Re: [patch][version 6] add -ftrivial-auto-var-init and variable attribute "uninitialized" to gcc

Wed, 28 Jul 2021 14:53:58 -0700 

Hi, Kees,

Thanks a lot for your testing and the small testing case.

I just studied the root cause of this bug, and found that it’s because the call 
to “__builtin_clear_padding()” should NOT be inserted BEFORE
the variable initialization. It should be inserted AFTER the variable 
initialization. 

Currently since the call to “__builtin_clear_padding()” is inserted Before the 
variable initialization like the following:

      __builtin_clear_padding (&obj, 0B, 1);
      obj = {};
      obj.val = val;

Then as a result, the reference to “obj” in the call to 
“__builtin_clear_padding” is considered as an uninitialized usage.  
I will move the call to __builtin_clear_padding after the variable 
initialization. 

Thanks.

Qing

> On Jul 28, 2021, at 3:21 PM, Kees Cook <[email protected]> wrote:
> 
> On Tue, Jul 27, 2021 at 03:26:00AM +0000, Qing Zhao wrote:
>> This is the 6th version of the patch for the new security feature for GCC.
>> 
>> I have tested it with bootstrap on both x86 and aarch64, regression testing 
>> on both x86 and aarch64.
>> Also compile CPU2017 (running is ongoing), without any issue. (With the fix 
>> to bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101586).
>> 
>> Please take a look and let me know any issue.
> 
> Good news, this passes all my initialization tests in the kernel. Yay! :)
> 
> However, I see an unexpected side-effect from some static initializations:
> 
> net/core/sock.c: In function 'sock_no_sendpage':
> net/core/sock.c:2849:23: warning: 'msg' is used uninitialized 
> [-Wuninitialized]
> 2849 |         struct msghdr msg = {.msg_flags = flags};
>      |                       ^~~           
> 
> It seems like -Wuninitialized has suddenly stopped noticing explicit
> static initializers when there are bit fields in the struct. Here's a
> minimized case:
> 
> $ cat init.c
> struct weird {
>        int bit : 1;
>        int val;
> };
> 
> int func(int val)
> {
>        struct weird obj = { .val = val };
>        return obj.val;
> }
> 
> $ gcc -c -o init.o -Wall -O2 -ftrivial-auto-var-init=zero init.c
> init.c: In function ‘func’:
> init.c:8:22: warning: ‘obj’ is used uninitialized [-Wuninitialized]
>    8 |         struct weird obj = { .val = val };
>      |                      ^~~
> init.c:8:22: note: ‘obj’ declared here
>    8 |         struct weird obj = { .val = val };
>      |                      ^~~
> 
> 
> 
> -- 
> Kees Cook

Reply via email to