[gcc12-changes] Add a new item about the support for automatic static variable initialization

Message ID BFF3F4BB-1FAB-4FDD-B160-380044158175@oracle.com
State New
Headers
Series [gcc12-changes] Add a new item about the support for automatic static variable initialization |

Commit Message

Qing Zhao Sept. 28, 2021, 8:31 p.m. UTC
  Hi,

This is the patch for the gcc12 changes  per your request. 

Kees provided most of the wording. 

Please take a look and let’s know whether it’s good for commit?

thanks.

Qing

================================================


From: qing zhao <qing.zhao@oracle.com>
Date: Tue, 28 Sep 2021 12:01:42 -0700
Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
 initialization update

	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
	Item about the support for automatic static variable initialization.
---
 htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
  

Comments

Kees Cook Sept. 28, 2021, 8:39 p.m. UTC | #1
On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote:
> Hi,
> 
> This is the patch for the gcc12 changes  per your request. 
> 
> Kees provided most of the wording. 
> 
> Please take a look and let’s know whether it’s good for commit?
> 
> thanks.
> 
> Qing
> 
> ================================================
> 
> 
> From: qing zhao <qing.zhao@oracle.com>
> Date: Tue, 28 Sep 2021 12:01:42 -0700
> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
>  initialization update
> 
> 	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
> 	Item about the support for automatic static variable initialization.
> ---
>  htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
>  1 file changed, 19 insertions(+)
> 
> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
> index 1f156a9..8e2979c 100644
> --- a/htdocs/gcc-12/changes.html
> +++ b/htdocs/gcc-12/changes.html
> @@ -245,6 +245,25 @@ a work-in-progress.</p>
>  <!-- .................................................................. -->
>  <h2>Other significant improvements</h2>
>  
> +<h3 id="uninitialized">Eliminating uninitialized variables</h3>
> +
> +<ul>
> +  <li>GCC can now initialize all stack variables implicitly, including
> +      padding. This is intended to eliminate all classes of uninitialized
> +      stack variable flaws. Lack of explicit initialization will still
> +      warn when <code>-Wuninitialized</code> is active. For best
> +      debugging, use of the new command-line option
> +      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
> +      variables with a repeated 0xFE pattern, which tends to illuminate
> +      many bugs (e.g. pointers receive invalid addresses, sizes and indices
> +      are very large). For best production results, the new command-line
> +      option <code>-ftrivial-auto-var-init=zero</code> can be used to
> +      fill variables with 0x00, which tends to provide a safer state for
> +      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes

Minor nit: I've always been corrected that "NULL" refers to a pointer, and
"NUL" refers to the "null character", so the latter use of NULL should be
"NUL": ... pointers are NULL, strings are NUL filled, and size ...

I mix this up all the time, so apologies if that got introduced by me!
:)

-Kees

> +      and indices are 0).
> +  </li>
> +</ul>
> +
>  <h3 id="debug">Debugging formats</h3>
>  
>  <ul>
> -- 
> 1.9.1
> 
>
  
Richard Biener Sept. 29, 2021, 10:39 a.m. UTC | #2
On Tue, 28 Sep 2021, Kees Cook wrote:

> On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote:
> > Hi,
> > 
> > This is the patch for the gcc12 changes  per your request. 
> > 
> > Kees provided most of the wording. 
> > 
> > Please take a look and let’s know whether it’s good for commit?
> > 
> > thanks.
> > 
> > Qing
> > 
> > ================================================
> > 
> > 
> > From: qing zhao <qing.zhao@oracle.com>
> > Date: Tue, 28 Sep 2021 12:01:42 -0700
> > Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
> >  initialization update
> > 
> > 	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
> > 	Item about the support for automatic static variable initialization.
> > ---
> >  htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
> >  1 file changed, 19 insertions(+)
> > 
> > diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
> > index 1f156a9..8e2979c 100644
> > --- a/htdocs/gcc-12/changes.html
> > +++ b/htdocs/gcc-12/changes.html
> > @@ -245,6 +245,25 @@ a work-in-progress.</p>
> >  <!-- .................................................................. -->
> >  <h2>Other significant improvements</h2>
> >  
> > +<h3 id="uninitialized">Eliminating uninitialized variables</h3>
> > +
> > +<ul>
> > +  <li>GCC can now initialize all stack variables implicitly, including
> > +      padding. This is intended to eliminate all classes of uninitialized
> > +      stack variable flaws. Lack of explicit initialization will still
> > +      warn when <code>-Wuninitialized</code> is active. For best
> > +      debugging, use of the new command-line option
> > +      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
> > +      variables with a repeated 0xFE pattern, which tends to illuminate
> > +      many bugs (e.g. pointers receive invalid addresses, sizes and indices
> > +      are very large). For best production results, the new command-line
> > +      option <code>-ftrivial-auto-var-init=zero</code> can be used to
> > +      fill variables with 0x00, which tends to provide a safer state for
> > +      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes
> 
> Minor nit: I've always been corrected that "NULL" refers to a pointer, and
> "NUL" refers to the "null character", so the latter use of NULL should be
> "NUL": ... pointers are NULL, strings are NUL filled, and size ...
> 
> I mix this up all the time, so apologies if that got introduced by me!
> :)

Also things like 0xFE and NULL should be wrapped in <code></code>, 
otherwise it looks good to me.

Thanks,
Richard.

> -Kees
> 
> > +      and indices are 0).
> > +  </li>
> > +</ul>
> > +
> >  <h3 id="debug">Debugging formats</h3>
> >  
> >  <ul>
> > -- 
> > 1.9.1
> > 
> > 
> 
>
  
Qing Zhao Sept. 29, 2021, 2:14 p.m. UTC | #3
> On Sep 28, 2021, at 3:39 PM, Kees Cook <keescook@chromium.org> wrote:
> 
> On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote:
>> Hi,
>> 
>> This is the patch for the gcc12 changes  per your request. 
>> 
>> Kees provided most of the wording. 
>> 
>> Please take a look and let’s know whether it’s good for commit?
>> 
>> thanks.
>> 
>> Qing
>> 
>> ================================================
>> 
>> 
>> From: qing zhao <qing.zhao@oracle.com>
>> Date: Tue, 28 Sep 2021 12:01:42 -0700
>> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
>> initialization update
>> 
>> 	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
>> 	Item about the support for automatic static variable initialization.
>> ---
>> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
>> 1 file changed, 19 insertions(+)
>> 
>> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
>> index 1f156a9..8e2979c 100644
>> --- a/htdocs/gcc-12/changes.html
>> +++ b/htdocs/gcc-12/changes.html
>> @@ -245,6 +245,25 @@ a work-in-progress.</p>
>> <!-- .................................................................. -->
>> <h2>Other significant improvements</h2>
>> 
>> +<h3 id="uninitialized">Eliminating uninitialized variables</h3>
>> +
>> +<ul>
>> +  <li>GCC can now initialize all stack variables implicitly, including
>> +      padding. This is intended to eliminate all classes of uninitialized
>> +      stack variable flaws. Lack of explicit initialization will still
>> +      warn when <code>-Wuninitialized</code> is active. For best
>> +      debugging, use of the new command-line option
>> +      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
>> +      variables with a repeated 0xFE pattern, which tends to illuminate
>> +      many bugs (e.g. pointers receive invalid addresses, sizes and indices
>> +      are very large). For best production results, the new command-line
>> +      option <code>-ftrivial-auto-var-init=zero</code> can be used to
>> +      fill variables with 0x00, which tends to provide a safer state for
>> +      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes
> 
> Minor nit: I've always been corrected that "NULL" refers to a pointer, and
> "NUL" refers to the "null character", so the latter use of NULL should be
> "NUL": ... pointers are NULL, strings are NUL filled, and size ...
> 
> I mix this up all the time, so apologies if that got introduced by me!
> :)
I thought that was a typo -:)

Will change it back.

Qing
> 
> -Kees
> 
>> +      and indices are 0).
>> +  </li>
>> +</ul>
>> +
>> <h3 id="debug">Debugging formats</h3>
>> 
>> <ul>
>> -- 
>> 1.9.1
>> 
>> 
> 
> -- 
> Kees Cook
  
Qing Zhao Sept. 29, 2021, 2:18 p.m. UTC | #4
> On Sep 29, 2021, at 5:39 AM, Richard Biener <rguenther@suse.de> wrote:
> 
> On Tue, 28 Sep 2021, Kees Cook wrote:
> 
>> On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote:
>>> Hi,
>>> 
>>> This is the patch for the gcc12 changes  per your request. 
>>> 
>>> Kees provided most of the wording. 
>>> 
>>> Please take a look and let’s know whether it’s good for commit?
>>> 
>>> thanks.
>>> 
>>> Qing
>>> 
>>> ================================================
>>> 
>>> 
>>> From: qing zhao <qing.zhao@oracle.com>
>>> Date: Tue, 28 Sep 2021 12:01:42 -0700
>>> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
>>> initialization update
>>> 
>>> 	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
>>> 	Item about the support for automatic static variable initialization.
>>> ---
>>> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
>>> 1 file changed, 19 insertions(+)
>>> 
>>> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
>>> index 1f156a9..8e2979c 100644
>>> --- a/htdocs/gcc-12/changes.html
>>> +++ b/htdocs/gcc-12/changes.html
>>> @@ -245,6 +245,25 @@ a work-in-progress.</p>
>>> <!-- .................................................................. -->
>>> <h2>Other significant improvements</h2>
>>> 
>>> +<h3 id="uninitialized">Eliminating uninitialized variables</h3>
>>> +
>>> +<ul>
>>> +  <li>GCC can now initialize all stack variables implicitly, including
>>> +      padding. This is intended to eliminate all classes of uninitialized
>>> +      stack variable flaws. Lack of explicit initialization will still
>>> +      warn when <code>-Wuninitialized</code> is active. For best
>>> +      debugging, use of the new command-line option
>>> +      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
>>> +      variables with a repeated 0xFE pattern, which tends to illuminate
>>> +      many bugs (e.g. pointers receive invalid addresses, sizes and indices
>>> +      are very large). For best production results, the new command-line
>>> +      option <code>-ftrivial-auto-var-init=zero</code> can be used to
>>> +      fill variables with 0x00, which tends to provide a safer state for
>>> +      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes
>> 
>> Minor nit: I've always been corrected that "NULL" refers to a pointer, and
>> "NUL" refers to the "null character", so the latter use of NULL should be
>> "NUL": ... pointers are NULL, strings are NUL filled, and size ...
>> 
>> I mix this up all the time, so apologies if that got introduced by me!
>> :)
> 
> Also things like 0xFE and NULL should be wrapped in <code></code>, 
> otherwise it looks good to me.

Okay, will update them before committing.

Thanks.

Qing
> 
> Thanks,
> Richard.
> 
>> -Kees
>> 
>>> +      and indices are 0).
>>> +  </li>
>>> +</ul>
>>> +
>>> <h3 id="debug">Debugging formats</h3>
>>> 
>>> <ul>
>>> -- 
>>> 1.9.1
>>> 
>>> 
>> 
>> 
> 
> -- 
> Richard Biener <rguenther@suse.de>
> SUSE Software Solutions Germany GmbH, Maxfeldstrasse 5, 90409 Nuernberg,
> Germany; GF: Felix Imendörffer; HRB 36809 (AG Nuernberg)
  
Martin Sebor Sept. 29, 2021, 2:42 p.m. UTC | #5
On 9/28/21 2:31 PM, Qing Zhao via Gcc-patches wrote:
> Hi,
> 
> This is the patch for the gcc12 changes  per your request.
> 
> Kees provided most of the wording.
> 
> Please take a look and let’s know whether it’s good for commit?
> 
> thanks.
> 
> Qing
> 
> ================================================
> 
> 
> From: qing zhao <qing.zhao@oracle.com>
> Date: Tue, 28 Sep 2021 12:01:42 -0700
> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
>   initialization update
> 
> 	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
> 	Item about the support for automatic static variable initialization.
> ---
>   htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
>   1 file changed, 19 insertions(+)
> 
> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
> index 1f156a9..8e2979c 100644
> --- a/htdocs/gcc-12/changes.html
> +++ b/htdocs/gcc-12/changes.html
> @@ -245,6 +245,25 @@ a work-in-progress.</p>
>   <!-- .................................................................. -->
>   <h2>Other significant improvements</h2>
>   
> +<h3 id="uninitialized">Eliminating uninitialized variables</h3>
> +
> +<ul>
> +  <li>GCC can now initialize all stack variables implicitly, including
> +      padding. This is intended to eliminate all classes of uninitialized
> +      stack variable flaws. Lack of explicit initialization will still
> +      warn when <code>-Wuninitialized</code> is active. For best
> +      debugging, use of the new command-line option
> +      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
> +      variables with a repeated 0xFE pattern, which tends to illuminate
> +      many bugs (e.g. pointers receive invalid addresses, sizes and indices
> +      are very large). For best production results, the new command-line
> +      option <code>-ftrivial-auto-var-init=zero</code> can be used to
> +      fill variables with 0x00, which tends to provide a safer state for
> +      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes
> +      and indices are 0).

The "use ... can be used" in the sentence

   For best debugging, use of the new command-line option
   -ftrivial-auto-var-init=pattern can be used...

reads a bit awkward.  Following the phrasing of the second such
sentence would look better:

   To aid in debugging, the new command-line option
   -ftrivial-auto-var-init=pattern can be used...

Martin

> +  </li>
> +</ul>
> +
>   <h3 id="debug">Debugging formats</h3>
>   
>   <ul>
>
  
Qing Zhao Sept. 29, 2021, 2:43 p.m. UTC | #6
FYI, just committed the change:

https://gcc.gnu.org/gcc-12/changes.html


Qing
> On Sep 29, 2021, at 9:18 AM, Qing Zhao via Gcc-patches <gcc-patches@gcc.gnu.org> wrote:
> 
> 
> 
>> On Sep 29, 2021, at 5:39 AM, Richard Biener <rguenther@suse.de> wrote:
>> 
>> On Tue, 28 Sep 2021, Kees Cook wrote:
>> 
>>> On Tue, Sep 28, 2021 at 08:31:13PM +0000, Qing Zhao wrote:
>>>> Hi,
>>>> 
>>>> This is the patch for the gcc12 changes  per your request. 
>>>> 
>>>> Kees provided most of the wording. 
>>>> 
>>>> Please take a look and let’s know whether it’s good for commit?
>>>> 
>>>> thanks.
>>>> 
>>>> Qing
>>>> 
>>>> ================================================
>>>> 
>>>> 
>>>> From: qing zhao <qing.zhao@oracle.com>
>>>> Date: Tue, 28 Sep 2021 12:01:42 -0700
>>>> Subject: [PATCH] gcc-12/changes.html: Uninitialized stack variables
>>>> initialization update
>>>> 
>>>> 	* htdocs/gcc-12/changes.html (Eliminating uninitialized variables):
>>>> 	Item about the support for automatic static variable initialization.
>>>> ---
>>>> htdocs/gcc-12/changes.html | 19 +++++++++++++++++++
>>>> 1 file changed, 19 insertions(+)
>>>> 
>>>> diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
>>>> index 1f156a9..8e2979c 100644
>>>> --- a/htdocs/gcc-12/changes.html
>>>> +++ b/htdocs/gcc-12/changes.html
>>>> @@ -245,6 +245,25 @@ a work-in-progress.</p>
>>>> <!-- .................................................................. -->
>>>> <h2>Other significant improvements</h2>
>>>> 
>>>> +<h3 id="uninitialized">Eliminating uninitialized variables</h3>
>>>> +
>>>> +<ul>
>>>> +  <li>GCC can now initialize all stack variables implicitly, including
>>>> +      padding. This is intended to eliminate all classes of uninitialized
>>>> +      stack variable flaws. Lack of explicit initialization will still
>>>> +      warn when <code>-Wuninitialized</code> is active. For best
>>>> +      debugging, use of the new command-line option
>>>> +      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
>>>> +      variables with a repeated 0xFE pattern, which tends to illuminate
>>>> +      many bugs (e.g. pointers receive invalid addresses, sizes and indices
>>>> +      are very large). For best production results, the new command-line
>>>> +      option <code>-ftrivial-auto-var-init=zero</code> can be used to
>>>> +      fill variables with 0x00, which tends to provide a safer state for
>>>> +      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes
>>> 
>>> Minor nit: I've always been corrected that "NULL" refers to a pointer, and
>>> "NUL" refers to the "null character", so the latter use of NULL should be
>>> "NUL": ... pointers are NULL, strings are NUL filled, and size ...
>>> 
>>> I mix this up all the time, so apologies if that got introduced by me!
>>> :)
>> 
>> Also things like 0xFE and NULL should be wrapped in <code></code>, 
>> otherwise it looks good to me.
> 
> Okay, will update them before committing.
> 
> Thanks.
> 
> Qing
>> 
>> Thanks,
>> Richard.
>> 
>>> -Kees
>>> 
>>>> +      and indices are 0).
>>>> +  </li>
>>>> +</ul>
>>>> +
>>>> <h3 id="debug">Debugging formats</h3>
>>>> 
>>>> <ul>
>>>> -- 
>>>> 1.9.1
>>>> 
>>>> 
>>> 
>>> 
>> 
>> -- 
>> Richard Biener <rguenther@suse.de>
>> SUSE Software Solutions Germany GmbH, Maxfeldstrasse 5, 90409 Nuernberg,
>> Germany; GF: Felix Imendörffer; HRB 36809 (AG Nuernberg)
>
  
Kees Cook Sept. 29, 2021, 5:15 p.m. UTC | #7
On Wed, Sep 29, 2021 at 02:43:35PM +0000, Qing Zhao wrote:
> FYI, just committed the change:
> 
> https://gcc.gnu.org/gcc-12/changes.html

Looks great to me; thanks! :)

-Kees
  

Patch

diff --git a/htdocs/gcc-12/changes.html b/htdocs/gcc-12/changes.html
index 1f156a9..8e2979c 100644
--- a/htdocs/gcc-12/changes.html
+++ b/htdocs/gcc-12/changes.html
@@ -245,6 +245,25 @@  a work-in-progress.</p>
 <!-- .................................................................. -->
 <h2>Other significant improvements</h2>
 
+<h3 id="uninitialized">Eliminating uninitialized variables</h3>
+
+<ul>
+  <li>GCC can now initialize all stack variables implicitly, including
+      padding. This is intended to eliminate all classes of uninitialized
+      stack variable flaws. Lack of explicit initialization will still
+      warn when <code>-Wuninitialized</code> is active. For best
+      debugging, use of the new command-line option
+      <code>-ftrivial-auto-var-init=pattern</code> can be used to fill
+      variables with a repeated 0xFE pattern, which tends to illuminate
+      many bugs (e.g. pointers receive invalid addresses, sizes and indices
+      are very large). For best production results, the new command-line
+      option <code>-ftrivial-auto-var-init=zero</code> can be used to
+      fill variables with 0x00, which tends to provide a safer state for
+      bugs (e.g. pointers are NULL, strings are NULL filled, and sizes
+      and indices are 0).
+  </li>
+</ul>
+
 <h3 id="debug">Debugging formats</h3>
 
 <ul>