Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp456633pxm; Wed, 2 Mar 2022 01:50:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJxo5CRZla/NKo6n9lIWZtazaB+hmHlGT/hG1funsY4aeIBfSXBgQNqhBl3zE41CTZX4OF4K X-Received: by 2002:a05:6a00:1954:b0:4e1:f25:ce41 with SMTP id s20-20020a056a00195400b004e10f25ce41mr32286527pfk.44.1646214621974; Wed, 02 Mar 2022 01:50:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646214621; cv=none; d=google.com; s=arc-20160816; b=en/Zoiv553TuIJier2y0RGNj4io6HRdjil13du9hB7zA/8rbQ1KRoYRkjNE7/vsjMH LBmFsfcZssT7IZrr0MKEtulYbRvkQpG69at0XbeCYCvsBmzTyHpvJQr5yRg8+2l7iUrg kIKNeWyjw6WdB+tzRh4qxoGAvQu8HDYv5gl6nHiRglmqYEnn2R4F9dqVb2G6+5MSsAzX +rPoqlL18RTz3SGce6kUXUKiG796Ts3SN75iBLaDEvE5eOLhTO1ndkv7ykgpxGiiWDk6 2F9oShwmeb5OK2La+PFd9lX1qm6xIPPUrIjIk2LecLQoASf0/ccEbUvoZaMZ8UIkaEAX BAZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=XH8CYV/Z50iBLZ27uSo3DlVY0KhJ8ZO+RiecWTcYel0=; b=YUWbmusa+fCmINzRcGA53IMDlhEcO2aOD/+FYoG/7hFVsdUAwoA1ARsOXNekPQwJxt ZzfAXO+eL6I33Sc/ey+O2/2ME03petHPDaVIXSGhXHn5hbYib34y/RECNFpEZWmoA9MF 3Nn/Wc3qsm7Y34OpTofLomwGMBY5xjFbubu0SSunhFcoshiICWMGFsJ4YL+DdjDIyLvk llFIsZctblPvdQY8DSd/9DAUt8EZ9D0gpsW+8s1wYP0kSAlczMTbB0FOx60jvDBbKuvd BFnfdwSSWaSyfpPO/54eMqA6xTt05kVx539I7H309gQCgVneSoSnSiPMNhjwlvhiDrnJ pnCw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=IQg4uBej; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z12-20020a65610c000000b00373dd4e83f8si16037227pgu.168.2022.03.02.01.50.00; Wed, 02 Mar 2022 01:50:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=IQg4uBej; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236980AbiCBJaW (ORCPT + 99 others); Wed, 2 Mar 2022 04:30:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40254 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240436AbiCBJaV (ORCPT ); Wed, 2 Mar 2022 04:30:21 -0500 Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8188CB8211 for ; Wed, 2 Mar 2022 01:29:36 -0800 (PST) Received: by mail-lj1-x22a.google.com with SMTP id r20so1407168ljj.1 for ; Wed, 02 Mar 2022 01:29:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rasmusvillemoes.dk; s=google; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=XH8CYV/Z50iBLZ27uSo3DlVY0KhJ8ZO+RiecWTcYel0=; b=IQg4uBejV+wOE9gbvRPz3nvi4LkiiVw4YSIjC8NPteocLXX0uLpiZyGXJ60leACu72 E2mMgbaj2BDeYnhoOw0DKPRcT2bjIlB4yRTWQZ65OcYRTHhlWzgeq8LyFprIEpiij6N8 YNaymndxJaFKphqyYHlKdyPolm4uaJOX+WJuI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=XH8CYV/Z50iBLZ27uSo3DlVY0KhJ8ZO+RiecWTcYel0=; b=dzq3chbYEREJECrpfA0c75NKcR0Gpzbw1PYFp2ngCb8UOkRz+cnxb2mob4fPzHoQP2 9tB1x0ERA9AxufulbUoT5SPXoniX2iHZViWg7tusNUTuA1mtu0PQXdb+06Gg6qpny55o DA7B2l4Y5fcuCNZThBXa9otlmdNNTMyUX2zfUnuM5Au8YkvuOGGtcMcGWt0tZPjM2pwb XqEEDkgq8eiAyso8hLtQJOZ4dJO3WJ8GH7gQ4emRlu/NuzIhsWG8PLRC3bvYnDAJ0VLQ 0JFigwXAALcMoANoAdaZ0Lcf8pIRBSVlbeQMTGBMYaQ72TZwAc9uiqzmJ7Qxq3yzZjTe KL+Q== X-Gm-Message-State: AOAM531tAcihxyW7GB1XxkTeXiyAmjslwULq3lRZ/Hb3MhNiI8V5SWDI WOvq0JhQdtMDUYl5+1YDETgOgA== X-Received: by 2002:a2e:3c0d:0:b0:246:3c52:7ada with SMTP id j13-20020a2e3c0d000000b002463c527adamr19885072lja.459.1646213374808; Wed, 02 Mar 2022 01:29:34 -0800 (PST) Received: from [172.16.11.74] ([81.216.59.226]) by smtp.gmail.com with ESMTPSA id f36-20020a0565123b2400b0043795432e87sm1960430lfv.150.2022.03.02.01.29.31 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Mar 2022 01:29:33 -0800 (PST) Message-ID: <78ccb184-405e-da93-1e02-078f90d2b9bc@rasmusvillemoes.dk> Date: Wed, 2 Mar 2022 10:29:31 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH 2/6] treewide: remove using list iterator after loop body as a ptr Content-Language: en-US To: Linus Torvalds , David Laight Cc: James Bottomley , linux-wireless , "alsa-devel@alsa-project.org" , KVM list , "Gustavo A. R. Silva" , "linux-iio@vger.kernel.org" , "nouveau@lists.freedesktop.org" , Rasmus Villemoes , dri-devel , Cristiano Giuffrida , "Bos, H.J." , "linux1394-devel@lists.sourceforge.net" , "drbd-dev@lists.linbit.com" , linux-arch , CIFS , "linux-aspeed@lists.ozlabs.org" , linux-scsi , linux-rdma , "linux-staging@lists.linux.dev" , amd-gfx list , Jason Gunthorpe , "intel-wired-lan@lists.osuosl.org" , "kgdb-bugreport@lists.sourceforge.net" , "bcm-kernel-feedback-list@broadcom.com" , Dan Carpenter , Linux Media Mailing List , Kees Cook , Arnd Bergman , Linux PM , intel-gfx , Brian Johannesmeyer , Nathan Chancellor , dma , Christophe JAILLET , Jakob Koschel , "v9fs-developer@lists.sourceforge.net" , linux-tegra , Thomas Gleixner , Andy Shevchenko , Linux ARM , "linux-sgx@vger.kernel.org" , linux-block , Netdev , "linux-usb@vger.kernel.org" , "samba-technical@lists.samba.org" , Linux Kernel Mailing List , Linux F2FS Dev Mailing List , "tipc-discussion@lists.sourceforge.net" , Linux Crypto Mailing List , linux-fsdevel , "linux-mediatek@lists.infradead.org" , Andrew Morton , linuxppc-dev , =?UTF-8?Q?Christian_K=c3=b6nig?= , Mike Rapoport References: <20220228110822.491923-1-jakobkoschel@gmail.com> <20220228110822.491923-3-jakobkoschel@gmail.com> <2e4e95d6-f6c9-a188-e1cd-b1eae465562a@amd.com> <282f0f8d-f491-26fc-6ae0-604b367a5a1a@amd.com> <7D0C2A5D-500E-4F38-AD0C-A76E132A390E@kernel.org> <73fa82a20910c06784be2352a655acc59e9942ea.camel@HansenPartnership.com> <7dc860874d434d2288f36730d8ea3312@AcuMS.aculab.com> <0ced2b155b984882b39e895f0211037c@AcuMS.aculab.com> From: Rasmus Villemoes In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 02/03/2022 00.55, Linus Torvalds wrote: > On Tue, Mar 1, 2022 at 3:19 PM David Laight wrote: >> > With the "don't use iterator outside the loop" approach, the exact > same code works in both the old world order and the new world order, > and you don't have the semantic confusion. And *if* you try to use the > iterator outside the loop, you'll _mostly_ (*) get a compiler warning > about it not being initialized. > > Linus > > (*) Unless somebody initializes the iterator pointer pointlessly. > Which clearly does happen. Thus the "mostly". It's not perfect, and > that's most definitely not nice - but it should at least hopefully > make it that much harder to mess up. This won't help the current issue (because it doesn't exist and might never), but just in case some compiler people are listening, I'd like to have some sort of way to tell the compiler "treat this variable as uninitialized from here on". So one could do #define kfree(p) do { __kfree(p); __magic_uninit(p); } while (0) with __magic_uninit being a magic no-op that doesn't affect the semantics of the code, but could be used by the compiler's "[is/may be] used uninitialized" machinery to flag e.g. double frees on some odd error path etc. It would probably only work for local automatic variables, but it should be possible to just ignore the hint if p is some expression like foo->bar or has side effects. If we had that, the end-of-loop test could include that to "uninitialize" the iterator. Maybe sparse/smatch or some other static analyzer could implement such a magic thing? Maybe it's better as a function attribute [__attribute__((uninitializes(1)))] to avoid having to macrofy all functions that release resources. Rasmus