* Ingo Molnar <[email protected]> wrote:
> Yes, -Ow would be very useful, if it can 'guarantee' that no false negatives
> slip
> through:
> [...]
> This way no undeterministic, random, uninitialized (and worst-case: attacker
> controlled) values can ever enter the program flow (from the stack) [...]
Note that mainstream Linux distro kernels already enable various options that
cause noticeable runtime overhead: such as stackprotector, or -pg.
So if GCC could simply warn about _all_ uninitialized variables that it cannot
prove are initialized before use, and implicitly initialize them to 0 in that
case, that would be really valuable. (Combined with a function argument
attribute
mechanism that tells the compiler that an object pointed to by a pointer gets
fully initialized by the function.)
The runtime overhead can be eliminated by addressing the warnings. If no
warnings
are emitted then the generated code should be equivalent to regularly optimized
code, right?
Thanks,
Ingo
