From: Milan Broz <gmazyland@gmail.com>
To: Lars Winterfeld <lars.winterfeld@tu-ilmenau.de>, dm-crypt@saout.de
Subject: Re: [dm-crypt] goto patch for cryptsetup?
Date: Fri, 07 Mar 2014 17:11:32 +0100 [thread overview]
Message-ID: <5319EFB4.9020207@gmail.com> (raw)
In-Reply-To: <5319A4DC.6080806@tu-ilmenau.de>
On 03/07/2014 11:52 AM, Lars Winterfeld wrote:
> Am 03/07/2014 06:23 AM, schrieb Milan Broz:
>> On 03/06/2014 09:39 PM, Lars Winterfeld wrote:
>>> Hi,
>>>
>>> in light of the latest "goto fail"s out there, would you reject a patch
>>> replacing all 328 gotos with their semantic equivalents from structured
>>> C programming?
>>
>> cryptsetup code uss goto for only one purpose: to have only one exit
>> place from a function (with check for errors, release memory).
>>
>> Replacing it with anything else means duplicating of lot of code.
>
> I agree that code duplication is undesirable. I can think of two
> alternatives to goto that do not duplicate code. The first is to
> introduce a one-time loop like this:
No please. Using goto here the style I prefer (you would use exception
in other languages but this is intentionally low level C).
I really do no understand which problem you are trying to solve here
- goto can be used very wrong, but this is not the case.
> do {
> // foo
> if(a) break; // was: goto out;
> // bar
> if(b) break; // was: goto out;
> // "all good" code
> return 0;
> } while(0);
> // was: out:
> // "on error" code
> return -1;
Which is not only ugly but adds one level of indentation.
I am basically using kernel code style I like, read
https://www.kernel.org/doc/Documentation/CodingStyle
(specifically chapter 7 - goto)
...
Please do not spend time with replacing goto this way.
If you want help - write a tests, there is a lot of things which
should have regression tests and still missing there.
I would also appreciate script for fuzzy testing, run time checks
(to avoid things like gcrypt KDF fail) etc.
Running various static/dynamic analyzers and filter out false positives
(and send patches for real problems) helps as well.
And if anyone understand recent changes in automake, I would appreciate
fixes for warnings. (I am thinking also if we could replace it with Cmake:)
Thanks,
Milan
p.s.
If the reason for this is recent misapplied patch for OpenSSL,
the same problem can happen even without goto. Testsuite should detect
such problems...
see e.g. http://www.tedunangst.com/flak/post/a-brief-history-of-one-line-fixes
next prev parent reply other threads:[~2014-03-07 16:11 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-06 20:39 [dm-crypt] goto patch for cryptsetup? Lars Winterfeld
2014-03-06 23:27 ` Arno Wagner
2014-03-07 5:23 ` Milan Broz
2014-03-07 10:52 ` Lars Winterfeld
2014-03-07 12:11 ` Arno Wagner
2014-03-07 12:16 ` .. ink ..
2014-03-07 16:11 ` Milan Broz [this message]
2014-03-08 16:20 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5319EFB4.9020207@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-crypt@saout.de \
--cc=lars.winterfeld@tu-ilmenau.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox