From: Jay Vosburgh <fubar@us.ibm.com>
To: Joe Perches <joe@perches.com>
Cc: aquini@linux.com, kernel-janitors@vger.kernel.org,
David Miller <davem@davemloft.net>,
Andy Gospodarek <andy@greyhouse.net>,
shemminger@vyatta.com, netdev@vger.kernel.org,
Nicolas Kaiser <nikai@nikai.net>
Subject: Re: [PATCH] net/bonding: adjust codingstyle for bond_3ad files
Date: Sat, 07 May 2011 14:25:41 -0700 [thread overview]
Message-ID: <23896.1304803541@death> (raw)
In-Reply-To: <1304791360.1738.6.camel@Joe-Laptop>
Joe Perches <joe@perches.com> wrote:
>On Sat, 2011-05-07 at 14:31 -0300, Rafael Aquini wrote:
>> To exemplify my point, I'll taking that very __ad_timer_to_ticks() as an example:
>> static u16 __ad_timer_to_ticks(u16 timer_type, u16 par)
>> {
>> u16 retval = 0;
>>
>> switch (timer_type) {
>> case AD_CURRENT_WHILE_TIMER: /* for rx machine usage */
>> if (par)
>> retval = (AD_SHORT_TIMEOUT_TIME*ad_ticks_per_sec);
>> else
>> retval = (AD_LONG_TIMEOUT_TIME*ad_ticks_per_sec);
>> break;
>> case AD_ACTOR_CHURN_TIMER: /* for local churn machine */
>> retval = (AD_CHURN_DETECTION_TIME*ad_ticks_per_sec);
>> break;
>> case AD_PERIODIC_TIMER: /* for periodic machine */
>> retval = (par*ad_ticks_per_sec);
>> break;
>> case AD_PARTNER_CHURN_TIMER: /* for remote churn machine */
>> retval = (AD_CHURN_DETECTION_TIME*ad_ticks_per_sec);
>> break;
>> case AD_WAIT_WHILE_TIMER: /* for selection machine */
>> retval = (AD_AGGREGATE_WAIT_TIME*ad_ticks_per_sec);
>> break;
>> }
>> return retval;
>> }
>>
>> If, for some unknown reason timer_type receives an 'alien' value, and
>> we were
>> using retval uninitialized, this function, as it is, would return an
>> unpredictable value to its caller. Unless we have the switch block
>> re-factored, we cannot leave retval uninitialized. So, it's not just a
>> matter of leaving the variable uninitialized, or initialize it just to
>> get rid of a compiler warning. That's why those comments are not
>> helpful anyway.
The comments are helpful, because they mark places where the
code could use some improvement to better handle "impossible"
conditions. The only reason we need the initializer is because the
function doesn't handle all possible inputs. This is probably not the
comment's intended purpose, but they're useful for this nevertheless.
>I'd write this not using a retval variable at all as:
>
> switch (timer_type) {
> case AD_CURRENT_WHILE_TIMER: /* for rx machine usage */
> if (par)
> return AD_SHORT_TIMEOUT_TIME * ad_ticks_per_sec;
> return AD_LONG_TIMEOUT_TIME * ad_ticks_per_sec;
> case AD_ACTOR_CHURN_TIMER: /* for local churn machine */
> return AD_CHURN_DETECTION_TIME * ad_ticks_per_sec;
> ...
> }
> WARN(1, "Invalid timer type: %u\n", timer_type)
> return 0;
>}
Most (perhaps all) of the "silence compiler" comments in this
code exist in places that, like the above, will silently misbehave if
unexpected input arrives. Granted, for the __ad_timer_to_ticks
function, there aren't a lot of call sites, but the other similar cases
exist within the state machine handler code.
My preference would be to only remove the "silence compiler"
comments if the possibility of silent misbehavior is also eliminated.
For __ad_timer_to_ticks, that would mean either a default: case in the
current arrangement, or something like what Joe suggests above.
If this is beyond the scope of what you, Rafeal, want to do,
that's fine, but in that case leave the "silence" notes in place.
-J
---
-Jay Vosburgh, IBM Linux Technology Center, fubar@us.ibm.com
next prev parent reply other threads:[~2011-05-07 21:25 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-07 1:27 [PATCH] net/bonding: adjust codingstyle for bond_3ad files Rafael Aquini
2011-05-07 1:51 ` Joe Perches
2011-05-07 17:31 ` Rafael Aquini
2011-05-07 18:02 ` Joe Perches
2011-05-07 19:35 ` matt mooney
2011-05-07 20:24 ` Joe Perches
2011-05-08 23:08 ` Håkon Løvdal
2011-05-08 23:10 ` David Miller
2011-05-09 0:08 ` Håkon Løvdal
2011-05-09 0:12 ` David Miller
2011-05-09 1:30 ` Håkon Løvdal
2011-05-07 21:25 ` Jay Vosburgh [this message]
2011-05-07 21:37 ` Rafael Aquini
-- strict thread matches above, loose matches on Subject: below --
2011-05-10 0:08 Rafael Aquini
2011-05-10 0:15 ` Joe Perches
2011-05-10 2:00 ` Jay Vosburgh
2011-05-10 2:11 ` Joe Perches
2011-05-10 12:22 ` Rafael Aquini
2011-05-06 11:50 Rafael Aquini
2011-05-06 13:01 ` Nicolas Kaiser
2011-05-06 14:56 ` Rafael Aquini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=23896.1304803541@death \
--to=fubar@us.ibm.com \
--cc=andy@greyhouse.net \
--cc=aquini@linux.com \
--cc=davem@davemloft.net \
--cc=joe@perches.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=nikai@nikai.net \
--cc=shemminger@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).