On Sun, 10 Feb 2013, Alan Barrett wrote:
* Remove the panicstr test from kern_assert() in sys/lib/libkern/kern_assert.c, so that KASSERT, KASSERTMSG and friends do not degenerate to no-ops after a panic. I don't know a reason for making all kernel asserts degenerate to no-ops, but I imagine that it might have been a workaround for problems with recursive panics, and I propose to address recursive panics directly (see below). I can also imagine that there are particular kernel asserts that need to degenerate to no-ops after a panic, and I suggest explicitly rewriting them in terms of (panicstr != NULL || <other tests>). I have not attempted to identify such asserts.
People have informed me that, when debugging a kernel after a panic, they often want to call functions that may hit assertion failures, and the particular asserts cannot reasonably be identified in advance, so it's useful for all kernel asserts to degenerate to no-ops after a panic.
I will produce a revised proposal that retains this feature which people obviously want. My current ideas are to print a message about the fact that the assertion failure was ignored (instead of silently ignoring the assertion failure), and to use ifdefs to allow static analysers to behave as if the assertion failures are never ignored.
--apb (Alan Barrett)