lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wh3_NkjfHmhTSMsHVxVji1+Fp_f_SByFRspR+KW4uqWWQ@mail.gmail.com>
Date:   Sun, 8 Nov 2020 10:04:35 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "the arch/x86 maintainers" <x86@...nel.org>
Subject: Re: [GIT pull] locking/urgent for 5.10-rc3

On Sun, Nov 8, 2020 at 7:24 AM Thomas Gleixner <tglx@...utronix.de> wrote:
>
> A single fix for the futex code where an intermediate state in the
> underlying RT mutex was not handled correctly and triggering a BUG()
> instead of treating it as another variant of retry condition.

I'd just like to point out that the old code was *exactly* the kind of
code that I've been ranting about forever.

BUG_ON() is not a debug aid. If it's a "cannot happen" condition, you
don't write any code for it at all. And if it's a "I'm not sure this
cannot happen", you either handle it (like this patch does), or you do
a "WARN_ON()" with proper cleanup.

Using BUG_ON() is never the right thing to do, unless you can explain
why the condition is some kind of fatal corruption thing where you
cannot do cleanup, and cannot just ignore it.

And so often - and this case doesn't look different - a BUG_ON() will
cause serious kernel issues, including locks held that may well cause
fundamental problems downstream for users even reporting the BUG to
anybody else.

This particular BUG_ON seems to be three years old, so clearly very
hard to hit. Or possibly very hard to report? Regardless, please
people, keep the whole "BUG_ON() is evil and wrong" in mind.

                 Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ