Re: [PATCH] treewide: Remove unnamed static initializations to 0

From: Kees Cook
Date: Tue Sep 14 2021 - 12:51:07 EST


On Mon, Sep 13, 2021 at 12:40:41PM -0700, Linus Torvalds wrote:
> On Fri, Sep 10, 2021 at 3:52 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> > Since "= { 0 }" and "= { }" have the same meaning ("incomplete
> > initializer") they will both initialize the given variable to zero
> > (modulo padding games).
> >
> > After this change, I can almost build the "allmodconfig" target with
> > GCC 4.9 again.
> >
> > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> > ---
> > With this patch and the following three, I can build with gcc 4.9 again:
> > https://lore.kernel.org/lkml/20210910223332.3224851-1-keescook@xxxxxxxxxxxx/
> > https://lore.kernel.org/lkml/20210910223409.3225001-1-keescook@xxxxxxxxxxxx/
> > https://lore.kernel.org/lkml/20210910223613.3225685-1-keescook@xxxxxxxxxxxx/
> > I look forward to raising our minimum GCC version again! :)
>
> So this was one of the patches I left in my pending queue, and I don't
> exactly hate it, but given the option to just say "don't use gcc-4.9"
> and applying this big patch, I did the former.

Yeah, I think that's best.

> That said, one of the reasons I didn't like the patch that much is
> that it seems to be a mindless "just search-and-replace everything",
> very much for initializers that didn't complain even with gcc-4.9, and
> that were entirely correct.

I was using Coccinelle to minimize the impact.

> I would _not_ mind a patch that actually fixed only the places where
> it actually _is_ a question of missing braces, and we have an unnamed
> union or something like that.
>
> So some of the gcc-4.9 warnings certainly looked at least _somewhat_
> reasonable for a compiler that didn't do unnamed unions or structures
> very well.
>
> And I wouldn't mind replacing those. But this patch seems to then
> change entirely correct code that no reasonable compiler could
> possibly warn about. I wonder if some coccinelle script or other would
> find a much more reasonable subset?

Right -- for example I excluded all 1-dimensional scalar array
initializers. The warning comes from (IIUC) compound types (i.e. a
struct or union within another struct or union).

> With the gcc-4.9 support being dropped, that probably doesn't matter
> any more, of course. But I just wanted to say that I didn't hate the
> patch, but that it seemed to be too much of an automated hammer for
> the problem that could be solved a lot more surgically.

Yup, I'd much rather just leave all this as-is. It's effectively a
20,000 line white-space change, since there should be no actual binary
output difference. When I spot-checked this, it was true, which is what
I was expecting.

> The three remaining patches you point at look interesting, although I
> think that third one looks decidedly odd. Why not add the 'const' in
> the callers instead of removing it from the function? And why don't I
> see those warnings - is this some compiler bug?

Looks like a GCC 4.9 bug, yes. The other two I'll continue to pursue,
since they're general correctness fixes, even if modern GCC deals with
them happily:
> > https://lore.kernel.org/lkml/20210910223332.3224851-1-keescook@xxxxxxxxxxxx/
> > https://lore.kernel.org/lkml/20210910223409.3225001-1-keescook@xxxxxxxxxxxx/

-Kees

--
Kees Cook