Re: [PATCH RESEND] bug: When !CONFIG_BUG, simplify WARN_ON_ONCE and family

[One Thousand Gnomes]

> BUG() normally causes a fault and we print helpful messages before killing
> the task, and gcc knows we never continue because of the
> __builtin_unreachable() annotation.
> 
> If BUG() is defined as 'do { } while (0)' in the example above, we get
> a warning because the function may end without returning a number.
> If we define it to 'do { unreachable(); } while (0)', we don't get a
> warning, but we can get undefined behavior in the case we ever get to
> the end of the function.

That warning is the right thing though. In a lot of cases BUG(); is
followed by code that can lead to serious corruption and potentially
things like disk corruption following or security compromise.

We *should* be warning if you are stupid enough to build a kernel where
BUG() does not terminate.

While I agree defining it as do {} while(1); would be a lot smarter,
simply making it required that a platform provides an implementation of
BUG() would be even better. 

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/