lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 23 Jun 2015 12:23:03 +0300
From:	Dan Carpenter <dan.carpenter@...cle.com>
To:	"Dilger, Andreas" <andreas.dilger@...el.com>
Cc:	Julia Lawall <Julia.Lawall@...6.fr>,
	"Drokin, Oleg" <oleg.drokin@...el.com>,
	"devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"lustre-devel@...ts.lustre.org" <lustre-devel@...ts.lustre.org>
Subject: Re: [PATCH 01/12] staging: lustre: fid: Use !x to check for kzalloc
 failure

On Tue, Jun 23, 2015 at 08:25:05AM +0000, Dilger, Andreas wrote:
> I've found in the past that developers can introduce bugs when they treat
> return values as boolean when they really aren't.

I can imagine a bug like that where a function can return 0-2 and people
do:

	if (ret)

instead of:

	if (ret == 1)

but that bug is something else besides pointers so it doesn't apply
here.

What someone should do is try to measure it scientifically where we
flash some code on the screen and you have to press J for NULL and K for
non-NULL and we time it to the hundredth of a second.  I have a feeling
that (NULL != foo) is the worst way to write it because of the double
negative Yoda code.

Yoda code is the most useless thing ever.  I have actually measured this
and we introduce about 2 = vs == bugs per year.  It's probably less now
that we have so many static checks against it.  But people decided that
Yoda code was a good idea based on their gut instead of using statistics
and measurements and science.

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ