tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: marking kern_assert(9) as __dead, and recursive panics

On Sun, 10 Feb 2013, Alan Barrett wrote:
* Remove the panicstr test from kern_assert() in
 sys/lib/libkern/kern_assert.c, so that KASSERT, KASSERTMSG and
 friends do not degenerate to no-ops after a panic.

 I don't know a reason for making all kernel asserts degenerate
 to no-ops, but I imagine that it might have been a workaround
 for problems with recursive panics, and I propose to address
 recursive panics directly (see below).

 I can also imagine that there are particular kernel asserts
 that need to degenerate to no-ops after a panic, and I suggest
 explicitly rewriting them in terms of (panicstr != NULL ||
 <other tests>).  I have not attempted to identify such asserts.

People have informed me that, when debugging a kernel after a panic, they often want to call functions that may hit assertion failures, and the particular asserts cannot reasonably be identified in advance, so it's useful for all kernel asserts to degenerate to no-ops after a panic.

I will produce a revised proposal that retains this feature which people obviously want. My current ideas are to print a message about the fact that the assertion failure was ignored (instead of silently ignoring the assertion failure), and to use ifdefs to allow static analysers to behave as if the assertion failures are never ignored.

--apb (Alan Barrett)

Home | Main Index | Thread Index | Old Index