| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAK8P3a3tbv6UM+=59HzE0kqjWLDey6mV+oTQ1exqVX_f6PZV=w@mail.gmail.com>
Date: Wed, 18 Jul 2018 17:38:49 +0200
From: Arnd Bergmann <arnd@...db.de>
To: Constantine Shulyupin <const@...elinux.com>
Cc: "Theodore Ts'o" <tytso@....edu>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] drivers/char/random.c: fix uninitialized value warning
On Wed, Jul 18, 2018 at 9:11 AM, Constantine Shulyupin
<const@...elinux.com> wrote:
> Local variable t should be initialized by arch_get_random_int.
> Actually on failure of arch_get_random_int, value is not used.
> So, just keep the build clean with less warnings.
>
> warning:
> drivers/char/random.c: In function ‘write_pool.constprop’:
> drivers/char/random.c:1912:11: warning: ‘t’ may be used uninitialized in this function [-Wmaybe-uninitialized]
>
> Signed-off-by: Constantine Shulyupin <const@...eLinux.com>
You need to be much more careful with fixes like this one. As Ted explained,
the warning was about a real bug here, and adding an incorrect initialization
just made it harder to find that bug.
There are many cases in which the compiler does have a false-positive or
a false-negative -Wmaybe-uninitialized warning, but in general you should
assume that the compiler is correct. If you add a fake initialization because
you think the compiler is wrong, it's best to link to the gcc bugzilla
describing
that gcc bug, or open a new bug report if it still happens in the
latest compiler
version and hasn't been reported before.
Arnd
Powered by blists - more mailing lists