| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180313143324.vlusixa522rqaeoy@smtp.gmail.com>
Date: Tue, 13 Mar 2018 11:33:24 -0300
From: Rodrigo Siqueira <rodrigosiqueiramelo@...il.com>
To: Dan Carpenter <dan.carpenter@...cle.com>
Cc: devel@...verdev.osuosl.org, Graff Yang <graff.yang@...il.com>,
Lars-Peter Clausen <lars@...afoo.de>,
Michael Hennerich <Michael.Hennerich@...log.com>,
linux-iio@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org,
Peter Meerwald-Stadler <pmeerw@...erw.net>,
Hartmut Knaack <knaack.h@....de>, daniel.baluta@....com,
Jonathan Cameron <jic23@...nel.org>
Subject: Re: [PATCH 3/3] staging:iio:ad2s1210: Add write_raw to handle
frequency
On 03/13, Dan Carpenter wrote:
> On Tue, Mar 13, 2018 at 10:06:29AM -0300, Rodrigo Siqueira wrote:
> > On 03/13, Dan Carpenter wrote:
> >
> > > Ah... I see why you did the ERROR_MESSAGE define, to get around the 80
> > > character limit. Don't do that. Just go over 80 characters if you need
> > > to.
> > >
> > >
> > > > + "fclkin");
> > > > + ret = -EINVAL;
> > > > + goto error_ret;
> > >
> > > Direct returns are better. Less chance of bugs statistically.
> >
> > I totally get your point here, and I will fix it. However, just for
> > curiosity, why goto in this situation has more chance to generate bugs
> > statically?
> >
>
> This is a do-nothing goto. I normally consider do-nothing gotos and
> do-everything gotos basically cousins but in this case it's probably
> unfair since it already has other labels.
>
> Do-everything gotos are the most error prone way of doing error
> handling. I've reviewed a lot of static checker warnings and it really
> is true. I can't give you like a percent figure but do-everything error
> handling is a lot buggier than normal kernel style.
>
> This style of error handling is supposed to prevent returning without
> unlocking bugs. I once looked through the git log and counted missing
> unlock bugs and my conclusion was that it basically doesn't work for
> preventing bugs. The kind of people who just add random returns will do
> it regardless of the error handling style. There was even one driver
> that indented locked code like this:
>
> lock(); {
> blah blah blah;
> } unlock();
>
> When the driver was first submitted, it already had a missing unlock
> bug. I don't think style helps slow people down who are in a hurry.
>
> The other thing about do-nothing gotos is that you introduce the
> possibility of "forgot to set the error code" bugs which wasn't there
> before.
>
> regards,
> dan carpenter
>
>
>
>
>
>
>
>
> So actually "error_ret" seems like a pretty reasonable name for a
> do-nothing goto. I no
>
> I've looked at a lot of error handling and this kind of error handling
> is more error prone. The single exit path thing is supposed to prevent
> bugs like not dropping the lock on exit and I've looked through the logs
> and counted bugs to see if it works and I don't think it does. The
> people who forget to unlock will forget to unlock regardless of the
> error handling style.
>
Thanks for the great explanation :)
>
>
>
> > I will send a v2 with your recommendantions.
> > Thanks for the review and feedbacks :)
> >
> > > regards,
> > > dan carpenter
> > >
> > _______________________________________________
> > devel mailing list
> > devel@...uxdriverproject.org
> > http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Powered by blists - more mailing lists