KASSERT: always assert; KWARN
Conrad Meyer
cem at FreeBSD.org
Wed May 11 01:24:28 UTC 2016
I'd like to logically revert r243980 and r244105, such that KASSERT
uses the __dead2-annotated panic(9).
Going back to the old behavior enables Coverity and other static
analyzers to reason about KASSERT invariants via the __dead2 panic(9)
path.
This proposal is in https://reviews.freebsd.org/D6117 .
As a follow-up, to match the assumed intent of the r243980 changes, I
propose a KWARN facility which may be muted, rate limited, or even
cause panic. Generally, KASSERTs should not be KWARNs. That proposal
is here: https://reviews.freebsd.org/D6134
Finally, I am looking for suggestions of things it *does* make sense
to KWARN about. One suggestion was witness_warn; however, it doesn't
seem like a great fit (without adding allocating sbufs in, anyway). A
sketch of that is in https://reviews.freebsd.org/D6306 .
Thoughts or objections? Does anyone like the ability to opt out of
invariants asserts?
Best,
Conrad
More information about the freebsd-arch
mailing list