Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752327AbdGEWly (ORCPT ); Wed, 5 Jul 2017 18:41:54 -0400 Received: from mail-qk0-f195.google.com ([209.85.220.195]:35376 "EHLO mail-qk0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751886AbdGEWlx (ORCPT ); Wed, 5 Jul 2017 18:41:53 -0400 MIME-Version: 1.0 In-Reply-To: References: <20170705050500.GA72383@beast> From: Andrey Ryabinin Date: Thu, 6 Jul 2017 01:41:51 +0300 Message-ID: Subject: Re: [GIT PULL] gcc-plugins updates for v4.13-rc1 To: Linus Torvalds Cc: Arnd Bergmann , Ard Biesheuvel , Kees Cook , Linux Kernel Mailing List , Jean Delvare Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1105 Lines: 29 2017-07-06 0:56 GMT+03:00 Linus Torvalds : > On Wed, Jul 5, 2017 at 2:48 PM, Arnd Bergmann wrote: >> >> This particular example should be handled by >> scripts/gcc-plugins/structleak_plugin.c, right? > > .. probably. But we have a ton of other uses that just pass in > "result" pointers (not structs), which admittedly don't have the > padding issue, but do have the exact same issue otherwise. > > We have those random "initialize to zero by hand", and I wouldn't > actually worry about most of the common cases. KASAN will find them > anyway. > KASAN doesn't find "use-of-unitialized memory" bugs. It can find only use-after-free and out-of-bounds accesses. MemorySanitizer (aka KMSAN) is supposed to detect uses of unitialized memory. It's still in WIP stage, but have some trophies already (just grep for KMSAN in git log) > It tends to be the random odd ioctl-like things that nobody finds > because it's only uninitialized for some silly error case that never > triggers (or some unusual driver that needs to be loaded). > > Linus