lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <adaodk1q3ny.fsf@cisco.com>
Date:	Wed, 30 May 2007 16:42:41 -0700
From:	Roland Dreier <rdreier@...co.com>
To:	Pete Zaitcev <zaitcev@...hat.com>
Cc:	"Satyam Sharma" <satyam.sharma@...il.com>,
	"Matthias Kaehlcke" <matthias.kaehlcke@...il.com>, axboe@...nel.dk,
	linux-usb-devel@...ts.sourceforge.net,
	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org
Subject: Re: [PATCH] drivers/block/ub.c: use list_for_each_entry()

 > > > The negative is the sheer number of helper functions in list.h. Personally,
 > > > I find it difficult to retain a working knowledge of them. Iterators are
 > > > particularly nasty that way. I'm thinking about dropping all of these
 > > > list_for_each_with_murky_argument_requirements_and_odd_side_effects()
 > > > and use plain for(;;), as a courtesy to someone who has to read the
 > > > code years down the road.
 > > 
 > > I think I disagree with this reasoning.  If I'm reading your code and
 > > I see, say, list_for_each_entry_safe(), I can be pretty confident that
 > > your loop works correctly.  If you write your own for loop, then I
 > > have to check that you actually got the linked list walking right.
 > 
 > You have to check that I used list_for_each_entry_safe correctly too,
 > which is harder. Are you aware that we had (and probably still have)
 > dozens of cases where the use of list_for_each_entry_safe was buggy?
 > Most of them involved IHV programmers being lured into false sense
 > of security by the _safe suffix and getting their locking wrong.
 > 
 > You could not find a better way to blow up your own argument
 > than to mention list_for_each_entry_safe(), which is anything but.
 > Matthias' use of list_for_each_entry() actually IS safe, which is
 > why I am not NAKing it. Andrew has accepted it already. I just
 > think we aren't winning squat here.

Well, actually, I chose list_for_each_entry_safe() quite conscious of
the locking issues.  If I see list_XXX_safe() then I know that I need
to be suspicious when reviewing code -- the same way seeing "atomic_t"
makes me think "is there any reason to use atomic_t??"

If I just see

	for (pos = list_entry((head)->next, typeof(*pos), member),
		n = list_entry(pos->member.next, typeof(*pos), member);
	     &pos->member != (head);
	     pos = n, n = list_entry(n->member.next, typeof(*n), member))

then what am I to think?

 - R.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ