lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 28 Jun 2022 16:15:52 +0100
From:   Daniel Thompson <daniel.thompson@...aro.org>
To:     Tom Rix <trix@...hat.com>
Cc:     Nathan Chancellor <nathan@...nel.org>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        linux-kbuild@...r.kernel.org, llvm@...ts.linux.dev,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/2] Enable clang tools for kernels build using gcc

On Tue, Jun 28, 2022 at 06:19:09AM -0700, Tom Rix wrote:
> The limitations of the compilation db are not limited to the kernel.
> 
> Why shouldn't the change be made in the llvm project ?

I'd rather answer the question why should it be in the kernel ;-).
That's somewhat easier to answer because the kernel does have some
unusual properties:

1. It makes heavy use of kernel command line options, especially
   when compared to most user space components where the default
   compiler flags are something very simple ("-g -O2" plus include
   directories).

2. The kernel provides it's own tooling to generate the compilation
   database. For example, if tools like codechecker added features to
   their front end to mitigate this problem[1] the kernel wouldn't
   benefit from them anyway.

3. Rules like `make clang-analyzer` generate *and* consume the
   compilation database in a single pass. That makes it impossible to
   run fixup tools between generating the database and consuming
   it.

However going back to the original question:
> Why shouldn't the change be made in the llvm project ?

clang can (and probably will) learn about some of the newer gcc options
over time. However that doesn't actually help much since all that
achieves is a game of whack-a-mole where clang has to constantly play
catch up or the tooling will break.

Some other aspects could be added to the various different projects that
use the compilation database that would improve things (better automatic
handling of --target for example). That sort of change should still
peacefully coexist with an approach based on gen_compile_commands.json
though.


Daniel.


[1] Currently they don't workaround it automatically. They just imply
    that you may have to "fine tune" compile_commands.json after
    generating it:
    https://codechecker.readthedocs.io/en/latest/usage/#step-7-fine-tune-analysis-configuration


> On 6/28/22 5:27 AM, Daniel Thompson wrote:
> > This patch set makes it possible to use clang based tools, such as
> > the clangd completion engine, regardless of our choice of compiler
> > for the actual kernel build.
> > 
> > Most of the fine details are included in the patch header for the
> > first patch (since we'd like them to appear in the kernel history so
> > they can help future archaeologists).
> > 
> > Daniel Thompson (2):
> >    clang-tools: Generate clang compatible output even with gcc builds
> >    Makefile: Enable clang-tidy and clang-analyzer for gcc builds
> > 
> >   Makefile                                    | 11 ++--
> >   scripts/clang-tools/gen_compile_commands.py | 71 ++++++++++++++++++++-
> >   2 files changed, 74 insertions(+), 8 deletions(-)
> > 
> > 
> > base-commit: a111daf0c53ae91e71fd2bfe7497862d14132e3e
> > --
> > 2.35.1
> > 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ