On 08/23/2016 11:43 AM, Johanna Abrahamsson wrote:
On Mon, Aug 22, 2016 at 09:58:40AM -0700, Laura Abbott wrote:
The validate and BUG_ON are checking two slightly different things.
The BUG_ON is trying to catch blatantly wrong kernel users while the
validate is designed to catch races.
I still think BUG is a fairly harsh way to "catch" blatantly wrong kernel users. Is the worry about kernel users modifying the handle? Can't they modify the client as well in that case?
I was perhaps overzealous in removing the check altogether. Could we settle for a WARN_ON() and skipping the ref decrement? I think warning and leaking memory is preferrable to crashing the kernel.
Best Regards,
Johanna Abrahamsson
It's pretty harsh because the users of Ion need a less than subtle hint
that something is broken. From experience, warning and leaking memory
just leads to a system that limps along and warnings that get ignored.
At long as Ion is primarily used for Android, I think keeping the
BUG makes sense. If Ion ever gets a large amount of use outside of
Android, moving away from the bug would be appropriate.
Thanks,
Laura
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
