• Davidlohr Bueso's avatar
    ipc: convert invalid scenarios to use WARN_ON · 6e82212c
    Davidlohr Bueso authored
    [ Upstream commit d0edd852 ]
    
    Considering Linus' past rants about the (ab)use of BUG in the kernel, I
    took a look at how we deal with such calls in ipc.  Given that any errors
    or corruption in ipc code are most likely contained within the set of
    processes participating in the broken mechanisms, there aren't really many
    strong fatal system failure scenarios that would require a BUG call.
    Also, if something is seriously wrong, ipc might not be the place for such
    a BUG either.
    
    1. For example, recently, a customer hit one of these BUG_ONs in shm
       after failing shm_lock().  A busted ID imho does not merit a BUG_ON,
       and WARN would have been better.
    
    2. MSG_COPY functionality of posix msgrcv(2) for checkpoint/restore.
       I don't see how we can hit this anyway -- at least it should be IS_ERR.
        The 'copy' arg from do_msgrcv is always set by calling prepare_copy()
       first and foremost.  We could also probably drop this check altogether.
        Either way, it does not merit a BUG_ON.
    
    3. No ->fault() callback for the fs getting the corresponding page --
       seems selfish to make the system unusable.
    Signed-off-by: default avatarDavidlohr Bueso <dbueso@suse.de>
    Cc: Manfred Spraul <manfred@colorfullife.com>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
    6e82212c
msgutil.c 3.65 KB