| Message ID | 20190414102627.5564-2-wsa+renesas@sang-engineering.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | watchdog: refactor init_timeout and update users | expand |
On 4/14/19 3:26 AM, Wolfram Sang wrote: > The function is not easy to read and has two problems: a) -EINVAL is > returned when the module parameter is invalid but the DT parameter is > OK, and b) for the module parameter, zero is a valid value but for DT it > is invalid. > That was on purpose: A module parameter of 0 reflects that no module parameter was provided, which is not an error. An explicit DT property with value 0 _is_ an error and does not make sense. "use the default", in the DT case, can and should be expressed by providing no property, not by providing a property with value 0. Guenter > Refactor the code to have a the same pattern of checks for the module > parameter and DT. Further ones can be easily added in the future if the > need arises. The above mentioned problems are fixed, too. > > Signed-off-by: Wolfram Sang <wsa+renesas@sang-engineering.com> > --- > drivers/watchdog/watchdog_core.c | 33 ++++++++++++++++++--------------- > 1 file changed, 18 insertions(+), 15 deletions(-) > > diff --git a/drivers/watchdog/watchdog_core.c b/drivers/watchdog/watchdog_core.c > index eb8fa25f8eb2..85c136acc0e9 100644 > --- a/drivers/watchdog/watchdog_core.c > +++ b/drivers/watchdog/watchdog_core.c > @@ -104,10 +104,11 @@ static void watchdog_check_min_max_timeout(struct watchdog_device *wdd) > * Initialize the timeout field of the watchdog_device struct with either the > * timeout module parameter (if it is valid value) or the timeout-sec property > * (only if it is a valid value and the timeout_parm is out of bounds). > - * If none of them are valid then we keep the old value (which should normally > - * be the default timeout value). > + * If none of them are valid or all of them are zero ("don't care") then we keep > + * the old value (which should normally be the default timeout value). > * > - * A zero is returned on success and -EINVAL for failure. > + * A zero is returned on success or -EINVAL if all provided values are out of > + * bounds. > */ > int watchdog_init_timeout(struct watchdog_device *wdd, > unsigned int timeout_parm, struct device *dev) > @@ -117,22 +118,24 @@ int watchdog_init_timeout(struct watchdog_device *wdd, > > watchdog_check_min_max_timeout(wdd); > > - /* try to get the timeout module parameter first */ > - if (!watchdog_timeout_invalid(wdd, timeout_parm) && timeout_parm) { > - wdd->timeout = timeout_parm; > - return ret; > - } > - if (timeout_parm) > + /* check the driver supplied value (likely a module parameter) first */ > + if (timeout_parm) { > + if (!watchdog_timeout_invalid(wdd, timeout_parm)) { > + wdd->timeout = timeout_parm; > + return 0; > + } > ret = -EINVAL; > + } > > /* try to get the timeout_sec property */ > - if (dev == NULL || dev->of_node == NULL) > - return ret; > - of_property_read_u32(dev->of_node, "timeout-sec", &t); > - if (!watchdog_timeout_invalid(wdd, t) && t) > - wdd->timeout = t; > - else > + if (dev && dev->of_node && > + of_property_read_u32(dev->of_node, "timeout-sec", &t) == 0 && t) { > + if (!watchdog_timeout_invalid(wdd, t)) { > + wdd->timeout = t; > + return 0; > + } > ret = -EINVAL; > + } > > return ret; > } >
> > The function is not easy to read and has two problems: a) -EINVAL is > > returned when the module parameter is invalid but the DT parameter is > > OK, and b) for the module parameter, zero is a valid value but for DT it > > is invalid. > > > > That was on purpose: A module parameter of 0 reflects that no module parameter > was provided, which is not an error. An explicit DT property with value 0 _is_ > an error and does not make sense. "use the default", in the DT case, can and > should be expressed by providing no property, not by providing a property with > value 0. OK, I can fix the code to do that as before. And add some documentation to describe that. Please let me know if it is documented already and I just missed it.
On 4/14/19 6:42 AM, Wolfram Sang wrote: > >>> The function is not easy to read and has two problems: a) -EINVAL is >>> returned when the module parameter is invalid but the DT parameter is >>> OK, and b) for the module parameter, zero is a valid value but for DT it >>> is invalid. >>> >> >> That was on purpose: A module parameter of 0 reflects that no module parameter >> was provided, which is not an error. An explicit DT property with value 0 _is_ >> an error and does not make sense. "use the default", in the DT case, can and >> should be expressed by providing no property, not by providing a property with >> value 0. > > OK, I can fix the code to do that as before. And add some documentation > to describe that. Please let me know if it is documented already and I > just missed it. > The existing documentation is indeed a bit vague. Explicitly documenting the expected behavior would be a good idea. I keep having to explain how this is supposed to work for almost every new driver. The most difficult part is to get people to understand that the 'timeout' module parameter value should _not_ be pre-initialized with the default timeout but with 0. Thanks, Guenter
Hello! On 14.04.2019 13:26, Wolfram Sang wrote: > The function is not easy to read and has two problems: a) -EINVAL is > returned when the module parameter is invalid but the DT parameter is > OK, and b) for the module parameter, zero is a valid value but for DT it > is invalid. > > Refactor the code to have a the same pattern of checks for the module ^^^^^ One article would be enough. :-) > parameter and DT. Further ones can be easily added in the future if the > need arises. The above mentioned problems are fixed, too. > > Signed-off-by: Wolfram Sang <wsa+renesas@sang-engineering.com> [...] MBR, Sergei
diff --git a/drivers/watchdog/watchdog_core.c b/drivers/watchdog/watchdog_core.c index eb8fa25f8eb2..85c136acc0e9 100644 --- a/drivers/watchdog/watchdog_core.c +++ b/drivers/watchdog/watchdog_core.c @@ -104,10 +104,11 @@ static void watchdog_check_min_max_timeout(struct watchdog_device *wdd) * Initialize the timeout field of the watchdog_device struct with either the * timeout module parameter (if it is valid value) or the timeout-sec property * (only if it is a valid value and the timeout_parm is out of bounds). - * If none of them are valid then we keep the old value (which should normally - * be the default timeout value). + * If none of them are valid or all of them are zero ("don't care") then we keep + * the old value (which should normally be the default timeout value). * - * A zero is returned on success and -EINVAL for failure. + * A zero is returned on success or -EINVAL if all provided values are out of + * bounds. */ int watchdog_init_timeout(struct watchdog_device *wdd, unsigned int timeout_parm, struct device *dev) @@ -117,22 +118,24 @@ int watchdog_init_timeout(struct watchdog_device *wdd, watchdog_check_min_max_timeout(wdd); - /* try to get the timeout module parameter first */ - if (!watchdog_timeout_invalid(wdd, timeout_parm) && timeout_parm) { - wdd->timeout = timeout_parm; - return ret; - } - if (timeout_parm) + /* check the driver supplied value (likely a module parameter) first */ + if (timeout_parm) { + if (!watchdog_timeout_invalid(wdd, timeout_parm)) { + wdd->timeout = timeout_parm; + return 0; + } ret = -EINVAL; + } /* try to get the timeout_sec property */ - if (dev == NULL || dev->of_node == NULL) - return ret; - of_property_read_u32(dev->of_node, "timeout-sec", &t); - if (!watchdog_timeout_invalid(wdd, t) && t) - wdd->timeout = t; - else + if (dev && dev->of_node && + of_property_read_u32(dev->of_node, "timeout-sec", &t) == 0 && t) { + if (!watchdog_timeout_invalid(wdd, t)) { + wdd->timeout = t; + return 0; + } ret = -EINVAL; + } return ret; }
The function is not easy to read and has two problems: a) -EINVAL is returned when the module parameter is invalid but the DT parameter is OK, and b) for the module parameter, zero is a valid value but for DT it is invalid. Refactor the code to have a the same pattern of checks for the module parameter and DT. Further ones can be easily added in the future if the need arises. The above mentioned problems are fixed, too. Signed-off-by: Wolfram Sang <wsa+renesas@sang-engineering.com> --- drivers/watchdog/watchdog_core.c | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-)