lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 27 Jul 2021 12:02:33 -0700
From:   Nick Desaulniers <ndesaulniers@...gle.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Bill Wendling <morbo@...gle.com>,
        Nathan Chancellor <nathan@...nel.org>,
        "Rafael J. Wysocki" <rafael@...nel.org>,
        clang-built-linux <clang-built-linux@...glegroups.com>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-toolchains@...r.kernel.org
Subject: Re: [PATCH v2 1/3] base: mark 'no_warn' as unused

On Tue, Jul 27, 2021 at 11:45 AM Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
>
> On Tue, Jul 27, 2021 at 11:31:38AM -0700, Nick Desaulniers wrote:
> > On Tue, Jul 27, 2021 at 10:59 AM Greg Kroah-Hartman
> > <gregkh@...uxfoundation.org> wrote:
> > >
> > > On Tue, Jul 27, 2021 at 10:39:49AM -0700, Nick Desaulniers wrote:
> > > > If there are
> > > > cases where it's ok to not check the return value, consider not using
> > > > warn_unused_result on function declarations.
> > >
> > > Ok, so what do you do when you have a function like this where 99.9% of
> > > the users need to check this?  Do I really need to write a wrapper
> > > function just for it so that I can use it "safely" in the core code
> > > instead?
> > >
> > > Something like:
> > >
> > > void do_safe_thing_and_ignore_the_world(...)
> > > {
> > >         __unused int error;
> > >
> > >         error = do_thing(...);
> > > }
> > >
> > > Or something else to get the compiler to be quiet about error being set
> > > and never used?  There HAS to be that option somewhere anyway as we need
> > > it for other parts of the kernel where we do:
> > >         write_bus(device, &value);
> > >         value = read_bus(device);
> > > and then we ignore value as it is not needed, but yet we still HAVE to
> > > call read_bus() here, yet read_bus() is set as warn_unused_result()
> > > because, well, it is a read function :)
> >
> > Such wrappers are trivial with __attribute__((alias(""))):
> > https://godbolt.org/z/j5afPbGcM
> >
> > At least then it's very obvious if someone adds more call sites to
> > such an alias. Then that calls for closer inspection in code review
> > that yes, this is one of those 0.01% of cases.  Since they occur 0.01%
> > of the time, I don't expect such aliases to occur too frequently.
>
> That is just, well, horrible.  Seriously horrible.  Wow.

Yeah, well, that's how I feel about warn_unused_result_except_I_didn't_mean_it.

> And that is the "documented" way to do this?  That feels like an abuse
> of the already-horrible-why-do-they-do-that-for-variables use of the
> alias attribute.

You could also use #pragma's to disable the warning locally, with a
good comment about why it's ok to ignore the return code.

> How badly are compiler people going to complain to me about this if
> it's in this file?
> I can take a patch for that, but I feel the comments involved will make
> people, including myself when I have to look a the code again in 5
> years, even more confused...
>
> ick, I feel dirty...
>
> greg k-h

-- 
Thanks,
~Nick Desaulniers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ