| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Mar 2016 16:04:48 +0100 From: Ingo Molnar <mingo@...nel.org> To: Jakub Jelinek <jakub@...hat.com> Cc: Arnaldo Carvalho de Melo <acme@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Colin King <colin.king@...onical.com>, Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org, Richard Henderson <rth@...ddle.net>, Dan Carpenter <dan.carpenter@...cle.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags) * Ingo Molnar <mingo@...nel.org> wrote: > Yes, -Ow would be very useful, if it can 'guarantee' that no false negatives slip > through: > [...] > This way no undeterministic, random, uninitialized (and worst-case: attacker > controlled) values can ever enter the program flow (from the stack) [...] Note that mainstream Linux distro kernels already enable various options that cause noticeable runtime overhead: such as stackprotector, or -pg. So if GCC could simply warn about _all_ uninitialized variables that it cannot prove are initialized before use, and implicitly initialize them to 0 in that case, that would be really valuable. (Combined with a function argument attribute mechanism that tells the compiler that an object pointed to by a pointer gets fully initialized by the function.) The runtime overhead can be eliminated by addressing the warnings. If no warnings are emitted then the generated code should be equivalent to regularly optimized code, right? Thanks, Ingo
Powered by blists - more mailing lists