[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <200803061132.54554.rusty@rustcorp.com.au>
Date: Thu, 6 Mar 2008 11:32:54 +1100
From: Rusty Russell <rusty@...tcorp.com.au>
To: Adrian Bunk <bunk@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Alexey Dobriyan <adobriyan@...il.com>
Subject: Re: [PATCH 2/2] modules: Whine about suspicious return values from module's ->init() hook
On Thursday 06 March 2008 10:04:45 Adrian Bunk wrote:
> On Tue, Mar 04, 2008 at 11:22:26PM +1100, Rusty Russell wrote:
> > Subject: Whine about suspicious return values from module's ->init() hook
> > Date: Mon, 11 Feb 2008 01:09:06 +0300
> > From: Alexey Dobriyan <adobriyan@...il.com>
> >
> > Return value convention of module's init functions is 0/-E. Sometimes,
> > e.g. during forward-porting mistakes happen and buggy module created,
> > where result of comparison "workqueue != NULL" is propagated all the way
> > up to sys_init_module. What happens is that some other module created
> > workqueue in question, our module created it again and module was
> > successfully loaded.
> >
> > Or it could be some other bug.
> >
> > Let's make such mistakes much more visible. In retrospective, such
> > messages would noticeably shorten some of my head-scratching sessions.
> >
> > Note, that dump_stack() is just a way to get attention from user.
> > Sample message:
> >
> > sys_init_module: 'foo'->init suspiciously returned 1, it should follow
> > 0/-E convention sys_init_module: loading module anyway...
> >...
>
> While I agree with Andrew that a BUG() would not be appropriate here I'm
> wondering why the module should be loaded?
>
> We do know that something in the module is buggy.
Unfortunately not: it's a semantic change. Previously as per Unix standard,
>=0 was good, < 0 was bad. This resulted in some confusion, and so Alexey
proposed tightening the rules, to only allow <= 0 values.
So we don't know that the module is buggy. It's possible that it's returning
ENODEV instead of -ENODEV, but it's also possible that it's returning 1 to
mean "ok".
> And not loading the module also seems to be a good compromise between
> making the user notice the problem and not doing a panic().
Depends which way the failure is. Andrew said not to break existing systems.
To avoid this, we'd need an audit which noone wants to do, so we're being
lazy.
Hope that clarifies my thinking,
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists