lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 26 Nov 2020 10:21:54 +1100 (AEDT)
From:   Finn Thain <>
To:     Nick Desaulniers <>
cc:     James Bottomley <>,
        Kees Cook <>,
        "Gustavo A. R. Silva" <>,
        Joe Perches <>,
        Jakub Kicinski <>,,,,,
        linux-wireless <>,,
        dri-devel <>,
        LKML <>,
        Nathan Chancellor <>,,,,,,,,,,,,,,,,,,,,,
        amd-gfx list <>,,,,,,,
        Miguel Ojeda <>,,,,,,
        linux-arm-msm <>,,,,,,,,,,,,,
        Linux ARM <>,,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <>,,,
        Linux Memory Management List <>,
        Network Development <>,,,
        Linux-Renesas <>,,,,
        Jonathan Cameron <>,
        Greg KH <>
Subject: Re: [Intel-wired-lan] [PATCH 000/141] Fix fall-through warnings for

On Wed, 25 Nov 2020, Nick Desaulniers wrote:

> On Wed, Nov 25, 2020 at 1:33 PM Finn Thain <> 
> wrote:
> >
> > Or do you think that a codebase can somehow satisfy multiple checkers 
> > and their divergent interpretations of the language spec?
> Have we found any cases yet that are divergent? I don't think so.

There are many implementations, so I think you are guaranteed to find more 
divergence if you look. That's because the spec is full of language like 
this: "implementations are encouraged not to emit a diagnostic" and 
"implementations are encouraged to issue a diagnostic".

Some implementations will decide to not emit (under the premise that vast 
amounts of existing code would have to get patched until the compiler goes 
quiet) whereas other implementations will decide to emit (under the 
premise that the author is doing the checking and not the janitor or the 

> It sounds to me like GCC's cases it warns for is a subset of Clang's. 
> Having additional coverage with Clang then should ensure coverage for 
> both.

If that claim were true, the solution would be simple. (It's not.)

For the benefit of projects that enable -Werror and projects that 
nominated gcc as their preferred compiler, clang would simply need a flag 
to enable conformance with gcc by suppressing those additional warnings 
that clang would normally produce.

This simple solution is, of course, completely unworkable, since it would 
force clang to copy some portion of gcc's logic (rewritten under LLVM's 
unique license) and then to track future changes to that portion of gcc 

Powered by blists - more mailing lists