lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 8 Jun 2015 11:11:32 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	Alexander Holler <holler@...oftware.de>
Cc:	Richard Weinberger <richard.weinberger@...il.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Tejun Heo <htejun@...il.com>,
	Louis Langholtz <lou_langholtz@...com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Trivial patch monkey <trivial@...nel.org>,
	Rusty Russell <rusty@...tcorp.com.au>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Thomas Gleixner <tglx@...utronix.de>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH] debug: Deprecate BUG_ON() use in new code, introduce
 CRASH_ON()


* Ingo Molnar <mingo@...nel.org> wrote:

> Firstly, the changelog of the patch that Greg rejected told nothing about all 
> that thinking, so at minimum it's a deficient changelog.
> 
> Secondly and more importantly, instead of doing a BUG_ON() you could have done:
> 
> 	if (WARN_ON_ONCE(port->itty))
> 		return;
> 
> This would probably have prevented the tty related memory corruption just as 
> much, at the cost of a (small and infrequent) memory leak.
> 
> I.e. instead of crashing the machine, you need to try to find the least 
> destructive approach if a bug is detected.

Also note that BUG_ON() will make data corruption _worse_ statistically. Why? 
Because most data corruptions are unlikely to be perfectly detected by a BUG_ON(), 
and the BUG_ON() delays the finding of the underlying bug, so the bug will hit 
more people before it's fixed for good.

So even in the cases where you could argue that the system needs to stop, because 
we have evidence of data corruption, it's statistically the better approach to 
continue and get kernel log info back to developers.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ