Conversation
@gfxstrand @lina Bear in mind, of course, that BUG_ON() tends to be fairly firmly frowned upon as well. Adding calls can lead to ... negative review comments. Kernel code needs to detect problems and continue on as gracefully as possible.
1
0
3
@lina @gfxstrand I'd be careful, that approach can get you into trouble. About the only "throw up your hands" situation is if there is no way to continue without risking data corruption or other unpleasantness.

Seriously, you might want to look at some of the linux-kernel conversations around BUG_ON; https://lwn.net/ml/linux-kernel/CAHk-%3Dwhfor49J0YTYi6zauiJ_MWwF-XwhSty%2BHvD4CzxFQ_ZGA%40mail.gmail.com/ is one of the more polite responses.

I'm not trying to lecture on the "right way" to do things here... I very much want to see the Rust work succeed, and I'd hate to see it run into merge-window explosions. Sprinkling BUG_ON() or equivalent calls is a direct path toward that kind of explosion.
2
1
2