Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Ingo Molnar wrote: > Yes, -Ow would be very useful, if it can 'guarantee' that no false negatives > slip > through: > [...] > This way no undeterministic, random, uninitialized (and worst-case: attacker > controlled) values can ever enter the program flow (from the stack) [...] Note that

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Jakub Jelinek wrote: > On Thu, Mar 03, 2016 at 02:47:16PM +0100, Ingo Molnar wrote: > > I tried to distill a testcase out of it, and the following silly hack seems > > to > > trigger it: > > ... > > This is a known issue, which we don't have a solution for yet. > The thing is, GCC has 2 un

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Jakub Jelinek wrote: > On Thu, Mar 03, 2016 at 02:47:16PM +0100, Ingo Molnar wrote: > > I tried to distill a testcase out of it, and the following silly hack seems > > to > > trigger it: > > ... > > This is a known issue, which we don't have a solution for yet. > The thing is, GCC has 2 un

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

On Thu, Mar 03, 2016 at 02:47:16PM +0100, Ingo Molnar wrote: > I tried to distill a testcase out of it, and the following silly hack seems > to > trigger it: ... This is a known issue, which we don't have a solution for yet. The thing is, GCC has 2 uninitialized warning passes, one is done very

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Jakub Jelinek wrote: > On Thu, Mar 03, 2016 at 02:24:34PM +0100, Ingo Molnar wrote: > > 6 hours of PeterZ time translates to quite a bit of code restructuring > > overhead to > > eliminate false positive warnings... > > I'll file a bugzilla enhancement request for this (with new attribute),

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Ingo Molnar wrote: > So it's all highly inefficient and fragile. > > There's also another cost, the cost of finding the bugs themselves - for > example > here's a recent upstream kernel fix: > > commit e01d8718de4170373cd7fbf5cf6f9cb61cebb1e9 > Author: Peter Zijlstra > Date: Wed J

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

On Thu, Mar 03, 2016 at 02:24:34PM +0100, Ingo Molnar wrote: > 6 hours of PeterZ time translates to quite a bit of code restructuring > overhead to > eliminate false positive warnings... I'll file a bugzilla enhancement request for this (with new attribute), perhaps we could do it in FRE that is

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Jakub Jelinek wrote: > On Thu, Mar 03, 2016 at 01:19:44PM +0100, Ingo Molnar wrote: > > struct sigaction sa; > > > > ... > > > > sigfillset(&sa.sa_mask); > > sa.sa_sigaction = segfault_handler; > > sigaction(SIGSEGV, &sa, NULL); > > > > ... which uninitia

Re: Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

On Thu, Mar 03, 2016 at 01:19:44PM +0100, Ingo Molnar wrote: > struct sigaction sa; > > ... > > sigfillset(&sa.sa_mask); > sa.sa_sigaction = segfault_handler; > sigaction(SIGSEGV, &sa, NULL); > > ... which uninitialized sa.sa_flags field GCC merrily accepted

Q: why didn't GCC warn about this uninitialized variable? (was: Re: [PATCH] perf tests: initialize sa.sa_flags)

* Arnaldo Carvalho de Melo wrote: > Em Wed, Mar 02, 2016 at 02:21:27PM +0100, Peter Zijlstra escreveu: > > On Wed, Mar 02, 2016 at 10:03:50AM -0300, Arnaldo Carvalho de Melo wrote: > > > > Would not something like: > > > > > > > > sa = (struct sigaction){ > > > > .sa_sig