RE: [PATCH 1/7] staging: fsl-mc: MC bus IRQ support
From: Jose Rivera
Date: Tue May 05 2015 - 12:11:51 EST
> -----Original Message-----
> From: Dan Carpenter [mailto:dan.carpenter@xxxxxxxxxx]
> Sent: Tuesday, May 05, 2015 3:49 AM
> To: Rivera Jose-B46482
> Cc: devel@xxxxxxxxxxxxxxxxxxxx; agraf@xxxxxxx; arnd@xxxxxxxx; Sharma
> Bhupesh-B45370; gregkh@xxxxxxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx;
> Yoder Stuart-B08248; Wood Scott-B07421; Erez Nir-RM30794; katz Itai-
> RM05202; Hamciuc Bogdan-BHAMCIU1; Marginean Alexandru-R89243; Schmitt
> Richard-B43082
> Subject: Re: [PATCH 1/7] staging: fsl-mc: MC bus IRQ support
>
> On Mon, May 04, 2015 at 10:09:08PM +0000, Jose Rivera wrote:
> > > > + WARN_ON((int16_t)irq_count < 0);
> > >
> > > This code is doing "WARN_ON(test_bit(15, (unsigned long
> *)&irq_count));".
> > > That seems like nonsense. Anyway, just delete the WARN_ON().
> > >
> > I disagree. This WARN_ON is checking that irq_count is in the expected
> > range (it fits in int16_t as a positive number). The
> > dprc_scan_objects() function expects irq_count to be of type "unsigned
> > int" (which is 32-bit unsigned)
> >
>
> You're not allowed to disagree because it's a testable thing and not an
> opinion about style or something. :P What you want is:
>
> WARN_ON(irq_count > SHRT_MAX);
>
I see your point now. The check "(int16_t)irq_count < 0)" will not be able
to catch 0x10000 > 0x7fff, but "irq_count > SHRT_MAX) will. So I'll
make the suggested change, but I would prefer to use S16_MAX rather than
SHRT_MAX.
> > > > +
> > > > + if ((int16_t)irq_count >
> > > > + mc_bus-
> >resource_pools[FSL_MC_POOL_IRQ].max_count) {
> > >
> > > Why are we casting this? Also can you align it like:
> > >
> > This casting is done for safety, to prevent the comparison to be done
> > in "unsigned int" due to integer promotion rules.
>
> We are truncating away the top bytes but then we use them later.
> Fortunately we use them only to print out a warning, but if we used them
> for anything else it would be a serious bug.
>
> Are you expecting .max_count to be negative?
>
No.
> If not then both sides are positive and type promotion is fine. We can
> delete the first (buggy) warning, like I said and just leave the second
> warning. It will now complain if any of bits 16 to 31 are set where
> before it wouldn't.
>
Agreed. I'll remove the (int16_t) type cast from the "if". So, I'll change
this code snippet to be like this:
WARN_ON(irq_count > S16_MAX);
if (irq_count >
mc_bus->resource_pools[FSL_MC_POOL_IRQ].max_count)
dev_warn(...);
Although the WARN_ON seems redundant with the "if", it catches a different
problem. The WARN_ON() catches irq_count to be out of range, the "if"
tells when we run out of IRQ resources fro a valid irq_count.
> > > to read what "goto error;" does. The error handling here calls
> > > devm_kfree() which is not needed... devm_ functions automatically
> > > clean up after themselves. This seems a pattern throughout. Do a
> > > search for
> > > devm_free() and see which ones are really needed or not.
> > >
> > I know that memory allocated with devm_kzalloc() is freed at the end
> > of the lifetime of the device it is attached to. However, in error
> > paths, why wait until the device is destroyed? Why not free the memory
> > earlier so that it can be used for other purposes?
>
Why then do the devm_kfree() function exist?
I will not remove the devm_free() calls unless the upstream maintainer
requires me to do so.
> My understanding is that devm_ functions are supposed to be used in the
> probe() functions to simplify the error handling. So hopefully the
> device lifetime ends as soon as this function returns a failure.
>
> devm_ function are not a use them everywhere because now the kernel has
> garbage collection type thing.
>
> regards,
> dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/