lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 29 Apr 2019 18:00:38 -0700
From:   Nathan Chancellor <natechancellor@...il.com>
To:     Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Michal Marek <michal.lkml@...kovi.net>
Cc:     linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
        clang-built-linux@...glegroups.com,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Arnd Bergmann <arnd@...db.de>,
        Nathan Chancellor <natechancellor@...il.com>
Subject: [PATCH] kbuild: Enable -Wsometimes-uninitialized

This is Clang's version of GCC's -Wmaybe-uninitialized. Up to this
point, it has not been used because -Wuninitialized has been disabled,
which also turns off -Wsometimes-uninitialized, meaning that we miss out
on finding some bugs [1]. In my experience, it appears to be more
accurate than GCC and catch some things that GCC can't.

All of these warnings have now been fixed in -next across arm, arm64,
and x86_64 defconfig/allyesconfig so this should be enabled for everyone
to prevent more from easily creeping in.

As of next-20190429:

$ git log --oneline --grep="sometimes-uninitialized" | wc -l
45

[1]: https://lore.kernel.org/lkml/86649ee4-9794-77a3-502c-f4cd10019c36@lca.pw/

Link: https://github.com/ClangBuiltLinux/linux/issues/381
Signed-off-by: Nathan Chancellor <natechancellor@...il.com>
---

Masahiro, I am not sure how you want to handle merging this with regards
to all of the patches floating around in -next but I wanted to send this
out to let everyone know this is ready to be turned on.

Arnd, are there many remaning -Wsometimes-uninitialized warnings in
randconfigs?

 scripts/Makefile.extrawarn | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn
index 768306add591..f4332981ea85 100644
--- a/scripts/Makefile.extrawarn
+++ b/scripts/Makefile.extrawarn
@@ -72,5 +72,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, format)
 KBUILD_CFLAGS += $(call cc-disable-warning, sign-compare)
 KBUILD_CFLAGS += $(call cc-disable-warning, format-zero-length)
 KBUILD_CFLAGS += $(call cc-disable-warning, uninitialized)
+KBUILD_CFLAGS += $(call cc-option, -Wsometimes-uninitialized)
 endif
 endif
-- 
2.21.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ