www.infradead.org Git - users/dwmw2/linux.git/commit

author	Linus Torvalds <torvalds@linux-foundation.org>
	Sun, 10 Jul 2022 20:55:49 +0000 (13:55 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 12 Jul 2022 14:32:23 +0000 (16:32 +0200)
commit	e23cfb3fdcbbc5eb11eeebb97fa2607cd740bd97
tree	669c31dfa69c481fca6aec7383860a285410f1dd	tree
parent	37995f034ff20933f1da12203753a5e6957813d7	commit \| diff

ida: don't use BUG_ON() for debugging

commit fc82bbf4dede758007763867d0282353c06d1121 upstream.

This is another old BUG_ON() that just shouldn't exist (see also commit
a382f8fee42c: "signal handling: don't use BUG_ON() for debugging").

In fact, as Matthew Wilcox points out, this condition shouldn't really
even result in a warning, since a negative id allocation result is just
a normal allocation failure:

  "I wonder if we should even warn here -- sure, the caller is trying to
   free something that wasn't allocated, but we don't warn for
   kfree(NULL)"

and goes on to point out how that current error check is only causing
people to unnecessarily do their own index range checking before freeing
it.

This was noted by Itay Iellin, because the bluetooth HCI socket cookie
code does *not* do that range checking, and ends up just freeing the
error case too, triggering the BUG_ON().

The HCI code requires CAP_NET_RAW, and seems to just result in an ugly
splat, but there really is no reason to BUG_ON() here, and we have
generally striven for allocation models where it's always ok to just do

    free(alloc());

even if the allocation were to fail for some random reason (usually
obviously that "random" reason being some resource limit).

Fixes: 88eca0207cf1 ("ida: simplified functions for id allocation")
Reported-by: Itay Iellin <ieitayie@gmail.com>
Suggested-by: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>