> On Sat, 28 Nov 1998, Stephane Belmon wrote:
> >One more comment on your patch: Generally speaking, this style of checking
> >overflows _after_ they happen makes me a little nervous. It works in many
> >cases, like what you do: "a+b". If you're doing "a+b+c", testing things
> >like the sign of the result doesn't catch all overflows; nor if you have
> >multiplications. So a seemingly innocent change made later on could break
> >the test: a case of bad "bug locality".
>
> I can add a comment but I don' t care too much about this issue. Following
> this thought we should not write kernel code at all ;). Everything can be
> screwed up by a mistake from somebody like me ;>>.
we definitely care about 'bug locality' and related issues. Remember,
schedule_timeout() was introduced exactly due to the same thing. (apart
from the slight schedule() speedup which is just a nice side-effect)
Writing kernel code that works is one thing, but one of the real tasks is
to write kernel code that has a smaller chance to be broken later on. Just
witness how much we avoid type casts ...
-- mingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/