lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20160826152546.604384-1-arnd@arndb.de>
Date:   Fri, 26 Aug 2016 17:25:41 +0200
From:   Arnd Bergmann <arnd@...db.de>
To:     linux-kernel@...r.kernel.org
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Arnd Bergmann <arnd@...db.de>,
        Alexandre Courbot <gnurou@...il.com>,
        David Howells <dhowells@...hat.com>,
        "David S. Miller" <davem@...emloft.net>,
        Fushen Chen <fchen@....com>,
        Hadar Hen Zion <hadarh@...lanox.com>,
        Iyappan Subramanian <isubramanian@....com>,
        Jiri Pirko <jiri@...lanox.com>,
        Keyur Chudgar <kchudgar@....com>,
        Linus Walleij <linus.walleij@...aro.org>,
        Phil Reid <preid@...ctromag.com.au>,
        Russell King <linux@...linux.org.uk>,
        Tomi Valkeinen <tomi.valkeinen@...com>,
        linux-fbdev@...r.kernel.org, linux-gpio@...r.kernel.org,
        netdev@...r.kernel.org
Subject: [PATCH 0/5] -Wmaybe-uninitialized bug fixes for linux-next

In 6e8d666e9253 ("Disable "maybe-uninitialized" warning globally"),
Linus wrote:

    Looking at the warnings produced, every single one I looked at was a
    false positive, and the warnings are frequent enough (and big enough)
    that they can easily hide real problems that you don't notice in
    the noise generated by -Wmaybe-uninitialized.

Today, I tried reverting the patch on linux-next and built an ARM
allmodconfig kernel on ARM along with some randconfig kernels,
and got a handful of warnings, all of which appear to be reasonable
and point to actual mistakes in the code. The difference to what
Linus saw must be that previously the useful warnings were more
likely to get fixed before making it into the kernel, while now
we have to find them the hard way.

These five patches address all new warnings. In some cases this
may not be the correct fix, so please review carefully before applying,
or suggest a better fix. No need to keep them as a series, I
just group them here for the sake of discussion. Please pick up
whatever looks right to you.

Obviously, this kind of warnings always produces some false positives
(see https://gcc.gnu.org/wiki/Better_Uninitialized_Warnings), but I still
hope to get a better balance with enabling them sometimes where
people want them, as the current approach of always enabling them
for "make W=1" but never by default seems suboptimal: We had previously
identified a number of options (CONFIG_CC_OPTIMIZE_FOR_SIZE,
CONFIG_PROFILE_ALL_BRANCHES, CONFIG_UBSAN_ALIGNMENT, and
CONFIG_GCOV_PROFILE_ALL) that cause tons of false positives,
but without those options (and avoiding gcc-4.8 or lower),
we typically get mostly reports for actual bugs in my experience.

I can continue running the tests and send patches, but it feels
like a waste of time when they should have been found by the
original developers. Any other suggestions?

	Arnd

Arnd Bergmann (5):
  gpio: pca954x: fix undefined error code from remove
  video: ARM CLCD: fix endpoint lookup logic
  rxrpc: fix last_call processing
  net_sched: fix use of uninitialized ethertype variable in cls_flower
  net/xgene: fix error handling during reset

 drivers/gpio/gpio-pca953x.c                       |  2 ++
 drivers/net/ethernet/apm/xgene/xgene_enet_xgmac.c | 12 +++++++++---
 drivers/video/fbdev/amba-clcd.c                   |  9 +++------
 net/rxrpc/input.c                                 |  8 ++++----
 net/sched/cls_flower.c                            | 21 +++++++++++----------
 5 files changed, 29 insertions(+), 23 deletions(-)

Cc: Alexandre Courbot <gnurou@...il.com>
Cc: David Howells <dhowells@...hat.com>
Cc: "David S. Miller" <davem@...emloft.net>
Cc: Fushen Chen <fchen@....com> 
Cc: Hadar Hen Zion <hadarh@...lanox.com>
Cc: Iyappan Subramanian <isubramanian@....com>
Cc: Jiri Pirko <jiri@...lanox.com>
Cc: Keyur Chudgar <kchudgar@....com>
Cc: Linus Walleij <linus.walleij@...aro.org>
Cc: Phil Reid <preid@...ctromag.com.au>
Cc: Russell King <linux@...linux.org.uk>
Cc: Tomi Valkeinen <tomi.valkeinen@...com>
Cc: linux-fbdev@...r.kernel.org
Cc: linux-gpio@...r.kernel.org
Cc: netdev@...r.kernel.org


-- 
2.9.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ