lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160719182328.GB85399@google.com>
Date:	Tue, 19 Jul 2016 11:23:28 -0700
From:	Brian Norris <computersforpeace@...il.com>
To:	Boris Brezillon <boris.brezillon@...e-electrons.com>
Cc:	Andrey Smirnov <andrew.smirnov@...il.com>,
	Richard Weinberger <richard@....at>,
	linux-mtd@...ts.infradead.org,
	David Woodhouse <dwmw2@...radead.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] mtd: nand: BUG_ON in case of no select_chip and
 cmd_ctrl

On Tue, Jul 19, 2016 at 08:16:11PM +0200, Boris Brezillon wrote:
> On Tue, 19 Jul 2016 11:11:54 -0700
> Andrey Smirnov <andrew.smirnov@...il.com> wrote:
> 
> > On Tue, Jul 19, 2016 at 9:22 AM, Richard Weinberger <richard@....at> wrote:
> > > Am 19.07.2016 um 18:12 schrieb Boris Brezillon:  
> > >>>> Not sure a BUG_ON() is worst than a NULL-pointer exception ;-).  
> > >>>
> > >>> When this really just triggers a NULL-pointer exception, we don't need a BUG_ON or WARN_ON at
> > >>> all since the kernel can tell anyway what went wrong.  
> > >>
> > >> Hm, that's not entirely true, depending on your debug options you don't
> > >> have all the information to guess which line triggered the NULL pointer
> > >> exception, and this makes it harder to debug.
> > >> And I agree with Andrey here, it's better to complain at registration
> > >> time than letting the controller register all its NAND devices and
> > >> generate exceptions when the NAND is really used.
> > >>
> > >> BTW, I don't quite understand the rational behind BUG_ON() eradication.
> > >> I agree that they should not be used when the driver can recover from a
> > >> specific failure, but that's not really the case here (some NAND
> > >> controller drivers don't check nand_scan_tail() or nand_scan() return
> > >> code).  
> > >
> > > I've been told that new code (except core code) should not BUG()/_ON().
> > >  
> > >> The best solution would probably be to patch all those drivers and then
> > >> return an error when one of the mandatory hooks is missing, but in the
> > >> meantime I don't see any problem in adding BUG_ON() calls.  
> > >
> > > Yes, definitely.  
> > 
> > I don't have any preferences as far BUG_ON/WARN_ON are concerned and
> > am more than happy to change one for another.
> > 
> > The reason I came up with that patch is that I stumbled on that
> > segfault (by not providing custom select_chip() and not setting up
> > cmd_ctrl()) and it took me good 20 minutes to figure out the nature of
> > the problem, whereas, IMHO, having a BUG/WARN statement at the would
> > have been more self-documenting/explanatory.

Would a normal print statement and error return have helped, like most
sane drivers? Like:

	if (!chip->cmd_ctrl) {
		pr_err("No cmd_ctrl() provided\n");
		return -EINVAL;
	}

> > What if I modify the patch to change nand_set_default's signature to
> > return a error code, add corresponding checking in
> > nand_get_flash_type()/nand_scan_ident() and replace BUG_ON with
> > WARN_ON? Would it be more agreeable solution?

Sounds better to me, though I still don't see why even WARN_ON() is
necessary. I guess we are infected by plenty of those already anyway,
since I guess that's easier than writing a descriptive error message...

> Agreed.

Glad we're on mostly the same page.

Brian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ