Announcement

Collapse
No announcement yet.

KMSAN Patches For The Linux Kernel Updated For Catching Uninitialized Memory Problems

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    KMSAN Patches For The Linux Kernel Updated For Catching Uninitialized Memory Problems

    Phoronix: KMSAN Patches For The Linux Kernel Updated For Catching Uninitialized Memory Problems

    One of the Linux patch series that has been in the works for years in conjunction with Clang compiler side changes and already being responsible for exposing hundreds of kernel bugs is the KernelMemorySanitizer (KMSAN). Sent out today was the latest patch series working on the kernel infrastructure for catching uninitialized memory issues...

    KMSAN Patches For The Linux Kernel Updated For Catching Uninitialized Memory Problems - Phoronix
    https://www.phoronix.com/scan.php?page=news_item&px=KernelMemorySanitizer-2022
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
    • Likes 1
  • #2
    inb4 "they should use Rust" comments.

    Though they're right. It's the only systems programming language capable of making these issues really go away.
    • Likes 5

    Comment

    • #3
      Originally posted by andrebrait View Post
      inb4 "they should use Rust" comments.

      Though they're right. It's the only systems programming language capable of making these issues really go away.
      I really wish you were kidding.
      • Likes 1

      Comment

      • #4
        Originally posted by andrebrait View Post
        inb4 "they should use Rust" comments.

        Though they're right. It's the only systems programming language capable of making these issues really go away.
        Not quite the only one - in C++ you usually won't have uninitialized classes / structs either as it has the same RAII semantics as Rust, though unlike Rust it still gives you a footgun if you want to (not that that'd be helpful here)

        But no, it'd be foolish to say that the problem of uninitialized memory has only been solved with Rust - practically every language BUT C solved it.

        Comment

        • #5
          Originally posted by Jannik2099 View Post

          Not quite the only one - in C++ you usually won't have uninitialized classes / structs either as it has the same RAII semantics as Rust, though unlike Rust it still gives you a footgun if you want to (not that that'd be helpful here)

          But no, it'd be foolish to say that the problem of uninitialized memory has only been solved with Rust - practically every language BUT C solved it.
          When I said "issues" I ended up not being specific, but unitialized memory is only one issue in the class of problems regarding memory management. Rust is, AFAIK, the only language that has managed to solve almost all issues in that class.

          So yeah, using C++ solves some, but it won't solve all, at least not in a way that's usable in the kernel. I don't think they'd want to use smart pointers, or any C++ at all to begin with.
          • Likes 2

          Comment

          • #6
            > Such bugs keep getting introduced into the kernel despite new compiler warnings and other analyses

            That's the interesting part.

            Something's fishy here, because we had *compilers* that would bitch about uninitialized variables literally decades ago, let alone secondary tools like Coverity etc, and under -Werror that gets you a failed build. So either something has gone very backwards with compilers, or somebody is disabling warnings en masse in their code and none of the reviewers have any problem with that.

            Comment

            • #7
              Originally posted by arQon View Post
              > Such bugs keep getting introduced into the kernel despite new compiler warnings and other analyses

              That's the interesting part.

              Something's fishy here, because we had *compilers* that would bitch about uninitialized variables literally decades ago, let alone secondary tools like Coverity etc, and under -Werror that gets you a failed build. So either something has gone very backwards with compilers, or somebody is disabling warnings en masse in their code and none of the reviewers have any problem with that.
              I don't think any of that works if you start passing pointers to stack memory around, otherwise most compilers would spam millions of warnings at every C project, because you never know if the function reads from your pointer or writes to it (e.g. you use a function to initialize your struct on the function stack).

              Comment

              • #8
                Originally posted by karolherbst View Post
                I don't think any of that works if you start passing pointers to stack memory around
                You're probably right about "X* p; foo(&p); *p=42;" cases (where foo() has a path that doesn't populate p) being overlooked by the compiler, but it certainly gets caught by Coverity etc.

                Comment

                Previous template Next
                Working...
                X