BUG_ON() in a library function is too harsh -- it panics the kernel when a caller passes a dest string whose length already meets or exceeds count. This is a caller bug, not a reason to bring down the entire system.
Replace with WARN_ON_ONCE() and a safe early return. The return value of count signals truncation to the caller, consistent with strlcat semantics (return >= count means the output was truncated). This follows the guidance in include/asm-generic/bug.h which explicitly discourages BUG_ON: "Don't use BUG() or BUG_ON() unless there's really no way out." Signed-off-by: Josh Law <[email protected]> --- lib/string.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/string.c b/lib/string.c index b632c71df1a5..ae3eb192534d 100644 --- a/lib/string.c +++ b/lib/string.c @@ -255,8 +255,9 @@ size_t strlcat(char *dest, const char *src, size_t count) size_t len = strlen(src); size_t res = dsize + len; - /* This would be a bug */ - BUG_ON(dsize >= count); + /* This would be a caller bug */ + if (WARN_ON_ONCE(dsize >= count)) + return count; dest += dsize; count -= dsize; -- 2.34.1
