On Mon, 17 Mar 2014, Mike Snitzer wrote: > On Mon, Mar 17 2014 at 1:43pm -0400, > Mike Snitzer <snitzer@xxxxxxxxxx> wrote: > > > On Mon, Mar 17 2014 at 1:08pm -0400, > > Mikulas Patocka <mpatocka@xxxxxxxxxx> wrote: > > > > > > > > Regarding REQ_FLUSH - it would already crash on NULL pointer dereference > > > when accessing *tio->len_ptr. > > I realize if any of these BUG_ON checks hits the calling target code has > a bug. I just think it a fairly harsh response to BUG the system. But > I can let this issue go. > > I do however want you to add yet another BUG_ON for any bio that isn't > meant to be sent to this interface (only one so far is REQ_FLUSH AFAIK). Then, it triggers NULL pointer dereference. You don't have to add BUG_ON for it, it crashes anyway. BTW. just a quote from a historical article to show how far have these attempts to handle errors went - about half of the code in Multics was error recovery (http://www.multicians.org/unix.html): We went to lunch afterward, and I remarked to Dennis that easily half the code I was writing in Multics was error recovery code. He said, "We left all that stuff out. If there's an error, we have this routine called panic, and when it is called, the machine crashes, and you holler down the hall, 'Hey, reboot it.'" Mikulas -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
