lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20170522152227.52a9a7c48e8141056fc612c4@linux-foundation.org>
Date:   Mon, 22 May 2017 15:22:27 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Joe Perches <joe@...ches.com>
Cc:     Alexey Dobriyan <adobriyan@...il.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] CodingStyle: delete "kmalloc(sizeof(*var))" as
 preferred allocation form

On Mon, 22 May 2017 14:43:18 -0700 Joe Perches <joe@...ches.com> wrote:

> On Tue, 2017-05-23 at 00:38 +0300, Alexey Dobriyan wrote:
> > There are valid reasons for
> > 
> > 	malloc(sizeof(struct S))
> > 
> > form:
> > 
> > * struct S acts as an anchor for ctags quickly reminding which type is
> >   in focus
> > 
> > * argument re changing name prevents bugs is semi bogus:
> >   such changes are rare,
> >   "void *" cast gives both forms equal opportunity to be screwed up
> > 
> > * proper way to fix those rare misallocation bugs (which indeed happened)
> >   is type safe allocation macros (see tmalloc from Samba).
> > 
> >   However amount of disruption will be so high so it may never be done.
> > 
> > * ratio of allocation styles is ~6400:12000 which is about 1:2
> >   so the amount of churn to maintain this rule is pretty high in theory.
> > 
> > The winning move is to not play and not encourage people send trivial stuff.
> > 
> > Signed-off-by: Alexey Dobriyan <adobriyan@...il.com>
> > ---
> > 
> >  Documentation/process/coding-style.rst |   10 ----------
> >  1 file changed, 10 deletions(-)
> > 
> > --- a/Documentation/process/coding-style.rst
> > +++ b/Documentation/process/coding-style.rst
> > @@ -808,16 +808,6 @@ kmalloc(), kzalloc(), kmalloc_array(), kcalloc(), vmalloc(), and
> >  vzalloc().  Please refer to the API documentation for further information
> >  about them.
> >  
> > -The preferred form for passing a size of a struct is the following:
> > -
> > -.. code-block:: c
> > -
> > -	p = kmalloc(sizeof(*p), ...);
> > -
> > -The alternative form where struct name is spelled out hurts readability and
> > -introduces an opportunity for a bug when the pointer variable type is changed
> > -but the corresponding sizeof that is passed to a memory allocator is not.
> > -
> >  Casting the return value which is a void pointer is redundant. The conversion
> >  from void pointer to any other pointer type is guaranteed by the C programming
> >  language.
> 
> Thanks.  I agree with this deletion.

I don't.  Every damn time I see a p = kmalloc(sizeof struct foo) I have
to hunt around to check the type of p.  And I review a lot of code!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ