lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20230524092346.GI32559@suse.cz>
Date:   Wed, 24 May 2023 11:23:47 +0200
From:   David Sterba <dsterba@...e.cz>
To:     Qu Wenruo <quwenruo.btrfs@....com>
Cc:     Stephen Zhang <starzhangzsd@...il.com>, clm@...com,
        josef@...icpanda.com, dsterba@...e.com,
        linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org,
        zhangshida@...inos.cn, k2ci <kernel-bot@...inos.cn>
Subject: Re: [PATCH] btrfs: fix uninitialized warning in btrfs_log_inode

On Tue, May 23, 2023 at 06:47:39PM +0800, Qu Wenruo wrote:
> On 2023/5/23 05:51, David Sterba wrote:
> > On Wed, May 17, 2023 at 05:07:55PM +0800, Stephen Zhang wrote:
> >> Qu Wenruo <quwenruo.btrfs@....com> 于2023年5月17日周三 15:47写道:
> >>> On 2023/5/16 09:34, zhangshida wrote:
> >>>> From: Shida Zhang <zhangshida@...inos.cn>
> >>>>
> >>>> This fixes the following warning reported by gcc 10 under x86_64:
> >>>
> >>> Full gcc version please.
> >>
> >> it's "gcc (Debian 10.2.1-6) 10.2.1 20210110".
> >>
> >>> Especially you need to check if your gcc10 is the latest release.
> >>>
> >>> If newer gcc (12.2.1) tested without such error, it may very possible to
> >>> be a false alert.
> >>>
> >>> And in fact it is.
> >>>
> >>> @first_dir_index would only be assigned to @last_range_start if
> >>> last_range_end != 0.
> >>>
> >>> Thus the loop must have to be executed once, and @last_range_start won't
> >>> be zero.
> >>>
> >>
> >> Yup, I know it's a false positive. What I don't know is the criterion
> >> that decides whether it is a good patch.
> >
> > If you have analyzed the code and found out that it was indeed a false
> > positive then please state that in the changelog. Fixing it still makes
> > sense so the compiler version and briefly explaining why you fix it that
> > way makes it a good patch.
> >
> >> That is,
> >> it doesn't look so good because it is a false alert and the latest gcc
> >> can get rid of such warnings, based on what you said( if I understand
> >> correctly).
> >> Or,
> >> It looks okay because the patch can make some older gcc get a cleaner
> >> build and do no harm to the original code logic.
> >
> > In general I agree here.
> >
> >> In fact, I've seen Linus complaining about the warning generated by
> >> some gcc version in another thread.
> >>
> >> https://lore.kernel.org/linux-xfs/168384265493.22863.2683852857659893778.pr-tracker-bot@kernel.org/T/#t
> >
> > I share the POV for warning fixes, I'd rather see new reports after
> > fixing the previous ones than reminding everybody to update.
> 
> Or can we only enable -Wmaybe-uninitialized only for certain builds?
> Like binding it with CONFIG_BTRFS_DEBUG?
> 
> So far all warning are false alerts, and I'm really not a fan of false
> alerts.

Josef found some real bugs with this warning enabled and then we decided
it would be a good idea to have it enabled for all builds. If we don't
do it by default then the chances that people will use it are low.

> The -Wmaybe-uninitialized option doesn't look that reliable on older
> compilers, and for developers we're more or less using uptodate
> toolchains anyway.

Yeah the warning is speculative so the compilers can report more false
positives. I still have some very old test setups and the compiler gets
updated rarely, IIRC I went from 4.x to 7.x and now there's 10.x so I
might send some warning fixes myself.  Over time I'd like to enable more
warnings just for fs/btrfs/.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ