User: Password:
|
|
Subscribe / Log in / New account

_must_check

_must_check

Posted Nov 23, 2006 15:12 UTC (Thu) by nix (subscriber, #2304)
In reply to: _must_check by gnb
Parent article: KHB: Automating bug hunting

Also, (void)blah is *really ugly*. To me casts to void look *wrong*. They only really make sense in the context of C++ templates (for the same reason that returning `values of type void' can sometimes make sense there).


(Log in to post comments)

Re: _must_check

Posted Nov 24, 2006 1:30 UTC (Fri) by ldo (guest, #40946) [Link]

>Also, (void)blah is *really ugly*. To me casts to void look *wrong*.

It's either

(void)unlink(filename);

or

ignore_unwanted_result = unlink(filename);

Which would you prefer?

Re: _must_check

Posted Nov 24, 2006 21:58 UTC (Fri) by nix (subscriber, #2304) [Link]

Since the whole point of __attribute__((warn_unused_result)) is that it
should be applied only to functions where it is nearly always a mistake to
ignore the result at all, the question is academic.

The problem with (in effect) adding that attribute to every function is
that it *would* require one ugly workaround or another, and thus would
encourage using such workarounds even for those functions where it *is* an
error to ignore the result. This would eliminate a large part of the point
of warn_unused_result, and reduce net security.

(I've seen exactly this happen on codebases that frequently get attacked
by IMHO flawed lint tools that *do* emit such warnings as you propose.
(void)foo() crops up whenever foo()'s result is ignored, *even when
ignoring that result is in fact a bad idea*.)

Re: _must_check

Posted Nov 30, 2006 2:05 UTC (Thu) by ldo (guest, #40946) [Link]

>Since the whole point of __attribute__((warn_unused_result)) is that
>it should be applied only to functions where it is nearly always a
>mistake to ignore the result at all, the question is academic.

On the contrary, the question is far from academic. This business of having to ignore return values by assigning them to rubbish variables (as opposed to simply casting them to void) has already infected the Linux kernel--and indeed, led to bugs there. A clean, uniform solution is needed.

Re: _must_check

Posted Nov 28, 2006 4:30 UTC (Tue) by xoddam (subscriber, #2322) [Link]

How about
#define do (void)
?

Re: _must_check

Posted Nov 28, 2006 23:56 UTC (Tue) by nix (subscriber, #2304) [Link]

That particular choice of name kinda wrecks do/while loops, don't you
think?

Re: _must_check

Posted Nov 29, 2006 2:03 UTC (Wed) by xoddam (subscriber, #2322) [Link]

Oh yes. I'll get my coat.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds