Re: [PATCH 1/2] Staging: fsl-mc: include: mc: Kernel type 's16' preferred over 'int16_t'

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dan Carpenter <dan.carpenter@oracle.com>
To: Stuart Yoder <stuart.yoder@nxp.com>
Cc: Shiva Kerdel <shiva@exdev.nl>,
	"devel@driverdev.osuosl.org" <devel@driverdev.osuosl.org>,
	"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Nipun Gupta <nipun.gupta@nxp.com>,
	"treding@nvidia.com" <treding@nvidia.com>,
	Laurentiu Tudor <laurentiu.tudor@nxp.com>
Subject: Re: [PATCH 1/2] Staging: fsl-mc: include: mc: Kernel type 's16' preferred over 'int16_t'
Date: Mon, 14 Nov 2016 13:05:42 +0300	[thread overview]
Message-ID: <20161114100447.GJ28701@mwanda> (raw)
In-Reply-To: <VI1PR0401MB26383A9D15287D79B790BAD38DBB0@VI1PR0401MB2638.eurprd04.prod.outlook.com>

On Fri, Nov 11, 2016 at 02:52:31PM +0000, Stuart Yoder wrote:
> > > diff --git a/drivers/staging/fsl-mc/include/mc-bus.h b/drivers/staging/fsl-mc/include/mc-bus.h
> > > index e915574..c7cad87 100644
> > > --- a/drivers/staging/fsl-mc/include/mc-bus.h
> > > +++ b/drivers/staging/fsl-mc/include/mc-bus.h
> > > @@ -42,8 +42,8 @@ struct msi_domain_info;
> > >   */
> > >  struct fsl_mc_resource_pool {
> > >  	enum fsl_mc_pool_type type;
> > > -	int16_t max_count;
> > > -	int16_t free_count;
> > > +	s16 max_count;
> > 
> > My understanding is that this has to be signed because the design of
> > this driver is that we keep adding devices until the the counter
> > overflows.  After that there are a couple tests for
> > "if (WARN_ON(res_pool->max_count < 0)) " which prevent the driver from
> > working again.
> >
> > This all seems pretty horrible.
> 
> Can you elaborate?
> 
> The resource pools managed by this driver are populated by hardware objects
> discovered when the fsl-mc bus probes a DPRC/container.
> 
> The number of potential objects discovered of a given type is in the hundreds,
> so a signed 16-bit number is order of magnitudes larger than anything we will
> ever encounter.
> 
> Would you feel better about this if max_count was an int?

Yeah.

> 
> The max_count reflects the total number of objects discovered.  If that is
> exceeded we display a warning, because something is horribly wrong.  Nothing
> stops working, the allocator simply refuses to add anything else to the
> free list.

I didn't look at this carefully...  Anyway we can't remove devices
either.  If we just had an upper bound instead of overflowing the s16
then we could still remove devices.

> 
> The only reason max_count is there at all is as an internal check against
> bugs and resource leaks.  If the driver is being removed and a resource
> pool is being freed, max_count must be zero...i.e. all objects should have
> been removed.  If not, there is a leak somewhere.  So, it's a sanity check.
> 

Just use a normal upper bound with a #define instead of an magic number
hidden and then disguised as an integer overflow.

regards,
dan carpenter

next prev parent reply	other threads:[~2016-11-14 10:08 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-11 11:07 [PATCH 1/2] Staging: fsl-mc: include: mc: Kernel type 's16' preferred over 'int16_t' Shiva Kerdel
2016-11-11 11:07 ` [PATCH 2/2] Staging: fsl-mc: include: mc: Kernel type 's32' preferred over 'int32_t' Shiva Kerdel
2016-11-11 11:24   ` Dan Carpenter
2016-11-11 11:23 ` [PATCH 1/2] Staging: fsl-mc: include: mc: Kernel type 's16' preferred over 'int16_t' Dan Carpenter
2016-11-11 14:52   ` Stuart Yoder
2016-11-14 10:05     ` Dan Carpenter [this message]
2016-11-14 14:55       ` Stuart Yoder
2016-11-15  7:54         ` Shiva Kerdel
  -- strict thread matches above, loose matches on Subject: below --
2016-11-10 13:52 Shiva Kerdel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161114100447.GJ28701@mwanda \
    --to=dan.carpenter@oracle.com \
    --cc=devel@driverdev.osuosl.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=laurentiu.tudor@nxp.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=nipun.gupta@nxp.com \
    --cc=shiva@exdev.nl \
    --cc=stuart.yoder@nxp.com \
    --cc=treding@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.