On Thu, Oct 01, 2020 at 01:01:20PM +0200, Greg KH wrote:
On Wed, Sep 30, 2020 at 03:50:46PM -0700, Dave Ertman wrote:
+int ancillary_device_initialize(struct ancillary_device *ancildev) +{
- struct device *dev = &ancildev->dev;
- dev->bus = &ancillary_bus_type;
- if (WARN_ON(!dev->parent) || WARN_ON(!ancildev->name) ||
WARN_ON(!(dev->type && dev->type->release) && !dev->release))return -EINVAL;You have a lot of WARN_ON() calls in this patch. That blows up anyone who runs with panic-on-warn, right?
AFAIK this is the standard pattern to code a "can't happen" assertion. Linus has been clear not to use BUG_ON, but to try and recover. The WARN_ON directly points to the faulty driver so it can be fixed.
panic-on-warn is a good thing because it causes fuzzers to report a "can't happen" condition as a failure.
In a real production system if any of these trigger it means the kernel has detected an internal integrity problem (corrupted memory, code, ROP attempt, etc). People using panic-on-warn absolutely want their kernel to stop of it is not functioning properly to protect data-integrity.
Jason