| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 May 2016 17:34:50 -0400 From: Sandy Harris <sandyinchina@...il.com> To: "Theodore Ts'o" <tytso@....edu>, Jeffrey Walton <noloader@...il.com>, "H. Peter Anvin" <hpa@...or.com>, John Denker <jsd@...n.com>, LKML <linux-kernel@...r.kernel.org>, Stephan Mueller <smueller@...onox.de>, Herbert Xu <herbert@...dor.apana.org.au>, Andi Kleen <andi@...stfloor.org>, Sandy Harris <sandyinchina@...il.com>, Jason Cooper <cryptography@...edaemon.net>, linux-crypto@...r.kernel.org Subject: Re: better patch for linux/bitops.h On Wed, May 4, 2016 at 11:50 PM, Theodore Ts'o <tytso@....edu> wrote: > Instead of arguing over who's "sane" or "insane", can we come up with > a agreed upon set of tests, and a set of compiler and compiler > versions ... I completely fail to see why tests or compiler versions should be part of the discussion. The C standard says the behaviour in certain cases is undefined, so a standard-compliant compiler can generate more-or-less any code there. As long as any of portability, reliability or security are among our goals, any code that can give undefined behaviour should be considered problematic. > But instead of arguing over what works and doesn't, let's just create > the the test set and just try it on a wide range of compilers and > architectures, hmmm? No. Let's just fix the code so that undefined behaviour cannot occur. Creating test cases for a fix and trying them on a range of systems would be useful, perhaps essential, work. Doing tests without a fix would be a complete waste of time.
Powered by blists - more mailing lists