When the arguments passed by the caller are invalid, WARN_ON_ONCE() is proper than BUG_ON() which may crash the kernel.
ida_remove()/idr_remove() add checks for "id < 0". BUG_ON() in ida_simple_remove() is simply removed, due to ida_remove() already checks for "id < 0". In idr_alloc(), it still returns -ENOSPC when "start == end", but it returns -EINVAL when "max < start" while old code returns -ENOSPC. -EINVAL is proper here, the caller must passed wrong arguments. ida_simple_get()'s argument-checks are changed as the same as idr_alloc(). Signed-off-by: Lai Jiangshan <la...@cn.fujitsu.com> --- lib/idr.c | 25 +++++++++++++------------ 1 files changed, 13 insertions(+), 12 deletions(-) diff --git a/lib/idr.c b/lib/idr.c index 96bb252..87c98fc 100644 --- a/lib/idr.c +++ b/lib/idr.c @@ -457,8 +457,10 @@ int idr_alloc(struct idr *idr, void *ptr, int start, int end, gfp_t gfp_mask) /* sanity checks */ if (WARN_ON_ONCE(start < 0)) return -EINVAL; - if (unlikely(max < start)) + if (unlikely(end > 0 && start == end)) return -ENOSPC; + if (WARN_ON_ONCE(max < start)) + return -EINVAL; /* allocate id */ id = idr_get_empty_slot(idr, start, pa, gfp_mask, NULL); @@ -551,10 +553,7 @@ void idr_remove(struct idr *idp, int id) struct idr_layer *p; struct idr_layer *to_free; - if (id < 0) - return; - - if (id > idr_max(idp->layers)) { + if (id < 0 || id > idr_max(idp->layers)) { idr_remove_warning(id); return; } @@ -1012,7 +1011,7 @@ void ida_remove(struct ida *ida, int id) int n; struct ida_bitmap *bitmap; - if (idr_id > idr_max(ida->idr.layers)) + if (id < 0 || idr_id > idr_max(ida->idr.layers)) goto err; /* clear full bits while looking up the leaf idr_layer */ @@ -1078,14 +1077,17 @@ int ida_simple_get(struct ida *ida, unsigned int start, unsigned int end, unsigned int max; unsigned long flags; - BUG_ON((int)start < 0); - BUG_ON((int)end < 0); + if (WARN_ON_ONCE((int)start < 0)) + return -EINVAL; - if (end == 0) - max = 0x80000000; + if ((int)end <= 0) + max = INT_MAX; else { - BUG_ON(end < start); max = end - 1; + if (unlikely(start == end)) + return -ENOSPC; + if (WARN_ON_ONCE(max < start)) + return -EINVAL; } again: @@ -1120,7 +1122,6 @@ void ida_simple_remove(struct ida *ida, unsigned int id) { unsigned long flags; - BUG_ON((int)id < 0); spin_lock_irqsave(&simple_ida_lock, flags); ida_remove(ida, id); spin_unlock_irqrestore(&simple_ida_lock, flags); -- 1.7.4.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/