Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

From: Ingo Molnar
Date: Thu Mar 03 2016 - 10:04:58 EST

Next message: Jens Axboe: "Re: [PATCH 0/5] LightNVM fixes for 4.6"
Previous message: Markus Pargmann: "Re: [PULL] NBD for 4.6"
In reply to: Ingo Molnar: "Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)"
Next in thread: Arnaldo Carvalho de Melo: "Re: [PATCH] perf tests: initialize sa.sa_flags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Ingo Molnar <mingo@xxxxxxxxxx> wrote:

> Yes, -Ow would be very useful, if it can 'guarantee' that no false negatives slip
> through:
> [...]

> This way no undeterministic, random, uninitialized (and worst-case: attacker
> controlled) values can ever enter the program flow (from the stack) [...]

Note that mainstream Linux distro kernels already enable various options that
cause noticeable runtime overhead: such as stackprotector, or -pg.

So if GCC could simply warn about _all_ uninitialized variables that it cannot
prove are initialized before use, and implicitly initialize them to 0 in that
case, that would be really valuable. (Combined with a function argument attribute
mechanism that tells the compiler that an object pointed to by a pointer gets
fully initialized by the function.)

The runtime overhead can be eliminated by addressing the warnings. If no warnings
are emitted then the generated code should be equivalent to regularly optimized
code, right?

Thanks,

Ingo

Next message: Jens Axboe: "Re: [PATCH 0/5] LightNVM fixes for 4.6"
Previous message: Markus Pargmann: "Re: [PULL] NBD for 4.6"
In reply to: Ingo Molnar: "Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)"
Next in thread: Arnaldo Carvalho de Melo: "Re: [PATCH] perf tests: initialize sa.sa_flags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]