From: Segher Boessenkool <segher@kernel.crashing.org>
To: Alexander Potapenko <glider@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Evgenii Stepanov <eugenis@google.com>,
Kees Cook <keescook@chromium.org>, Marco Elver <elver@google.com>,
Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
Vitaly Buka <vitalybuka@google.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
linux-toolchains <linux-toolchains@vger.kernel.org>
Subject: Re: [PATCH] [RFC] Initialization of unused function parameters
Date: Tue, 14 Jun 2022 16:40:39 -0500 [thread overview]
Message-ID: <20220614214039.GA25951@gate.crashing.org> (raw)
In-Reply-To: <CAG_fn=UPoM3bafwu6inGPMjg1bPw3HSFM_KrE_hen_MN3fu2vA@mail.gmail.com>
Hi!
On Tue, Jun 14, 2022 at 10:19:53PM +0200, Alexander Potapenko wrote:
> ================
> char *kmalloc(int size);
>
> char *kmalloc_or_not(int flag, int size, char *p) {
> if (flag)
> return kmalloc(size);
> else
> return p;
> }
>
> char global[16];
>
> char *p(int flag) {
> char *c;
> int size;
> if (flag)
> return kmalloc_or_not(1, 4, c);
> else
> return kmalloc_or_not(0, size, global);
> }
> ================
Since C11, lvalue conversion of an automatic variable that does not have
its address taken is explicitly undefined behaviour (6.3.2.1/2). So in
function "p", both where "c" and where "size" are passed causes UB (so
that executing "p" always causes UB btw).
> In this example `size` is passed into kmalloc_or_not() initialized,
> however it is never used, so the code probably has defined behavior.
No such luck: the passing itself already causes UB.
GCC does not warn, it has already optimised the code to what you expect
by the time this warning is done. If you use -fno-inline it does warn
for both "c" and "size" (via -Wmaybe-uninitialized).
But it is still UB! All bets are off, no compiler can do any correct
translation of your program, since there *is none*.
Segher
next prev parent reply other threads:[~2022-06-14 21:49 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-14 14:48 [PATCH] [RFC] Initialization of unused function parameters Alexander Potapenko
2022-06-14 16:48 ` Linus Torvalds
2022-06-14 17:11 ` Nick Desaulniers
2022-06-14 17:24 ` Linus Torvalds
2022-06-14 18:08 ` Nick Desaulniers
2022-06-14 22:27 ` Peter Zijlstra
2022-06-14 18:07 ` Alexander Potapenko
2022-06-14 18:30 ` Linus Torvalds
2022-06-14 20:19 ` Alexander Potapenko
2022-06-14 20:43 ` Linus Torvalds
2022-06-14 21:40 ` Segher Boessenkool [this message]
2022-06-14 22:08 ` Evgenii Stepanov
2022-06-15 8:30 ` Alexander Potapenko
2022-06-15 16:46 ` Segher Boessenkool
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220614214039.GA25951@gate.crashing.org \
--to=segher@kernel.crashing.org \
--cc=elver@google.com \
--cc=eugenis@google.com \
--cc=glider@google.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-toolchains@vger.kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vitalybuka@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.