Message ID | BFF3F4BB-1FAB-4FDD-B160-380044158175@oracle.com |
---|---|
State | New |
Headers | show |
Series | [gcc12-changes] Add a new item about the support for automatic static variable initialization | expand |
On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote: > Hi, > > This is the patch for the gcc12 changes per your request. > > Kees provided most of the wording. > > Please take a look and let’s know whether it’s good for commit? > > thanks. > > Qing > > ================================================ > > > From: qing zhao <qing.zhao@oracle.com> > Date: Tue, 28 Sep 2021 12:01:42 -0700 > Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables > initialization update > > * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): > Item about the support for automatic static variable initialization. > --- > htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html > index 1f156a9..8e2979c 100644 > --- a/htdocs/gcc-12/changes.html > +++ b/htdocs/gcc-12/changes.html > @@ -245,6 +245,25 @@ a work-in-progress.</p> > <!-- .................................................................. --> > <h2>Other significant improvements</h2> > > +<h3 id="uninitialized">Eliminating uninitialized variables</h3> > + > +<ul> > + <li>GCC can now initialize all stack variables implicitly, including > + padding. This is intended to eliminate all classes of uninitialized > + stack variable flaws. Lack of explicit initialization will still > + warn when <code>-Wuninitialized</code> is active. For best > + debugging, use of the new command-line option > + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill > + variables with a repeated 0xFE pattern, which tends to illuminate > + many bugs (e.g. pointers receive invalid addresses, sizes and indices > + are very large). For best production results, the new command-line > + option <code>-ftrivial-auto-var-init=zero</code> can be used to > + fill variables with 0x00, which tends to provide a safer state for > + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes Minor nit: I've always been corrected that "NULL" refers to a pointer, and "NUL" refers to the "null character", so the latter use of NULL should be "NUL": ... pointers are NULL, strings are NUL filled, and size ... I mix this up all the time, so apologies if that got introduced by me! :) -Kees > + and indices are 0). > + </li> > +</ul> > + > <h3 id="debug">Debugging formats</h3> > > <ul> > -- > 1.9.1 > >
On Tue, 28 Sep 2021, Kees Cook wrote: > On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote: > > Hi, > > > > This is the patch for the gcc12 changes per your request. > > > > Kees provided most of the wording. > > > > Please take a look and let’s know whether it’s good for commit? > > > > thanks. > > > > Qing > > > > ================================================ > > > > > > From: qing zhao <qing.zhao@oracle.com> > > Date: Tue, 28 Sep 2021 12:01:42 -0700 > > Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables > > initialization update > > > > * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): > > Item about the support for automatic static variable initialization. > > --- > > htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ > > 1 file changed, 19 insertions(+) > > > > diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html > > index 1f156a9..8e2979c 100644 > > --- a/htdocs/gcc-12/changes.html > > +++ b/htdocs/gcc-12/changes.html > > @@ -245,6 +245,25 @@ a work-in-progress.</p> > > <!-- .................................................................. --> > > <h2>Other significant improvements</h2> > > > > +<h3 id="uninitialized">Eliminating uninitialized variables</h3> > > + > > +<ul> > > + <li>GCC can now initialize all stack variables implicitly, including > > + padding. This is intended to eliminate all classes of uninitialized > > + stack variable flaws. Lack of explicit initialization will still > > + warn when <code>-Wuninitialized</code> is active. For best > > + debugging, use of the new command-line option > > + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill > > + variables with a repeated 0xFE pattern, which tends to illuminate > > + many bugs (e.g. pointers receive invalid addresses, sizes and indices > > + are very large). For best production results, the new command-line > > + option <code>-ftrivial-auto-var-init=zero</code> can be used to > > + fill variables with 0x00, which tends to provide a safer state for > > + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes > > Minor nit: I've always been corrected that "NULL" refers to a pointer, and > "NUL" refers to the "null character", so the latter use of NULL should be > "NUL": ... pointers are NULL, strings are NUL filled, and size ... > > I mix this up all the time, so apologies if that got introduced by me! > :) Also things like 0xFE and NULL should be wrapped in <code></code>, otherwise it looks good to me. Thanks, Richard. > -Kees > > > + and indices are 0). > > + </li> > > +</ul> > > + > > <h3 id="debug">Debugging formats</h3> > > > > <ul> > > -- > > 1.9.1 > > > > > >
> On Sep 28, 2021, at 3:39 PM, Kees Cook <keescook@chromium.org> wrote: > > On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote: >> Hi, >> >> This is the patch for the gcc12 changes per your request. >> >> Kees provided most of the wording. >> >> Please take a look and let’s know whether it’s good for commit? >> >> thanks. >> >> Qing >> >> ================================================ >> >> >> From: qing zhao <qing.zhao@oracle.com> >> Date: Tue, 28 Sep 2021 12:01:42 -0700 >> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables >> initialization update >> >> * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): >> Item about the support for automatic static variable initialization. >> --- >> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ >> 1 file changed, 19 insertions(+) >> >> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html >> index 1f156a9..8e2979c 100644 >> --- a/htdocs/gcc-12/changes.html >> +++ b/htdocs/gcc-12/changes.html >> @@ -245,6 +245,25 @@ a work-in-progress.</p> >> <!-- .................................................................. --> >> <h2>Other significant improvements</h2> >> >> +<h3 id="uninitialized">Eliminating uninitialized variables</h3> >> + >> +<ul> >> + <li>GCC can now initialize all stack variables implicitly, including >> + padding. This is intended to eliminate all classes of uninitialized >> + stack variable flaws. Lack of explicit initialization will still >> + warn when <code>-Wuninitialized</code> is active. For best >> + debugging, use of the new command-line option >> + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill >> + variables with a repeated 0xFE pattern, which tends to illuminate >> + many bugs (e.g. pointers receive invalid addresses, sizes and indices >> + are very large). For best production results, the new command-line >> + option <code>-ftrivial-auto-var-init=zero</code> can be used to >> + fill variables with 0x00, which tends to provide a safer state for >> + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes > > Minor nit: I've always been corrected that "NULL" refers to a pointer, and > "NUL" refers to the "null character", so the latter use of NULL should be > "NUL": ... pointers are NULL, strings are NUL filled, and size ... > > I mix this up all the time, so apologies if that got introduced by me! > :) I thought that was a typo -:) Will change it back. Qing > > -Kees > >> + and indices are 0). >> + </li> >> +</ul> >> + >> <h3 id="debug">Debugging formats</h3> >> >> <ul> >> -- >> 1.9.1 >> >> > > -- > Kees Cook
> On Sep 29, 2021, at 5:39 AM, Richard Biener <rguenther@suse.de> wrote: > > On Tue, 28 Sep 2021, Kees Cook wrote: > >> On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote: >>> Hi, >>> >>> This is the patch for the gcc12 changes per your request. >>> >>> Kees provided most of the wording. >>> >>> Please take a look and let’s know whether it’s good for commit? >>> >>> thanks. >>> >>> Qing >>> >>> ================================================ >>> >>> >>> From: qing zhao <qing.zhao@oracle.com> >>> Date: Tue, 28 Sep 2021 12:01:42 -0700 >>> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables >>> initialization update >>> >>> * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): >>> Item about the support for automatic static variable initialization. >>> --- >>> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ >>> 1 file changed, 19 insertions(+) >>> >>> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html >>> index 1f156a9..8e2979c 100644 >>> --- a/htdocs/gcc-12/changes.html >>> +++ b/htdocs/gcc-12/changes.html >>> @@ -245,6 +245,25 @@ a work-in-progress.</p> >>> <!-- .................................................................. --> >>> <h2>Other significant improvements</h2> >>> >>> +<h3 id="uninitialized">Eliminating uninitialized variables</h3> >>> + >>> +<ul> >>> + <li>GCC can now initialize all stack variables implicitly, including >>> + padding. This is intended to eliminate all classes of uninitialized >>> + stack variable flaws. Lack of explicit initialization will still >>> + warn when <code>-Wuninitialized</code> is active. For best >>> + debugging, use of the new command-line option >>> + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill >>> + variables with a repeated 0xFE pattern, which tends to illuminate >>> + many bugs (e.g. pointers receive invalid addresses, sizes and indices >>> + are very large). For best production results, the new command-line >>> + option <code>-ftrivial-auto-var-init=zero</code> can be used to >>> + fill variables with 0x00, which tends to provide a safer state for >>> + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes >> >> Minor nit: I've always been corrected that "NULL" refers to a pointer, and >> "NUL" refers to the "null character", so the latter use of NULL should be >> "NUL": ... pointers are NULL, strings are NUL filled, and size ... >> >> I mix this up all the time, so apologies if that got introduced by me! >> :) > > Also things like 0xFE and NULL should be wrapped in <code></code>, > otherwise it looks good to me. Okay, will update them before committing. Thanks. Qing > > Thanks, > Richard. > >> -Kees >> >>> + and indices are 0). >>> + </li> >>> +</ul> >>> + >>> <h3 id="debug">Debugging formats</h3> >>> >>> <ul> >>> -- >>> 1.9.1 >>> >>> >> >> > > -- > Richard Biener <rguenther@suse.de> > SUSE Software Solutions Germany GmbH, Maxfeldstrasse 5, 90409 Nuernberg, > Germany; GF: Felix Imendörffer; HRB 36809 (AG Nuernberg)
On 9/28/21 2:31 PM, Qing Zhao via Gcc-patches wrote: > Hi, > > This is the patch for the gcc12 changes per your request. > > Kees provided most of the wording. > > Please take a look and let’s know whether it’s good for commit? > > thanks. > > Qing > > ================================================ > > > From: qing zhao <qing.zhao@oracle.com> > Date: Tue, 28 Sep 2021 12:01:42 -0700 > Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables > initialization update > > * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): > Item about the support for automatic static variable initialization. > --- > htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html > index 1f156a9..8e2979c 100644 > --- a/htdocs/gcc-12/changes.html > +++ b/htdocs/gcc-12/changes.html > @@ -245,6 +245,25 @@ a work-in-progress.</p> > <!-- .................................................................. --> > <h2>Other significant improvements</h2> > > +<h3 id="uninitialized">Eliminating uninitialized variables</h3> > + > +<ul> > + <li>GCC can now initialize all stack variables implicitly, including > + padding. This is intended to eliminate all classes of uninitialized > + stack variable flaws. Lack of explicit initialization will still > + warn when <code>-Wuninitialized</code> is active. For best > + debugging, use of the new command-line option > + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill > + variables with a repeated 0xFE pattern, which tends to illuminate > + many bugs (e.g. pointers receive invalid addresses, sizes and indices > + are very large). For best production results, the new command-line > + option <code>-ftrivial-auto-var-init=zero</code> can be used to > + fill variables with 0x00, which tends to provide a safer state for > + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes > + and indices are 0). The "use ... can be used" in the sentence For best debugging, use of the new command-line option -ftrivial-auto-var-init=pattern can be used... reads a bit awkward. Following the phrasing of the second such sentence would look better: To aid in debugging, the new command-line option -ftrivial-auto-var-init=pattern can be used... Martin > + </li> > +</ul> > + > <h3 id="debug">Debugging formats</h3> > > <ul> >
FYI, just committed the change: https://gcc.gnu.org/gcc-12/changes.html Qing > On Sep 29, 2021, at 9:18 AM, Qing Zhao via Gcc-patches <gcc-patches@gcc.gnu.org> wrote: > > > >> On Sep 29, 2021, at 5:39 AM, Richard Biener <rguenther@suse.de> wrote: >> >> On Tue, 28 Sep 2021, Kees Cook wrote: >> >>> On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote: >>>> Hi, >>>> >>>> This is the patch for the gcc12 changes per your request. >>>> >>>> Kees provided most of the wording. >>>> >>>> Please take a look and let’s know whether it’s good for commit? >>>> >>>> thanks. >>>> >>>> Qing >>>> >>>> ================================================ >>>> >>>> >>>> From: qing zhao <qing.zhao@oracle.com> >>>> Date: Tue, 28 Sep 2021 12:01:42 -0700 >>>> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables >>>> initialization update >>>> >>>> * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): >>>> Item about the support for automatic static variable initialization. >>>> --- >>>> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ >>>> 1 file changed, 19 insertions(+) >>>> >>>> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html >>>> index 1f156a9..8e2979c 100644 >>>> --- a/htdocs/gcc-12/changes.html >>>> +++ b/htdocs/gcc-12/changes.html >>>> @@ -245,6 +245,25 @@ a work-in-progress.</p> >>>> <!-- .................................................................. --> >>>> <h2>Other significant improvements</h2> >>>> >>>> +<h3 id="uninitialized">Eliminating uninitialized variables</h3> >>>> + >>>> +<ul> >>>> + <li>GCC can now initialize all stack variables implicitly, including >>>> + padding. This is intended to eliminate all classes of uninitialized >>>> + stack variable flaws. Lack of explicit initialization will still >>>> + warn when <code>-Wuninitialized</code> is active. For best >>>> + debugging, use of the new command-line option >>>> + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill >>>> + variables with a repeated 0xFE pattern, which tends to illuminate >>>> + many bugs (e.g. pointers receive invalid addresses, sizes and indices >>>> + are very large). For best production results, the new command-line >>>> + option <code>-ftrivial-auto-var-init=zero</code> can be used to >>>> + fill variables with 0x00, which tends to provide a safer state for >>>> + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes >>> >>> Minor nit: I've always been corrected that "NULL" refers to a pointer, and >>> "NUL" refers to the "null character", so the latter use of NULL should be >>> "NUL": ... pointers are NULL, strings are NUL filled, and size ... >>> >>> I mix this up all the time, so apologies if that got introduced by me! >>> :) >> >> Also things like 0xFE and NULL should be wrapped in <code></code>, >> otherwise it looks good to me. > > Okay, will update them before committing. > > Thanks. > > Qing >> >> Thanks, >> Richard. >> >>> -Kees >>> >>>> + and indices are 0). >>>> + </li> >>>> +</ul> >>>> + >>>> <h3 id="debug">Debugging formats</h3> >>>> >>>> <ul> >>>> -- >>>> 1.9.1 >>>> >>>> >>> >>> >> >> -- >> Richard Biener <rguenther@suse.de> >> SUSE Software Solutions Germany GmbH, Maxfeldstrasse 5, 90409 Nuernberg, >> Germany; GF: Felix Imendörffer; HRB 36809 (AG Nuernberg) >
On Wed, Sep 29, 2021 at 02:43:35PM +0000, Qing Zhao wrote: > FYI, just committed the change: > > https://gcc.gnu.org/gcc-12/changes.html Looks great to me; thanks! :) -Kees
diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html index 1f156a9..8e2979c 100644 --- a/htdocs/gcc-12/changes.html +++ b/htdocs/gcc-12/changes.html @@ -245,6 +245,25 @@ a work-in-progress.</p> <!-- .................................................................. --> <h2>Other significant improvements</h2> +<h3 id="uninitialized">Eliminating uninitialized variables</h3> + +<ul> + <li>GCC can now initialize all stack variables implicitly, including + padding. This is intended to eliminate all classes of uninitialized + stack variable flaws. Lack of explicit initialization will still + warn when <code>-Wuninitialized</code> is active. For best + debugging, use of the new command-line option + <code>-ftrivial-auto-var-init=pattern</code> can be used to fill + variables with a repeated 0xFE pattern, which tends to illuminate + many bugs (e.g. pointers receive invalid addresses, sizes and indices + are very large). For best production results, the new command-line + option <code>-ftrivial-auto-var-init=zero</code> can be used to + fill variables with 0x00, which tends to provide a safer state for + bugs (e.g. pointers are NULL, strings are NULL filled, and sizes + and indices are 0). + </li> +</ul> + <h3 id="debug">Debugging formats</h3> <ul>
Hi, This is the patch for the gcc12 changes per your request. Kees provided most of the wording. Please take a look and let’s know whether it’s good for commit? thanks. Qing ================================================ From: qing zhao <qing.zhao@oracle.com> Date: Tue, 28 Sep 2021 12:01:42 -0700 Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables initialization update * htdocs/gcc-12/changes.html (Eliminating uninitialized variables): Item about the support for automatic static variable initialization. --- htdocs/gcc-12/changes.html | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+)