Re: Rust kernel policy

From: David Laight
Date: Sun Feb 23 2025 - 11:42:19 EST

Next message: Kuan-Wei Chiu: "[PATCH 03/17] x86: Replace open-coded parity calculation with parity8()"
Previous message: Ard Biesheuvel: "Re: [PATCH] efi/cper: Fix cper_arm_ctx_info alignment"
In reply to: Linus Torvalds: "Re: Rust kernel policy"
Next in thread: Martin Uecker: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 21 Feb 2025 15:04:04 -0800
Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:

> On Fri, 21 Feb 2025 at 14:23, Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> >
> > If I could just get a warning for this stupid mistake:
> >
> > size_t ret;
> >
> > ret = func();
> > if (ret < 0)
> > error();
>
> Note that my main beef with the crazy compiler warning is that it
> literally triggers for *RANGE CHECKS*.
>
> IOW, it's literally the "if (a < 0 || a > XYZ)" thing that absolutely
> MUST NOT WARN. EVER. If it does, the compiler is broken.

The other one is where it already knows the code is being discarded.
I suspect it even warns for:
unsigned int x;
if (1 || x < 0) ...
You can't even escape with Generic (a switch statement based on the type
of a variable). All the options have to compile with all the types.

David

Next message: Kuan-Wei Chiu: "[PATCH 03/17] x86: Replace open-coded parity calculation with parity8()"
Previous message: Ard Biesheuvel: "Re: [PATCH] efi/cper: Fix cper_arm_ctx_info alignment"
In reply to: Linus Torvalds: "Re: Rust kernel policy"
Next in thread: Martin Uecker: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]