Re: [PATCH v2 01/17] powerpc/mm: Don't BUG() in hugepd_page()

[Christophe Leroy]

Le 02/05/2019 Ã 14:02, Michael Ellerman a ÃcritÂ:
> Christophe Leroy <christophe.leroy@xxxxxx> writes:
> > Use VM_BUG_ON() instead of BUG_ON(), as those BUG_ON()
> > are not there to catch runtime errors but to catch errors
> > during development cycle only.
>
> I've dropped this one and the next, because I don't like VM_BUG_ON().
>
> Why not? Because it's contradictory. It's a condition that's so
> important that we should BUG, but only if the kernel has been built
> specially for debugging.
>
> I don't really buy the development cycle distinction, it's not like we
> have a rigorous test suite that we run and then we declare everything's
> gold and ship a product. We often don't find bugs until they're hit in
> the wild.
>
> For example the recent corruption Joel discovered with STRICT_KERNEL_RWX
> could have been caught by a BUG_ON() to check we weren't patching kernel
> text in radix__change_memory_range(), but he wouldn't have been using
> CONFIG_DEBUG_VM. (See 8adddf349fda)
>
> I know Aneesh disagrees with me on this, so maybe you two can convince
> me otherwise.

I have no strong oppinion about this. In v1, I replaced them with a 
WARN_ON(), and Aneesh suggested to go with VM_BUG_ON() instead.

My main purpose was to reduce the amount of BUG/BUG_ON and I thought 
those were good candidates, but if you prefer keeping the BUG(), that's 
ok for me. Or maybe you prefered v1 alternatives (series at 
https://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=98170) ?

Christophe