[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wgG0nzFbGi_HmH9Yxi2KCofG5jPYNZQPA5+GsOfsZjWkw@mail.gmail.com>
Date: Tue, 14 Jun 2022 13:43:11 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Alexander Potapenko <glider@...gle.com>
Cc: Evgenii Stepanov <eugenis@...gle.com>,
Kees Cook <keescook@...omium.org>,
Marco Elver <elver@...gle.com>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>,
Vitaly Buka <vitalybuka@...gle.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-toolchains <linux-toolchains@...r.kernel.org>
Subject: Re: [PATCH] [RFC] Initialization of unused function parameters
On Tue, Jun 14, 2022 at 1:20 PM Alexander Potapenko <glider@...gle.com> wrote:
>
> What about the cases where these uninitialized values are never used
> in the callee?
I assume that what happens is that when things are inlined, the
compiler then sees that there is no actual uninitialized value, and
that's ok.
But if things aren't inlined, I really hope all compilers already warn
about "look, I'm calling this function with an uninitialized
argument".
IOW, compilers can - and should - obviously take more information into
account when they can see it.
So no, don't warn for things you can actually see are not used.
IOW, you shouldn't warn because of any _syntactic_ issue of it being
an argument to a function. We often use inlining as an actually
semantically meaningful thing, and the compiler should *not* warn for
some theoretical "if this was not inlined, the argument would be used
and be uninitialized" case.
For an example of this kind of "not really used" thing, I could
imagine that some configuration might need a "cookie" model to pair up
actions, and you have a
void *cookie;
start(arg, &cookie);
....
end(cookie);
kind of situation.
But then I could imagine that other configurations don't actually need
or use that "end()" thing at all, and would leave "cookie"
uninitialized, because the only valid use would be an inline function
that is empty, and purely there for those *other* configurations.
Again, if the compiler inlines 'end()', and sees that 'cookie' is not
actually used, then no complaint is needed - or valid.
But if 'cookie()' is an actual real function call, and you don't see
the use of it, then it had better warn.
No?
Linus
Powered by blists - more mailing lists