From: Matt Mackall <mpm@selenic.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Dave Jones <davej@redhat.com>
Subject: Re: [PATCH] Make WARN_ON/WARN_ON_ONCE no-ops when CONFIG_BUG is off
Date: Fri, 14 Dec 2007 23:52:18 -0600 [thread overview]
Message-ID: <20071215055218.GM19691@waste.org> (raw)
In-Reply-To: <20071215041659.GB25324@gondor.apana.org.au>
On Sat, Dec 15, 2007 at 12:16:59PM +0800, Herbert Xu wrote:
> On Fri, Dec 14, 2007 at 12:02:46PM -0600, Matt Mackall wrote:
> >
> > I added CONFIG_BUG, and I think the current behavior is correct. As
> > you've noticed, we have to evaluate condition, it may have
> > side-effects. And if code does:
> >
> > /* this indicates a driver bug, report and fail gracefully */
> > if (WARN_ON(val == NULL))
> > return -EFAULT;
>
> That's exactly the sort of use I had in mind :) I'm actually the
> one who added the ability to use WARN_ON inside an if clause.
>
> Just as the case of a BUG_ON, a WARN_ON should never occur in
> practice, unless there is a bug which the code is not aware of.
Agreed.
> As such we want it to go away completely if CONFIG_BUG is off.
No. The code as written above should reduce to:
if (val == NULL)
return -EFAULT;
If I hadn't wanted to return -EFAULT in this case, I would have just written:
WARN_ON(val == NULL);
I don't want code that was running safely (ie returning -EFAULT) to
start crashing the system just because I've, say, disabled printk.
That's creating an obnoxious heisenbug.
> > ..we surely want it to continue returning -EFAULT, regardless of
> > whether we log it, no? What use case did you have in mind?
>
> If you're using it for a scenario which is known to actually
> occur, then some other mechanism should be chosen in place of
> WARN_ON.
Then I kindly submit that you should instead withdraw the code that
allows you to use WARN_ON in a condition in the first place.
Note that Dave Jones is currently poking at making WARN_ON
out-of-line, so you're liable to collide with him.
--
Mathematics is the supreme nostalgia of our time.
next prev parent reply other threads:[~2007-12-15 5:53 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-14 13:27 [PATCH] Make WARN_ON/WARN_ON_ONCE no-ops when CONFIG_BUG is off Herbert Xu
2007-12-14 18:02 ` Matt Mackall
2007-12-15 4:16 ` Herbert Xu
2007-12-15 5:52 ` Matt Mackall [this message]
2007-12-15 6:04 ` Herbert Xu
2007-12-15 6:12 ` Matt Mackall
2007-12-15 6:31 ` Herbert Xu
2007-12-15 6:52 ` Herbert Xu
2007-12-15 17:54 ` Matt Mackall
2007-12-15 6:45 ` Dave Jones
2007-12-15 6:22 ` Benjamin Herrenschmidt
2007-12-15 6:31 ` Benjamin Herrenschmidt
2007-12-15 6:34 ` Herbert Xu
2007-12-15 18:12 ` Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071215055218.GM19691@waste.org \
--to=mpm@selenic.com \
--cc=akpm@linux-foundation.org \
--cc=davej@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox