On 15/11/2012 16:11, Guillem Jover wrote: > On Wed, 2012-11-14 at 15:23:51 -0800, Steve Langasek wrote: >> On Wed, Nov 14, 2012 at 04:05:12PM +0000, Roger Leigh wrote: >>> If you want a reliable system, you need a reliable PID 1. Putting >>> additional complexity into PID1 increases the likelihood that a >>> bug will bring down your *entire system*. PID 1 is a single point >>> of failure. It *must* be absolutely dependable and reliable. >>> Upstart is also AFAIK at fault here. >> >> [Citation needed] >> >> Upstart provides a PID 1 that is absolutely rock solid. It's true that it's >> more complex than sysvinit, because it's more featureful; but great care has >> been taken to only pull the features into PID 1 that absolutely have to be >> there, and the implementation of those features is very elegant and >> maintainable.[1] >> >> Aside from libc, upstart has only two external library dependencies (three >> in trunk), dbus and nih: >> >> $ objdump -p /sbin/init | grep NEEDED > ... >> NEEDED libnih-dbus.so.1 >> NEEDED libdbus-1.so.3 > ... >> $ >> >> And upstart is rigorously unit-tested at build time. >> >> That's a far cry from systemd's 8 external dependencies: >> >> $ objdump -p /lib/systemd/systemd | grep NEEDED > ... >> NEEDED libdbus-1.so.3 > ... >> $ > > TBH, I'd not trust my system to *any* critical service that uses dbus, > AFAIK it still asserts on error conditions (including non-programmer > errors). Whenever I've had to code a critical service that needed to > use dbus, I've confined its execution to a subprocess.
AFAIK g_assert() and assert() get compiled into nothing when debugging is turned off, which is what's done for release builds. -- Kind regards, Loong Jin
signature.asc
Description: OpenPGP digital signature
