On Fri, Jun 20, 2014 at 1:42 AM, Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: >> I'm actually concerned about this trend. Downgrading things to WARN_ON >> can allow a security bug in the kernel to continue to exist, for >> example, or make the error message disappear. > > A BUG_ON makes any error message disappear pretty quickly :) > > I'm talking about foolish "ASSERT-like" BUG_ON that driver authors like > to add to their code when writing it to catch things they are messing > up. After the code is working, they should be removed, like this one. Well except for cases where it's super performance critical I like to retain these WARN_ON asserts (not BUG_ON). "Is the logic sufficient locked down with WARN_ONs?" is actually one of the main review criteria I have for i915 patches, especially on the modeset side. They're a bit an annoyance for distro's since they result in a constant (but ever shifting) stream of backtraces, but for me they serve as an excellent early warning sign when our driver has yet again lost its marbles (or at least some) way before something user-visibly bad happens. And for those screaming that these checks should be hidden behind a config option and only enabled for validation: Nope, there's too many combinations of display hardware out there and I simply need our entire user base to serve as guinea pigs. There's really no other way to validate this mess called drm/i915. -Daniel -- Daniel Vetter Software Engineer, Intel Corporation +41 (0) 79 365 57 48 - http://blog.ffwll.ch _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/dri-devel