> On Sep 28, 2021, at 3:39 PM, Kees Cook <keesc...@chromium.org> wrote: > > On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote: >> Hi, >> >> This is the patch for the gcc12 changes per your request. >> >> Kees provided most of the wording. >> >> Please take a look and let’s know whether it’s good for commit? >> >> thanks. >> >> Qing >> >> ================================================ >> >> >> From: qing zhao <qing.z...@oracle.com> >> Date: Tue, 28 Sep 2021 12:01:42 -0700 >> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables >> initialization update >> >> * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): >> Item about the support for automatic static variable initialization. >> --- >> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ >> 1 file changed, 19 insertions(+) >> >> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html >> index 1f156a9..8e2979c 100644 >> --- a/htdocs/gcc-12/changes.html >> +++ b/htdocs/gcc-12/changes.html >> @@ -245,6 +245,25 @@ a work-in-progress.</p> >> <!-- .................................................................. --> >> <h2>Other significant improvements</h2> >> >> +<h3 id="uninitialized">Eliminating uninitialized variables</h3> >> + >> +<ul> >> + <li>GCC can now initialize all stack variables implicitly, including >> + padding. This is intended to eliminate all classes of uninitialized >> + stack variable flaws. Lack of explicit initialization will still >> + warn when <code>-Wuninitialized</code> is active. For best >> + debugging, use of the new command-line option >> + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill >> + variables with a repeated 0xFE pattern, which tends to illuminate >> + many bugs (e.g. pointers receive invalid addresses, sizes and indices >> + are very large). For best production results, the new command-line >> + option <code>-ftrivial-auto-var-init=zero</code> can be used to >> + fill variables with 0x00, which tends to provide a safer state for >> + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes > > Minor nit: I've always been corrected that "NULL" refers to a pointer, and > "NUL" refers to the "null character", so the latter use of NULL should be > "NUL": ... pointers are NULL, strings are NUL filled, and size ... > > I mix this up all the time, so apologies if that got introduced by me! > :) I thought that was a typo -:)
Will change it back. Qing > > -Kees > >> + and indices are 0). >> + </li> >> +</ul> >> + >> <h3 id="debug">Debugging formats</h3> >> >> <ul> >> -- >> 1.9.1 >> >> > > -- > Kees Cook