Commit d0edd852 authored by Davidlohr Bueso's avatar Davidlohr Bueso Committed by Linus Torvalds
Browse files

ipc: convert invalid scenarios to use WARN_ON 



Considering Linus' past rants about the (ab)use of BUG in the kernel, I
took a look at how we deal with such calls in ipc.  Given that any errors
or corruption in ipc code are most likely contained within the set of
processes participating in the broken mechanisms, there aren't really many
strong fatal system failure scenarios that would require a BUG call.
Also, if something is seriously wrong, ipc might not be the place for such
a BUG either.

1. For example, recently, a customer hit one of these BUG_ONs in shm
   after failing shm_lock().  A busted ID imho does not merit a BUG_ON,
   and WARN would have been better.

2. MSG_COPY functionality of posix msgrcv(2) for checkpoint/restore.
   I don't see how we can hit this anyway -- at least it should be IS_ERR.
    The 'copy' arg from do_msgrcv is always set by calling prepare_copy()
   first and foremost.  We could also probably drop this check altogether.
    Either way, it does not merit a BUG_ON.

3. No ->fault() callback for the fs getting the corresponding page --
   seems selfish to make the system unusable.

Signed-off-by: default avatarDavidlohr Bueso <dbueso@suse.de>
Cc: Manfred Spraul <manfred@colorfullife.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 8b235f2f

ipc/msgutil.c

+1 −1
Original line number Diff line number Diff line
@@ -123,7 +123,7 @@ struct msg_msg *copy_msg(struct msg_msg *src, struct msg_msg *dst) 
	size_t len = src->m_ts;

	size_t alen;



	BUG_ON(dst == NULL);

	WARN_ON(dst == NULL);

	if (src->m_ts > dst->m_ts)

		return ERR_PTR(-EINVAL);

ipc/shm.c

+2 −2
Original line number Diff line number Diff line
@@ -159,7 +159,7 @@ static inline struct shmid_kernel *shm_lock(struct ipc_namespace *ns, int id) 
	 * We raced in the idr lookup or with shm_destroy().  Either way, the

	 * ID is busted.

	 */

	BUG_ON(IS_ERR(ipcp));

	WARN_ON(IS_ERR(ipcp));



	return container_of(ipcp, struct shmid_kernel, shm_perm);

}
@@ -393,7 +393,7 @@ static int shm_mmap(struct file *file, struct vm_area_struct *vma) 
		return ret;

	sfd->vm_ops = vma->vm_ops;

#ifdef CONFIG_MMU

	BUG_ON(!sfd->vm_ops->fault);

	WARN_ON(!sfd->vm_ops->fault);

#endif

	vma->vm_ops = &shm_vm_ops;

	shm_open(vma);

CRA Git | Maintained and supported by SUSTech CRA and CCSE