[RFC v5][PATCH 2/8] General infrastructure for checkpoint restart

Oren Laadan orenl at cs.columbia.edu
Mon Sep 15 11:52:34 PDT 2008

Dave Hansen wrote:
> On Sat, 2008-09-13 at 19:06 -0400, Oren Laadan wrote:
>> +void *cr_hbuf_get(struct cr_ctx *ctx, int n)
>> +{
>> +       void *ptr;
>> +
>> +       BUG_ON(ctx->hpos + n > CR_HBUF_TOTAL);
>> +       ptr = (void *) (((char *) ctx->hbuf) + ctx->hpos);
>> +       ctx->hpos += n;
>> +       return ptr;
>> +}
> All of the casting here is unnecessary.  'void *' behaves like 'char *'
> when you do arithmetic on it.  


> I really do detest having a memory allocator BUG_ON() when it runs out
> of space.  

The BUG_ON() statement asserts that we don't run out of buffer space.
Buffer usage is a function of the checkpoint/restart logic, and does
not depend on user input, hence not susceptible to DoS.

In other words, if the code is correct, this should never happen (much
like a kernel stack overflow), and if it happens it's a kernel bug. I
think it was Arnd who recommended with regard to this to crash loudly
if there is a bug in the kernel ...


More information about the Containers mailing list