lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 31 May 2023 12:14:17 +0200
From:   Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To:     David Gow <davidgow@...gle.com>
Cc:     Miguel Ojeda <ojeda@...nel.org>,
        Dan Carpenter <dan.carpenter@...aro.org>,
        Shuah Khan <skhan@...uxfoundation.org>,
        Brendan Higgins <brendan.higgins@...ux.dev>,
        Rae Moar <rmoar@...gle.com>,
        Daniel Latypov <dlatypov@...gle.com>,
        kunit-dev@...glegroups.com, linux-kselftest@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kunit: Move kunit_abort() call out of kunit_do_failed_assertion()

On Wed, May 31, 2023 at 7:22 AM David Gow <davidgow@...gle.com> wrote:
>
> KUnit aborts the current thread when an assertion fails. Currently, this
> is done conditionally as part of the kunit_do_failed_assertion()
> function, but this hides the kunit_abort() call from the compiler
> (particularly if it's in another module). This, in turn, can lead to
> both suboptimal code generation (the compiler can't know if
> kunit_do_failed_assertion() will return), and to static analysis tools
> like smatch giving false positives.
>
> Moving the kunit_abort() call into the macro should give the compiler
> and tools a better chance at understanding what's going on. Doing so
> requires exporting kunit_abort(), though it's recommended to continue to
> use assertions in lieu of aborting directly.
>
> In addition, kunit_abort() and kunit_do_failed_assertion() are renamed
> to make it clear they they're intended for internal KUnit use, to:
> __kunit_do_failed_assertion() and __kunit_abort()
>
> Suggested-by: Dan Carpenter <dan.carpenter@...aro.org>
> Signed-off-by: David Gow <davidgow@...gle.com>

Reviewed-by: Miguel Ojeda <ojeda@...nel.org>

Also tested on top of the Rust doctests KUnit changes with [1].

Thanks!

Cheers,
Miguel

[1]

diff --git a/rust/kernel/kunit.rs b/rust/kernel/kunit.rs
index 48adb992da936..3fae6284abbc2 100644
--- a/rust/kernel/kunit.rs
+++ b/rust/kernel/kunit.rs
@@ -61,7 +61,7 @@ macro_rules! kunit_assert {
             //     next test runs, that test failures should be fixed
and that KUnit is explicitly
             //     documented as not suitable for production
environments, we feel it is reasonable.
             unsafe {
-                $crate::bindings::kunit_do_failed_assertion(
+                $crate::bindings::__kunit_do_failed_assertion(
                     $test,
                     core::ptr::addr_of!(LOCATION.0),
                     $crate::bindings::kunit_assert_type_KUNIT_ASSERTION,
@@ -70,6 +70,13 @@ macro_rules! kunit_assert {
                     core::ptr::null(),
                 );
             }
+
+            // SAFETY: FFI call; the `test` pointer is valid because
this hidden macro should only
+            // be called by the generated documentation tests which
forward the test pointer given
+            // by KUnit.
+            unsafe {
+                $crate::bindings::__kunit_abort($test);
+            }
         }
     }};
 }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ