| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wi+sjd8FT_FeJ2UOU2Ti7ws1i7hDweAW2gp8a-JpO-Tbg@mail.gmail.com>
Date: Tue, 1 Mar 2022 12:26:16 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
Cc: Martin Uecker <uecker@...raz.at>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [RFC PATCH 03/13] usb: remove the usage of the list iterator
after the loop
On Mon, Feb 28, 2022 at 5:50 AM Miguel Ojeda
<miguel.ojeda.sandonis@...il.com> wrote:
>
> But making it non-UB in the standard does not force a project to
> consider it "not an error", which is what actually matters for being
> able to use UBSan effectively or not.
Absolutely.
I think people should treat UBsan and friends a bit like "runtime lint".
"lint" traditionally doesn't necessarily check for just *incorrect* C.
It checks for things that can be confusing to humans, even if they are
100% completely conforming standard C.
Classic example: indentation. Having the wrong indentation is not in
any shape of form "undefined behavior" from a C standpoint, but it
sure is something that makes sense checking for anyway.
I think "integer overflow" should be considered the exact same thing.
It should *not* be treated as "undefined behavior", and it should not
give the compiler the option to generate code that doesn't match what
the programmer wrote.
But having a checking tool that says "This looks wrong - you just had
an integer overflow"? THAT makes 100% sense.
The C standard rules "undefined behavior" really is a problem in the standard.
Linus
Powered by blists - more mailing lists