>> The kfree() function was called in up to five cases >> by the init_vqs() function during error handling even if >> the passed variable contained a null pointer. >> >> * Return directly after a call of the function "kmalloc_array" failed >> at the beginning. >> >> * Split a condition check for memory allocation failures so that >> each pointer from these function calls will be checked immediately. >> >> See also background information: >> Topic "CWE-754: Improper check for unusual or exceptional conditions" >> Link: https://cwe.mitre.org/data/definitions/754.html >> >> * Adjust jump targets according to the Linux coding style convention. > > So I've seen this series and I'm not yet sure how I feel about the > patches - f.e. in this one, it adds more lines than it removes to > achieve the same effect. I find this consequence still debatable. > I think the code is currently more readable than after these changes. Thanks for your constructive feedback. Can it be that an other software development concern is eventually overlooked? > And even if kfree is called multiple times, it isn't a huge bother I know also that the implementation of this function tolerates the passing of null pointers. > -- it's error case anyway, very unlikely to trigger, but keeps everything very readble. I suggest to reconsider this design detail if it is really acceptable for the safe implementation of such a software module. * How much will it matter in general that four function call were performed in this use case without checking their return values immediately? * Should it usually be determined quicker if a required resource like memory could be acquired before trying the next allocation? Regards, Markus -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
