Re: [PATCH 1/2] kbuild: Disable -Wdefault-const-init-field-unsafe

llvm.lists.linux.dev archive mirror
 help / color / mirror / Atom feed

From: Masahiro Yamada <masahiroy@kernel.org>
To: Nathan Chancellor <nathan@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Nicolas Schier <nicolas.schier@linux.dev>,
	 Nick Desaulniers <nick.desaulniers+lkml@gmail.com>,
	Bill Wendling <morbo@google.com>,
	 Justin Stitt <justinstitt@google.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	 linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
	 llvm@lists.linux.dev, patches@lists.linux.dev,
	stable@vger.kernel.org,
	 Linux Kernel Functional Testing <lkft@linaro.org>,
	Marcus Seyfarth <m.seyfarth@gmail.com>
Subject: Re: [PATCH 1/2] kbuild: Disable -Wdefault-const-init-field-unsafe
Date: Fri, 9 May 2025 22:02:30 +0900	[thread overview]
Message-ID: <CAK7LNASDpr49SWKwWdqD5sStEM+aSK0ofLd2Cp14KuPpt1Pt_Q@mail.gmail.com> (raw)
In-Reply-To: <20250501-default-const-init-clang-v1-1-3d2c6c185dbb@kernel.org>

On Fri, May 2, 2025 at 8:00 AM Nathan Chancellor <nathan@kernel.org> wrote:
>
> A new on by default warning in clang [1] flags several places within the
> kernel where a const member of an aggregate type appears to be
> uninitialized:
>
>   include/linux/list.h:409:27: warning: default initialization of an object of type 'union (unnamed union at include/linux/list.h:409:27)' with const member leaves the object uninitialized and is incompatible with C++ [-Wdefault-const-init-field-unsafe]
>     409 |         struct list_head *next = smp_load_acquire(&head->next);
>         |                                  ^
>   include/asm-generic/barrier.h:176:29: note: expanded from macro 'smp_load_acquire'
>     176 | #define smp_load_acquire(p) __smp_load_acquire(p)
>         |                             ^
>   arch/arm64/include/asm/barrier.h:164:59: note: expanded from macro '__smp_load_acquire'
>     164 |         union { __unqual_scalar_typeof(*p) __val; char __c[1]; } __u;   \
>         |                                                                  ^
>   include/linux/list.h:409:27: note: member '__val' declared 'const' here
>
>   crypto/scatterwalk.c:66:22: error: default initialization of an object of type 'struct scatter_walk' with const member leaves the object uninitialized and is incompatible with C++ [-Werror,-Wdefault-const-init-field-unsafe]
>      66 |         struct scatter_walk walk;
>         |                             ^
>   include/crypto/algapi.h:112:15: note: member 'addr' declared 'const' here
>     112 |                 void *const addr;
>         |                             ^
>
>   fs/hugetlbfs/inode.c:733:24: error: default initialization of an object of type 'struct vm_area_struct' with const member leaves the object uninitialized and is incompatible with C++ [-Werror,-Wdefault-const-init-field-unsafe]
>     733 |         struct vm_area_struct pseudo_vma;
>         |                               ^
>   include/linux/mm_types.h:803:20: note: member 'vm_flags' declared 'const' here
>     803 |                 const vm_flags_t vm_flags;
>         |                                  ^
>
> In all audited cases, the members are either not used in the particular
> call path, modified through other means such as memset() / memcpy()
> because the containing object is not const, or are within a union with
> other non-const members. Since these are technically false positives,
> the warning was split out from its main group [2] to allow the kernel to
> disable it while keeping the variable aspect of the warning enabled.
>
> Cc: stable@vger.kernel.org
> Link: https://github.com/llvm/llvm-project/commit/576161cb6069e2c7656a8ef530727a0f4aefff30 [1]
> Link: https://github.com/llvm/llvm-project/commit/00f9ef282c7482754a0fea497417604d1deca9fa [2]
> Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
> Closes: https://lore.kernel.org/CA+G9fYuNjKcxFKS_MKPRuga32XbndkLGcY-PVuoSwzv6VWbY=w@mail.gmail.com/
> Reported-by: Marcus Seyfarth <m.seyfarth@gmail.com>
> Closes: https://github.com/ClangBuiltLinux/linux/issues/2088
> Signed-off-by: Nathan Chancellor <nathan@kernel.org>
> ---


Applied to linux-kbuild.
Thanks.

>  scripts/Makefile.extrawarn | 7 +++++++
>  1 file changed, 7 insertions(+)
>
> diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn
> index d88acdf4085524b672c69fb75148ee87c30f88d8..b4d8265e587082687bc1d3de3fcc70e4a3f4f50d 100644
> --- a/scripts/Makefile.extrawarn
> +++ b/scripts/Makefile.extrawarn
> @@ -37,6 +37,13 @@ KBUILD_CFLAGS += -Wno-gnu
>  # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111219
>  KBUILD_CFLAGS += $(call cc-disable-warning, format-overflow-non-kprintf)
>  KBUILD_CFLAGS += $(call cc-disable-warning, format-truncation-non-kprintf)
> +
> +# clang emits a warning when a const member of an aggregate type is not
> +# initialized but there are several places in the kernel where this is
> +# intentional because the field is never used within a particular call path,
> +# the field is within a union with other non-const members, or the containing
> +# object is not const so the field can be modified via memcpy() / memset().
> +KBUILD_CFLAGS += $(call cc-disable-warning, default-const-init-field-unsafe)
>  else
>
>  # gcc inanely warns about local variables called 'main'
>
> --
> 2.49.0
>


-- 
Best Regards
Masahiro Yamada

next prev parent reply	other threads:[~2025-05-09 13:03 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-01 23:00 [PATCH 0/2] Deal with clang's -Wdefault-const-init-unsafe Nathan Chancellor
2025-05-01 23:00 ` [PATCH 1/2] kbuild: Disable -Wdefault-const-init-field-unsafe Nathan Chancellor
2025-05-09 13:02   ` Masahiro Yamada [this message]
2025-05-01 23:00 ` [PATCH 2/2] include/linux/typecheck.h: Zero initialize dummy variables Nathan Chancellor
2025-05-01 23:28   ` Linus Torvalds
2025-05-01 23:37     ` Linus Torvalds
2025-05-02  0:28     ` Al Viro
2025-05-02  1:24     ` Nathan Chancellor
2025-05-02  1:34       ` Linus Torvalds
2025-05-02  2:09         ` Nathan Chancellor
2025-05-02  2:05       ` Al Viro
2025-05-02  2:36         ` Nathan Chancellor
2025-05-02  9:46   ` kernel test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAK7LNASDpr49SWKwWdqD5sStEM+aSK0ofLd2Cp14KuPpt1Pt_Q@mail.gmail.com \
    --to=masahiroy@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=justinstitt@google.com \
    --cc=linux-kbuild@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lkft@linaro.org \
    --cc=llvm@lists.linux.dev \
    --cc=m.seyfarth@gmail.com \
    --cc=morbo@google.com \
    --cc=nathan@kernel.org \
    --cc=nick.desaulniers+lkml@gmail.com \
    --cc=nicolas.schier@linux.dev \
    --cc=patches@lists.linux.dev \
    --cc=stable@vger.kernel.org \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).