lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 15 Aug 2018 20:49:04 +0100
From:   Al Viro <viro@...IV.linux.org.uk>
To:     Martin Schroeder <mkschreder.uk@...glemail.com>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: A far fetched goal to clean up code quality

On Wed, Aug 15, 2018 at 08:33:36PM +0200, Martin Schroeder wrote:
> I propose using following set of GCC flags to enforce code quality in
> the long run.
> 
>     -Wall -Wextra -Werror\
>     -std=gnu11\
>     -pedantic \
>     -Wchar-subscripts\
>     -Wformat\
>     -Wformat-nonliteral\
>     -Wformat-security\
>     -Wmissing-braces\
>     -Wparentheses\
>     -Wsequence-point\
>     -Wswitch\
>     -Wtrigraphs\
>     -Wno-unused-function\
>     -Wunused-label\
>     -Wno-unused-parameter\
>     -Wunused-variable\
>     -Wunused-value\
>     -Wuninitialized\
>     -Wdiv-by-zero\
>     -Wfloat-equal\
>     -Wdouble-promotion\
>     -fsingle-precision-constant\
>     -Wshadow\
>     -Wpointer-arith\
>     -Wwrite-strings\
>     -Wconversion\
>     -Wredundant-decls\
>     -Wunreachable-code\
>     -Winline\
>     -Wenum-compare \
>     -Wlong-long\
>     -Wchar-subscripts

I will probably regret it, but... do you even know C?  And have you ever
bothered to read the documentation describing all those oh-so-fine options,
or have you simply aped the list from some... place?

For example, this:
'-Wlong-long'
     Warn if 'long long' type is used.  This is enabled by either
     '-Wpedantic' or '-Wtraditional' in ISO C90 and C++98 modes.  To
     inhibit the warning messages, use '-Wno-long-long'.
and the warning it triggers is <drumrolls>
	"ISO C90 does not support ‘long long’ [-Wlong-long]".

Now, could the esteemed sir be arsed to explain the meaning of "-std=gnu11"?
Take your time and use your own words.  Then explain just how would that
warning be relevant to chosen C dialect.  For an extra credit, explain
just how the hell is one supposed to represent 64bit arithmetical data on
32bit architectures without using the dreaded long long.

Free advice: do try to understand what you are proposing when you are
setting lofty goals for everybody else to toil for.

Al "I loathe aspiring PHBs" Viro, in rather foul mood at the moment...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ