERT() has already been broken > to use kassert_panic() which does return in some cases including this > new one. Oddly enough, I find myself agreeing with Bruce on this. That kassert_panic does not always assert, during ordinary (non-panic) runtime, based on a runtime configurable toggle breaks the concept of invariants and confuses the heck out of static analyzers like Coverity. Ideally, we just remove it. IMO it is a crappy hack that should have remained in iX's local tree. If we want to be really generous, we can make it an off-by-default build option. Is anyone clamoring for allowing violation of multiple assertions without panic, other than Linus Torvalds? > KASSERT(9) is still documented to call panic(), and none of the options > to break it including this new one, or kassert_panic() itself are > documented in KASSERT(9) or in any other section 9 man page. Yeah. This is unfortunate :-(. Best, Conrad
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpU2pF1qq69kze2rFfbe2fASJ=X9pohFqSppcqK2K-ENCg>