can: dev: can_restart(): don't crash kernel if carrier is OK

During testing, I triggered a can_restart() with the netif carrier
being OK [1]. The BUG_ON, which checks if the carrier is OK, results
in a fatal kernel crash. This is neither helpful for debugging nor for
a production system.

[1] The root cause is a race condition in can_restart() which will be
fixed in the next patch.

Do not crash the kernel, issue an error message instead, and continue
restarting the CAN device anyway.

Fixes: 39549eef3587 ("can: CAN Network device driver and Netlink interface")
Link: https://lore.kernel.org/all/20231005-can-dev-fix-can-restart-v2-1-91b5c1fd922c@pengutronix.de
Reviewed-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>

diff --git a/drivers/net/can/dev/dev.c b/drivers/net/can/dev/dev.c
index 7f9334a8af50002413b3e45856ecbe8971bcc9ba..a5bbdfa9a269348c5fa7cc9c05e8bea36c6e6a5c 100644 (file)
--- a/drivers/net/can/dev/dev.c
+++ b/drivers/net/can/dev/dev.c
@@ -132,7 +132,8 @@ static void can_restart(struct net_device *dev)
        struct can_frame *cf;
        int err;
 
-       BUG_ON(netif_carrier_ok(dev));
+       if (netif_carrier_ok(dev))
+               netdev_err(dev, "Attempt to restart for bus-off recovery, but carrier is OK?\n");
 
        /* No synchronization needed because the device is bus-off and
         * no messages can come in or go out.