lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <44005bde-f6d4-5eaa-39b8-1a5efeedb2d3@gmail.com>
Date:   Wed, 25 Nov 2020 22:44:35 +0000
From:   Edward Cree <ecree.xilinx@...il.com>
To:     Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
        James Bottomley <James.Bottomley@...senpartnership.com>
Cc:     Kees Cook <keescook@...omium.org>,
        Jakub Kicinski <kuba@...nel.org>,
        "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        alsa-devel@...a-project.org, amd-gfx@...ts.freedesktop.org,
        bridge@...ts.linux-foundation.org, ceph-devel@...r.kernel.org,
        cluster-devel@...hat.com, coreteam@...filter.org,
        devel@...verdev.osuosl.org, dm-devel@...hat.com,
        drbd-dev@...ts.linbit.com, dri-devel@...ts.freedesktop.org,
        GR-everest-linux-l2@...vell.com, GR-Linux-NIC-Dev@...vell.com,
        intel-gfx@...ts.freedesktop.org, intel-wired-lan@...ts.osuosl.org,
        keyrings@...r.kernel.org, linux1394-devel@...ts.sourceforge.net,
        linux-acpi@...r.kernel.org, linux-afs@...ts.infradead.org,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        linux-arm-msm@...r.kernel.org,
        linux-atm-general@...ts.sourceforge.net,
        linux-block@...r.kernel.org, linux-can@...r.kernel.org,
        linux-cifs@...r.kernel.org,
        Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
        linux-decnet-user@...ts.sourceforge.net,
        Ext4 Developers List <linux-ext4@...r.kernel.org>,
        linux-fbdev@...r.kernel.org, linux-geode@...ts.infradead.org,
        linux-gpio@...r.kernel.org, linux-hams@...r.kernel.org,
        linux-hwmon@...r.kernel.org, linux-i3c@...ts.infradead.org,
        linux-ide@...r.kernel.org, linux-iio@...r.kernel.org,
        linux-input <linux-input@...r.kernel.org>,
        linux-integrity@...r.kernel.org,
        linux-mediatek@...ts.infradead.org,
        Linux Media Mailing List <linux-media@...r.kernel.org>,
        linux-mmc@...r.kernel.org, Linux-MM <linux-mm@...ck.org>,
        linux-mtd@...ts.infradead.org, linux-nfs@...r.kernel.org,
        linux-rdma@...r.kernel.org, linux-renesas-soc@...r.kernel.org,
        linux-scsi@...r.kernel.org, linux-sctp@...r.kernel.org,
        linux-security-module@...r.kernel.org,
        linux-stm32@...md-mailman.stormreply.com,
        linux-usb@...r.kernel.org, linux-watchdog@...r.kernel.org,
        linux-wireless <linux-wireless@...r.kernel.org>,
        Network Development <netdev@...r.kernel.org>,
        netfilter-devel@...r.kernel.org, nouveau@...ts.freedesktop.org,
        op-tee@...ts.trustedfirmware.org, oss-drivers@...ronome.com,
        patches@...nsource.cirrus.com, rds-devel@....oracle.com,
        reiserfs-devel@...r.kernel.org, samba-technical@...ts.samba.org,
        selinux@...r.kernel.org, target-devel@...r.kernel.org,
        tipc-discussion@...ts.sourceforge.net,
        usb-storage@...ts.one-eyed-alien.net,
        virtualization@...ts.linux-foundation.org,
        wcn36xx@...ts.infradead.org,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
        xen-devel@...ts.xenproject.org, linux-hardening@...r.kernel.org,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Nathan Chancellor <natechancellor@...il.com>,
        Miguel Ojeda <ojeda@...nel.org>, Joe Perches <joe@...ches.com>
Subject: Re: [PATCH 000/141] Fix fall-through warnings for Clang

On 25/11/2020 00:32, Miguel Ojeda wrote:
> I have said *authoring* lines of *this* kind takes a minute per line.
> Specifically: lines fixing the fallthrough warning mechanically and
> repeatedly where the compiler tells you to, and doing so full-time for
> a month.
<snip>
> It is useful since it makes intent clear.
To make the intent clear, you have to first be certain that you
 understand the intent; otherwise by adding either a break or a
 fallthrough to suppress the warning you are just destroying the
 information that "the intent of this code is unknown".
Figuring out the intent of a piece of unfamiliar code takes more
 than 1 minute; just because
    case foo:
        thing;
    case bar:
        break;
 produces identical code to
    case foo:
        thing;
        break;
    case bar:
        break;
 doesn't mean that *either* is correct — maybe the author meant
 to write
    case foo:
        return thing;
    case bar:
        break;
 and by inserting that break you've destroyed the marker that
 would direct someone who knew what the code was about to look
 at that point in the code and spot the problem.
Thus, you *always* have to look at more than just the immediate
 mechanical context of the code, to make a proper judgement that
 yes, this was the intent.  If you think that that sort of thing
 can be done in an *average* time of one minute, then I hope you
 stay away from code I'm responsible for!
One minute would be an optimistic target for code that, as the
 maintainer, one is already somewhat familiar with.  For code
 that you're seeing for the first time, as is usually the case
 with the people doing these mechanical fix-a-warning patches,
 it's completely unrealistic.

A warning is only useful because it makes you *think* about the
 code.  If you suppress the warning without doing that thinking,
 then you made the warning useless; and if the warning made you
 think about code that didn't *need* it, then the warning was
 useless from the start.

So make your mind up: does Clang's stricter -Wimplicit-fallthrough
 flag up code that needs thought (in which case the fixes take
 effort both to author and to review) or does it flag up code
 that can be mindlessly "fixed" (in which case the warning is
 worthless)?  Proponents in this thread seem to be trying to
 have it both ways.

-ed

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ