Re: [PATCH 3/7] inflate pt1: clean up input logic

From: Russell King
Date: Sat Feb 25 2006 - 13:07:00 EST

Next message: Randy.Dunlap: "Re: [PATCH] Fix topology.c location"
Previous message: Benjamin LaHaise: "Re: [PATCH] Define wc_wmb, a write barrier for PCI write combining"
In reply to: Matt Mackall: "Re: [PATCH 3/7] inflate pt1: clean up input logic"
Next in thread: Matt Mackall: "Re: [PATCH 3/7] inflate pt1: clean up input logic"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Feb 25, 2006 at 08:54:12AM -0600, Matt Mackall wrote:
> On Sat, Feb 25, 2006 at 08:49:55AM +0000, Russell King wrote:
> > On Sat, Feb 25, 2006 at 12:51:36AM -0600, Matt Mackall wrote:
> > > On Fri, Feb 24, 2006 at 10:19:09PM +0000, Russell King wrote:
> > > > How does this change handle the case where we run out of input data?
> > > > This condition needs to be handled explicitly because the inflate
> > > > functions can infinitely loop.
> > >
> > > And if you look at the current users, you'll see that only two of 15
> > > actually use it.
> >
> > Sorry, I don't understand the relevance of your comment.
>
> The other 13 did the right thing, namely halt in get_byte. Without
> adding a magic goto inside of a macro.
>
> > Please do not back out this fix.
>
> The backing out is only temporary, as I stated in my message. That
> said, it should have never gone in.

Nevertheless, it's a wilful re-introduction of a real bug.

> > > > Relying on a bit pattern returned by get_byte() is how this code
> > > > pre-fix used to work, and it caused several confused bug reports.
> > >
> > > Just about everywhere, get_byte prints an error message and halts.
> >
> > And the cases where it doesn't halt is the important case.
>
> Again, current state of things. Did you read the rest of my message?

And you're failing to see the problem.

> The end result is that it will halt in all cases. This code _will_not_
> infinitely loop. Instead, it will dereference null or print a
> diagnostic. I can add another patch to make sure it prints a nice
> diagnostic in all cases if you care, but I don't think it's terribly
> important.

Not acceptable.

We DO NOT want to halt in ALL cases. There is ONE case where we
definitely do want to GRACEFULLY fail and _NOT_ halt the kernel.

It seems that you're missing this case - the case where lib/inflate.c
is used elsewhere in the kernel apart from the boot time decompressors.
The behaviour you describe is perfectly reasonable for the boot time
decompressors, but _NOT_ once the kernel has been decompressed.

Sorry, I'm disgusted that it's come to this to get my point across.
Do I really have to use capital letters in an attempt to convey the
point?

--
Russell King
Linux kernel 2.6 ARM Linux - http://www.arm.linux.org.uk/
maintainer of: 2.6 Serial core
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy.Dunlap: "Re: [PATCH] Fix topology.c location"
Previous message: Benjamin LaHaise: "Re: [PATCH] Define wc_wmb, a write barrier for PCI write combining"
In reply to: Matt Mackall: "Re: [PATCH 3/7] inflate pt1: clean up input logic"
Next in thread: Matt Mackall: "Re: [PATCH 3/7] inflate pt1: clean up input logic"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]