lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 22 Sep 2014 12:44:17 -0700
From:	Jeff Kirsher <jeffrey.t.kirsher@...el.com>
To:	Borislav Petkov <bp@...en8.de>
Cc:	"Rustad, Mark D" <mark.d.rustad@...el.com>,
	"sparse@...isli.org" <sparse@...isli.org>,
	"linux-sparse@...r.kernel.org" <linux-sparse@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 0/7] Silence even more W=2 warnings

On Mon, 2014-09-22 at 21:21 +0200, Borislav Petkov wrote:
> On Mon, Sep 22, 2014 at 06:59:23PM +0000, Rustad, Mark D wrote:
> > It is helpful for using the warnings to look for problems or even
> just risks.
> 
> That's what W= builds are for.
> 
> > Right now the number of warnings generated when using W=2 simply
> tells
> > people to never use W=2.
> 
> I showed you how to use W=2 and 3 for that matter - pipe the output
> into
> a file and grep away.
> 

Not sure you showed us, since that is how everyone has had to do to
actual find W= builds useful.  Just because that is how we HAVE to do it
now, does not make it the best way.  Here is a thought, we don't we fix
the potential issues, so that W= builds do not generate over 100,000
errors/warnings.

Mark did this approach because it would either spur the conversation
that this is a good idea OR let's fix the root problem.  Instead it
sounds like your response is "life sucks, get over it" and put your head
back in the sand to ignore the problem.

> > That severely limits the value of a useful tool. A checkpatch
> warning
> > doesn't mean to never do that, just that it needs a critical look
> and
> > justification. That is certainly true of every patch I made that
> uses
> > those macros.
> 
> Sorry, if you need to shut up the compiler by adding code with the
> sole
> purpose to not issue a warning for otherwise perfectly fine code, then
> something's wrong with the whole endeavor in the first place.
> 
> There's a reason W= warnings are disabled in the default build.



Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ