[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string

To: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Fri, 13 Oct 2017 16:48:33 +0100
Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>
Delivery-date: Fri, 13 Oct 2017 15:49:00 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 13/10/17 14:01, Ian Jackson wrote:
> Wei Liu writes ("Re: [PATCH for-4.10] libxl: handle NULL in 
> libxl__enum_from_string"):
>> I agree they shouldn't be called with NULL. We should guard against
>> error (here or the libxl_*_type_from_string) or annotate the input can't
>> be NULL.
> I mean, who calls any  libxl_*_from_string  with s==NULL ?
>
> Also I don't think we should annotate that the input value can't be
> NULL, especially in a situation like this where the semantics could
> only be "this is wrong".  The API (and the internal calling
> conventions) are full of functions taking pointer arguments - are we
> going to annotate each one of those to say that it cannot be NULL ?
>
> Instead, what we have actually done so far, is annotate when a pointer
> parameter *may* be NULL, and, in that case, what that means:

This is exactly what attribute nonnull exists for.  As a bonus, using
the attribute will have the compiler complain at you if it spots a way
NULL gets passed, and UBSAN will add specific instrumentation to check.

Alternatively, you could assert(s) which would catch all (ab)uses and
also quiesce Coverity.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
  - From: Ian Jackson

References:
- [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
  - From: Wei Liu
- Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
  - From: Wei Liu
- Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
  - From: Ian Jackson

Prev by Date: Re: [Xen-devel] [PATCH v3 6/6] x86/msr: handle VMX MSRs with guest_rd/wrmsr()
Next by Date: Re: [Xen-devel] [PATCH v2] x86/hvm: Add MSR old value
Previous by thread: Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
Next by thread: Re: [Xen-devel] [PATCH for-4.10] libxl: handle NULL in libxl__enum_from_string
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.