| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Aug 2016 17:25:41 +0200
From: Arnd Bergmann <arnd@...db.de>
To: linux-kernel@...r.kernel.org
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Arnd Bergmann <arnd@...db.de>,
Alexandre Courbot <gnurou@...il.com>,
David Howells <dhowells@...hat.com>,
"David S. Miller" <davem@...emloft.net>,
Fushen Chen <fchen@....com>,
Hadar Hen Zion <hadarh@...lanox.com>,
Iyappan Subramanian <isubramanian@....com>,
Jiri Pirko <jiri@...lanox.com>,
Keyur Chudgar <kchudgar@....com>,
Linus Walleij <linus.walleij@...aro.org>,
Phil Reid <preid@...ctromag.com.au>,
Russell King <linux@...linux.org.uk>,
Tomi Valkeinen <tomi.valkeinen@...com>,
linux-fbdev@...r.kernel.org, linux-gpio@...r.kernel.org,
netdev@...r.kernel.org
Subject: [PATCH 0/5] -Wmaybe-uninitialized bug fixes for linux-next
In 6e8d666e9253 ("Disable "maybe-uninitialized" warning globally"),
Linus wrote:
Looking at the warnings produced, every single one I looked at was a
false positive, and the warnings are frequent enough (and big enough)
that they can easily hide real problems that you don't notice in
the noise generated by -Wmaybe-uninitialized.
Today, I tried reverting the patch on linux-next and built an ARM
allmodconfig kernel on ARM along with some randconfig kernels,
and got a handful of warnings, all of which appear to be reasonable
and point to actual mistakes in the code. The difference to what
Linus saw must be that previously the useful warnings were more
likely to get fixed before making it into the kernel, while now
we have to find them the hard way.
These five patches address all new warnings. In some cases this
may not be the correct fix, so please review carefully before applying,
or suggest a better fix. No need to keep them as a series, I
just group them here for the sake of discussion. Please pick up
whatever looks right to you.
Obviously, this kind of warnings always produces some false positives
(see https://gcc.gnu.org/wiki/Better_Uninitialized_Warnings), but I still
hope to get a better balance with enabling them sometimes where
people want them, as the current approach of always enabling them
for "make W=1" but never by default seems suboptimal: We had previously
identified a number of options (CONFIG_CC_OPTIMIZE_FOR_SIZE,
CONFIG_PROFILE_ALL_BRANCHES, CONFIG_UBSAN_ALIGNMENT, and
CONFIG_GCOV_PROFILE_ALL) that cause tons of false positives,
but without those options (and avoiding gcc-4.8 or lower),
we typically get mostly reports for actual bugs in my experience.
I can continue running the tests and send patches, but it feels
like a waste of time when they should have been found by the
original developers. Any other suggestions?
Arnd
Arnd Bergmann (5):
gpio: pca954x: fix undefined error code from remove
video: ARM CLCD: fix endpoint lookup logic
rxrpc: fix last_call processing
net_sched: fix use of uninitialized ethertype variable in cls_flower
net/xgene: fix error handling during reset
drivers/gpio/gpio-pca953x.c | 2 ++
drivers/net/ethernet/apm/xgene/xgene_enet_xgmac.c | 12 +++++++++---
drivers/video/fbdev/amba-clcd.c | 9 +++------
net/rxrpc/input.c | 8 ++++----
net/sched/cls_flower.c | 21 +++++++++++----------
5 files changed, 29 insertions(+), 23 deletions(-)
Cc: Alexandre Courbot <gnurou@...il.com>
Cc: David Howells <dhowells@...hat.com>
Cc: "David S. Miller" <davem@...emloft.net>
Cc: Fushen Chen <fchen@....com>
Cc: Hadar Hen Zion <hadarh@...lanox.com>
Cc: Iyappan Subramanian <isubramanian@....com>
Cc: Jiri Pirko <jiri@...lanox.com>
Cc: Keyur Chudgar <kchudgar@....com>
Cc: Linus Walleij <linus.walleij@...aro.org>
Cc: Phil Reid <preid@...ctromag.com.au>
Cc: Russell King <linux@...linux.org.uk>
Cc: Tomi Valkeinen <tomi.valkeinen@...com>
Cc: linux-fbdev@...r.kernel.org
Cc: linux-gpio@...r.kernel.org
Cc: netdev@...r.kernel.org
--
2.9.0
Powered by blists - more mailing lists