[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 3 Mar 2016 16:04:48 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Jakub Jelinek <jakub@...hat.com>
Cc: Arnaldo Carvalho de Melo <acme@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Colin King <colin.king@...onical.com>,
Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
Richard Henderson <rth@...ddle.net>,
Dan Carpenter <dan.carpenter@...cle.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: Q: why didn't GCC warn about this uninitialized variable? (was:
Re: [PATCH] perf tests: initialize sa.sa_flags)
* Ingo Molnar <mingo@...nel.org> wrote:
> Yes, -Ow would be very useful, if it can 'guarantee' that no false negatives slip
> through:
> [...]
> This way no undeterministic, random, uninitialized (and worst-case: attacker
> controlled) values can ever enter the program flow (from the stack) [...]
Note that mainstream Linux distro kernels already enable various options that
cause noticeable runtime overhead: such as stackprotector, or -pg.
So if GCC could simply warn about _all_ uninitialized variables that it cannot
prove are initialized before use, and implicitly initialize them to 0 in that
case, that would be really valuable. (Combined with a function argument attribute
mechanism that tells the compiler that an object pointed to by a pointer gets
fully initialized by the function.)
The runtime overhead can be eliminated by addressing the warnings. If no warnings
are emitted then the generated code should be equivalent to regularly optimized
code, right?
Thanks,
Ingo
Powered by blists - more mailing lists