lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 26 Nov 2020 08:33:24 +1100 (AEDT)
From:   Finn Thain <>
To:     Nick Desaulniers <>
cc:     James Bottomley <>,
        Kees Cook <>,
        "Gustavo A. R. Silva" <>,
        Joe Perches <>,
        Jakub Kicinski <>,,,,,
        linux-wireless <>,,
        dri-devel <>,
        LKML <>,
        Nathan Chancellor <>,,,,,,,,,,,,,,,,,,,,,
        amd-gfx list <>,,,,,,,
        Miguel Ojeda <>,,,,,,
        linux-arm-msm <>,,,,,,,,,,,,,
        Linux ARM <>,,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <>,,,
        Linux Memory Management List <>,
        Network Development <>,,,
        Linux-Renesas <>,,,,
        Jonathan Cameron <>,
        Greg KH <>
Subject: Re: [Intel-wired-lan] [PATCH 000/141] Fix fall-through warnings for

On Wed, 25 Nov 2020, Nick Desaulniers wrote:

> So developers and distributions using Clang can't have 
> -Wimplicit-fallthrough enabled because GCC is less strict (which has 
> been shown in this thread to lead to bugs)?  We'd like to have nice 
> things too, you know.

Apparently the GCC developers don't want you to have "nice things" either. 
Do you think that the kernel should drop gcc in favour of clang?
Or do you think that a codebase can somehow satisfy multiple checkers and 
their divergent interpretations of the language spec?

> This is not a shiny new warning; it's already on for GCC and has existed 
> in both compilers for multiple releases.

Perhaps you're referring to the compiler feature that lead to the 
ill-fated, tree-wide /* fallthrough */ patch series.

When the ink dries on the C23 language spec and the implementations figure 
out how to interpret it then sure, enforce the warning for new code -- the 
cost/benefit analysis is straight forward. However, the case for patching 
existing mature code is another story.

Powered by blists - more mailing lists