lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20211027201249.GA1326060@rowland.harvard.edu>
Date:   Wed, 27 Oct 2021 16:12:49 -0400
From:   Alan Stern <stern@...land.harvard.edu>
To:     Kernel development list <linux-kernel@...r.kernel.org>
Subject: GCC not detecting use of uninitialized variable?

The following code does not generate a warning when compiled with GCC 
11.2.1:


int foo;

void cc_test(void)
{
	int	a, b;

	a = 0;
	a = READ_ONCE(foo);	// Should be: b = READ_ONCE(foo)
	do {
		a += b;
		b = READ_ONCE(foo);
	} while (a > 0);
	WRITE_ONCE(foo, a);
}


But if the loop is changed to execute only once -- replace the while 
test with "while (0)" -- then gcc does warn about the uninitialized use 
of b.

Is this a known problem with gcc?  Is it being too conservative about 
detecting uses of uninitialized variables?

Alan Stern

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ