diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2023-09-21 14:49:39 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2023-09-27 17:26:06 +0200 |
| commit | c1d2a070f282a95316e8f045e8959856518ab2f0 (patch) | |
| tree | 2a1f68cfa6e58f304dd3bbbfbf2c94408a5d8c52 | |
| parent | 5b6c68c2e4995b94110b62e9e8346fb372451e31 (diff) | |
| download | passt-c1d2a070f282a95316e8f045e8959856518ab2f0.tar passt-c1d2a070f282a95316e8f045e8959856518ab2f0.tar.gz passt-c1d2a070f282a95316e8f045e8959856518ab2f0.tar.bz2 passt-c1d2a070f282a95316e8f045e8959856518ab2f0.tar.lz passt-c1d2a070f282a95316e8f045e8959856518ab2f0.tar.xz passt-c1d2a070f282a95316e8f045e8959856518ab2f0.tar.zst passt-c1d2a070f282a95316e8f045e8959856518ab2f0.zip | |
util: Consolidate and improve workarounds for clang-tidy issue 58992
We have several workarounds for a clang-tidy bug where the checker doesn't
recognize that a number of system calls write to - and therefore initialise
- a socket address. We can't neatly use a suppression, because the bogus
warning shows up some time after the actual system call, when we access
a field of the socket address which clang-tidy erroneously thinks is
uninitialised.
Consolidate these workarounds into one place by using macros to implement
wrappers around affected system calls which add a memset() of the sockaddr
to silence clang-tidy. This removes the need for the individual memset()
workarounds at the callers - and the somewhat longwinded explanatory
comments.
We can then use a #define to not include the hack in "real" builds, but
only consider it for clang-tidy.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | icmp.c | 5 | ||||
| -rw-r--r-- | tcp.c | 8 | ||||
| -rw-r--r-- | util.h | 41 |
4 files changed, 43 insertions, 13 deletions
@@ -276,7 +276,7 @@ clang-tidy: $(SRCS) $(HEADERS) -concurrency-mt-unsafe,\ -readability-identifier-length \ -config='{CheckOptions: [{key: bugprone-suspicious-string-compare.WarnOnImplicitComparison, value: "false"}]}' \ - --warnings-as-errors=* $(SRCS) -- $(filter-out -pie,$(FLAGS) $(CFLAGS) $(CPPFLAGS)) + --warnings-as-errors=* $(SRCS) -- $(filter-out -pie,$(FLAGS) $(CFLAGS) $(CPPFLAGS)) -DCLANG_TIDY_58992 SYSTEM_INCLUDES := /usr/include $(wildcard /usr/include/$(TARGET)) ifeq ($(shell $(CC) -v 2>&1 | grep -c "gcc version"),1) @@ -76,11 +76,6 @@ void icmp_sock_handler(const struct ctx *c, union epoll_ref ref) if (c->no_icmp) return; - /* FIXME: Workaround clang-tidy not realizing that recvfrom() - * writes the socket address. See - * https://github.com/llvm/llvm-project/issues/58992 - */ - memset(&sr, 0, sizeof(sr)); n = recvfrom(ref.fd, buf, sizeof(buf), 0, (struct sockaddr *)&sr, &sl); if (n < 0) return; @@ -2752,19 +2752,13 @@ void tcp_listen_handler(struct ctx *c, union epoll_ref ref, const struct timespec *now) { struct sockaddr_storage sa; + socklen_t sl = sizeof(sa); union tcp_conn *conn; - socklen_t sl; int s; if (c->no_tcp || c->tcp.conn_count >= TCP_MAX_CONNS) return; - sl = sizeof(sa); - /* FIXME: Workaround clang-tidy not realizing that accept4() - * writes the socket address. See - * https://github.com/llvm/llvm-project/issues/58992 - */ - memset(&sa, 0, sizeof(struct sockaddr_in6)); s = accept4(ref.fd, (struct sockaddr *)&sa, &sl, SOCK_NONBLOCK); if (s < 0) return; @@ -9,6 +9,7 @@ #include <stdlib.h> #include <stdarg.h> #include <stdbool.h> +#include <string.h> #include "log.h" @@ -225,4 +226,44 @@ int __daemon(int pidfile_fd, int devnull_fd); int fls(unsigned long x); int write_file(const char *path, const char *buf); +/* + * Workarounds for https://github.com/llvm/llvm-project/issues/58992 + * + * For a number (maybe all) system calls that _write_ a socket address, + * clang-tidy doesn't register that the memory of the socket address will be + * initialised after the call. This can't easily be worked around with + * clang-tidy suppressions, because the warning doesn't show on the syscall + * itself but later when we access the supposedly uninitialised field. + */ +static inline void sa_init(struct sockaddr *sa, socklen_t *sl) +{ +#ifdef CLANG_TIDY_58992 + if (sa) + memset(sa, 0, *sl); +#else + (void)sa; + (void)sl; +#endif /* CLANG_TIDY_58992 */ +} + +static inline ssize_t wrap_recvfrom(int sockfd, void *buf, size_t len, + int flags, + struct sockaddr *src_addr, + socklen_t *addrlen) +{ + sa_init(src_addr, addrlen); + return recvfrom(sockfd, buf, len, flags, src_addr, addrlen); +} +#define recvfrom(s, buf, len, flags, src, addrlen) \ + wrap_recvfrom((s), (buf), (len), (flags), (src), (addrlen)) + +static inline int wrap_accept4(int sockfd, struct sockaddr *addr, + socklen_t *addrlen, int flags) +{ + sa_init(addr, addrlen); + return accept4(sockfd, addr, addrlen, flags); +} +#define accept4(s, addr, addrlen, flags) \ + wrap_accept4((s), (addr), (addrlen), (flags)) + #endif /* UTIL_H */ |