svn commit: r334104 - in head/sys: netinet sys
Cy Schubert
Cy.Schubert at cschubert.com
Sat May 26 21:07:52 UTC 2018
In message <20180524044746.GX71675 at FreeBSD.org>, Gleb Smirnoff writes:
> On Thu, May 24, 2018 at 06:44:20AM +0200, Mateusz Guzik wrote:
> M> I fundamentally disagree with this part.
> M>
> M> If a known value of a given field is needed for assertion purposes, you
> M> can add (possibly conditional) code setting this specific value. It
> M> probably should not be zero if it can be helped.
> M>
> M> Conditional zeroing of the *whole* struct depending on invariants will
> M> *hide* uninitialized memory read bugs - production kernel will have
> M> whatever it happens to find, while *debug* kernel will guarantee to
> M> have all the values zeroed. In fact the flag actively combats redzoning.
> M> if the resulting allocation is zeroed, poisoning is actively neutered.
> M> But only if debug is enabled.
> M>
> M> That said, I find the change harmful.
>
> +1 on fundamentally disagree with M_ZERO_INVARIANTS. It makes the
> INVARIANTS-enabled kernels to crash _later_ than production kernels,
> since instead of uma_junk it places clean zeroes.
>
> May be changes like that deserve more than a 30 minute time frame for review?
+1. I think phab might help.
--
Cheers,
Cy Schubert <Cy.Schubert at cschubert.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
More information about the svn-src-head
mailing list