[PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
@ 2011-06-15 22:02 Pavel Roskin
  2011-06-16  9:08 ` Arend van Spriel
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Pavel Roskin @ 2011-06-15 22:02 UTC (permalink / raw)
  To: linux-wireless, John W. Linville

WARN_ON is not enough, as we cannot return a valid index, and the
callers will use whatever we return, causing a cascade of oopses and
eventually a panic.

Signed-off-by: Pavel Roskin <proski@gnu.org>
---
 0 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index e33fe79..d117019 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -3108,10 +3108,10 @@ rate_lowest_index(struct ieee80211_supported_band *sband,
 		if (rate_supported(sta, sband->band, i))
 			return i;
 
-	/* warn when we cannot find a rate. */
-	WARN_ON(1);
+	/* If we cannot find any rate, we are in trouble. */
+	BUG_ON(1);
 
-	return 0;
+	return -EINVAL;
 }
 
 static inline

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-15 22:02 [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails Pavel Roskin
@ 2011-06-16  9:08 ` Arend van Spriel
  2011-06-16 22:06   ` Pavel Roskin
  2011-06-16 10:22 ` Stanislaw Gruszka
  2011-06-19  8:05 ` Johannes Berg
  2 siblings, 1 reply; 8+ messages in thread
From: Arend van Spriel @ 2011-06-16  9:08 UTC (permalink / raw)
  To: Pavel Roskin; +Cc: linux-wireless, John W. Linville

On 06/16/2011 12:02 AM, Pavel Roskin wrote:
> WARN_ON is not enough, as we cannot return a valid index, and the
> callers will use whatever we return, causing a cascade of oopses and
> eventually a panic.
>
> Signed-off-by: Pavel Roskin<proski@gnu.org>
> ---
>   0 files changed, 0 insertions(+), 0 deletions(-)
>
> diff --git a/include/net/mac80211.h b/include/net/mac80211.h
> index e33fe79..d117019 100644
> --- a/include/net/mac80211.h
> +++ b/include/net/mac80211.h
> @@ -3108,10 +3108,10 @@ rate_lowest_index(struct ieee80211_supported_band *sband,
>   		if (rate_supported(sta, sband->band, i))
>   			return i;
>
> -	/* warn when we cannot find a rate. */
> -	WARN_ON(1);
> +	/* If we cannot find any rate, we are in trouble. */
> +	BUG_ON(1);
>
> -	return 0;
> +	return -EINVAL;
>   }

I would expect some description what the caller should do when -EINVAL 
is returned. Could even argue whether you want a BUG_ON or allow the 
caller (driver) to reset the hardware, reassociate, etc. upon -EINVAL. I 
am not sure under which circumstances this could happen so there may 
really be no way out.

Gr. AvS

-- 
Almost nobody dances sober, unless they happen to be insane.
-- H.P. Lovecraft --



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-15 22:02 [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails Pavel Roskin
  2011-06-16  9:08 ` Arend van Spriel
@ 2011-06-16 10:22 ` Stanislaw Gruszka
  2011-06-16 22:08   ` Pavel Roskin
  2011-06-19  8:05 ` Johannes Berg
  2 siblings, 1 reply; 8+ messages in thread
From: Stanislaw Gruszka @ 2011-06-16 10:22 UTC (permalink / raw)
  To: Pavel Roskin; +Cc: linux-wireless, John W. Linville

Hi Pavel

On Wed, Jun 15, 2011 at 06:02:52PM -0400, Pavel Roskin wrote:
> WARN_ON is not enough, as we cannot return a valid index, and the
> callers will use whatever we return, causing a cascade of oopses and
> eventually a panic.

We have fedora bug (https://bugzilla.redhat.com/show_bug.cgi?id=702627) 
where only that warning is generated, and system works further (at least
bug reporter did not mention about it's hang). When moving to BUG(),
system from user perspective will simply hang, what is much worse.
I think, we should rather fix callers to be prepared and recover itself
when rate_lowest_index fail. Of course fixing real bug(s) that cause
rate index is not found would be best.

Stanislaw

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-16  9:08 ` Arend van Spriel
@ 2011-06-16 22:06   ` Pavel Roskin
  0 siblings, 0 replies; 8+ messages in thread
From: Pavel Roskin @ 2011-06-16 22:06 UTC (permalink / raw)
  To: Arend van Spriel; +Cc: linux-wireless

On 06/16/2011 05:08 AM, Arend van Spriel wrote:
> On 06/16/2011 12:02 AM, Pavel Roskin wrote:

>> - WARN_ON(1);
>> + /* If we cannot find any rate, we are in trouble. */
>> + BUG_ON(1);
>>
>> - return 0;
>> + return -EINVAL;
>> }
>
> I would expect some description what the caller should do when -EINVAL
> is returned. Could even argue whether you want a BUG_ON or allow the
> caller (driver) to reset the hardware, reassociate, etc. upon -EINVAL. I
> am not sure under which circumstances this could happen so there may
> really be no way out.

I'm proposing a simple change that replaces memory corruption and 
unpredictable behavior with a predictable stop.  If sysrq is enabled, 
the system can even be restarted by the keyboard.

The meaning of -EINVAL is symbolic.  It shows that we are not returning 
a fallback value.  There is no valid fallback value to return.

The callers should not try to initialize rate control on interfaces with 
no rates enabled.  Anyway, the fix is out of scope of my patch.

-- 
Regards,
Pavel Roskin

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-16 10:22 ` Stanislaw Gruszka
@ 2011-06-16 22:08   ` Pavel Roskin
  2011-06-17  6:37     ` Arend van Spriel
  0 siblings, 1 reply; 8+ messages in thread
From: Pavel Roskin @ 2011-06-16 22:08 UTC (permalink / raw)
  To: Stanislaw Gruszka; +Cc: linux-wireless, John W. Linville

On 06/16/2011 06:22 AM, Stanislaw Gruszka wrote:
> Hi Pavel
>
> On Wed, Jun 15, 2011 at 06:02:52PM -0400, Pavel Roskin wrote:
>> WARN_ON is not enough, as we cannot return a valid index, and the
>> callers will use whatever we return, causing a cascade of oopses and
>> eventually a panic.
>
> We have fedora bug (https://bugzilla.redhat.com/show_bug.cgi?id=702627)
> where only that warning is generated, and system works further (at least
> bug reporter did not mention about it's hang). When moving to BUG(),
> system from user perspective will simply hang, what is much worse.
> I think, we should rather fix callers to be prepared and recover itself
> when rate_lowest_index fail. Of course fixing real bug(s) that cause
> rate index is not found would be best.

In my case, I was able to restart the system by sysrq when using BUG_ON, 
but the system would hang hard with WARN_ON.  I think continuing after 
returning an invalid index is wrong.  It will lead to memory corruption 
that could in turn lead to corruption of the filesystem.

-- 
Regards,
Pavel Roskin

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-16 22:08   ` Pavel Roskin
@ 2011-06-17  6:37     ` Arend van Spriel
  2011-06-17 20:33       ` Pavel Roskin
  0 siblings, 1 reply; 8+ messages in thread
From: Arend van Spriel @ 2011-06-17  6:37 UTC (permalink / raw)
  To: Pavel Roskin; +Cc: Stanislaw Gruszka, linux-wireless, John W. Linville

On 06/17/2011 12:08 AM, Pavel Roskin wrote:
> On 06/16/2011 06:22 AM, Stanislaw Gruszka wrote:
>> Hi Pavel
>>
>> On Wed, Jun 15, 2011 at 06:02:52PM -0400, Pavel Roskin wrote:
>>> WARN_ON is not enough, as we cannot return a valid index, and the
>>> callers will use whatever we return, causing a cascade of oopses and
>>> eventually a panic.
>> We have fedora bug (https://bugzilla.redhat.com/show_bug.cgi?id=702627)
>> where only that warning is generated, and system works further (at least
>> bug reporter did not mention about it's hang). When moving to BUG(),
>> system from user perspective will simply hang, what is much worse.
>> I think, we should rather fix callers to be prepared and recover itself
>> when rate_lowest_index fail. Of course fixing real bug(s) that cause
>> rate index is not found would be best.
> In my case, I was able to restart the system by sysrq when using BUG_ON,
> but the system would hang hard with WARN_ON.  I think continuing after
> returning an invalid index is wrong.  It will lead to memory corruption
> that could in turn lead to corruption of the filesystem.

I think it is generally a bad idea to use BUG_ON as a solution. As 
Stanislaw indicated there are platforms which can continue without a 
hang so you are regressing those. Regarding your patch I think the 
-EINVAL is good to have, but leave the WARN_ON.

Gr. AvS

-- 
Almost nobody dances sober, unless they happen to be insane.
-- H.P. Lovecraft --



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-17  6:37     ` Arend van Spriel
@ 2011-06-17 20:33       ` Pavel Roskin
  0 siblings, 0 replies; 8+ messages in thread
From: Pavel Roskin @ 2011-06-17 20:33 UTC (permalink / raw)
  To: Arend van Spriel; +Cc: Stanislaw Gruszka, linux-wireless, John W. Linville

On 06/17/2011 02:37 AM, Arend van Spriel wrote:
> On 06/17/2011 12:08 AM, Pavel Roskin wrote:

>> In my case, I was able to restart the system by sysrq when using BUG_ON,
>> but the system would hang hard with WARN_ON. I think continuing after
>> returning an invalid index is wrong. It will lead to memory corruption
>> that could in turn lead to corruption of the filesystem.
>
> I think it is generally a bad idea to use BUG_ON as a solution. As
> Stanislaw indicated there are platforms which can continue without a
> hang so you are regressing those. Regarding your patch I think the
> -EINVAL is good to have, but leave the WARN_ON.

Well, then it would be pointless.  The whole idea was to prevent memory 
corruption and to stop early.  Returning -EINVAL for real (as opposed to 
having it in the dead code) could lead to worse memory corruption than 
returning 0.

The real fix would be to make rate control algorithms robust to the case 
when no rates are allowed.  My patch was meant as a first little step 
towards it by making it easier to capture the backtrace and restart the 
system.  But it's not worth the trouble for me to argue about it.

-- 
Regards,
Pavel Roskin

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails
  2011-06-15 22:02 [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails Pavel Roskin
  2011-06-16  9:08 ` Arend van Spriel
  2011-06-16 10:22 ` Stanislaw Gruszka
@ 2011-06-19  8:05 ` Johannes Berg
  2 siblings, 0 replies; 8+ messages in thread
From: Johannes Berg @ 2011-06-19  8:05 UTC (permalink / raw)
  To: Pavel Roskin; +Cc: linux-wireless, John W. Linville

On Wed, 2011-06-15 at 18:02 -0400, Pavel Roskin wrote:
> WARN_ON is not enough, as we cannot return a valid index, and the
> callers will use whatever we return, causing a cascade of oopses and
> eventually a panic.

Can you show the details of that? 0 should always be an at least
semi-valid index pointing to _something_ whereas -EINVAL will cause it
to point to random memory that isn't even valid...

johannes



^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2011-06-19  8:05 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-06-15 22:02 [PATCH] mac80211: use BUG_ON and return -EINVAL if rate_lowest_index() fails Pavel Roskin
2011-06-16  9:08 ` Arend van Spriel
2011-06-16 22:06   ` Pavel Roskin
2011-06-16 10:22 ` Stanislaw Gruszka
2011-06-16 22:08   ` Pavel Roskin
2011-06-17  6:37     ` Arend van Spriel
2011-06-17 20:33       ` Pavel Roskin
2011-06-19  8:05 ` Johannes Berg

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.