On Wed, Jun 16, 2021 at 07:39:02PM +0000, Qing Zhao wrote: > So, the major question now is: > > Is one single repeatable pattern enough for pattern initialization for all > different types of auto variables? > > If YES, then the implementation for pattern initialization will be much > easier and simpler > as you pointed out. And will save me a lot of pain to implement this > part. > If NO, then we have to keep the current complicate implementation since it > provides us > the flexibility to assign different patterns to different types. > > Honestly, I don’t have a good justification on this question myself. > > The previous references I have so far are the current behavior of CLANG and > Microsoft compiler. > > For your reference, > . CLANG uses different patterns for INTEGER (0xAAAAAAAA) and FLOAT > (0xFFFFFFFF) and 32-bit pointer (0x000000AA) > https://reviews.llvm.org/D54604 > . Microsoft uses different patterns for INTEGERS ( 0xE2), FLOAT (1.0) > https://msrc-blog.microsoft.com/2020/05/13/solving-uninitialized-stack-memory-on-windows/ > > My understanding from CLANG’s comment is, the patterns are easier to crash > the program for the certain type, therefore easier to > catch any potential bugs.
Right, this is the justification for the different patterns. I am fine with a static value for the first version of this functionality, as long as it's a non-canonical virtual memory address when evaluated as a pointer (so that the pattern can't be made to aim at a legitimate fixed allocatable address in memory). > Don’t know why Microsoft chose the pattern like this. > > So, For GCC, what should we do on the pattern initializations, shall we > choose one single repeatable pattern for all the types as you suggested, > Or chose different patterns for different types as Clang and Microsoft > compiler’s behavior? > > Kees, do you have any comment on this? > > How did Linux Kernel use -ftrivial-auto-var-init=pattern feature of CLANG? It's just used as-is from the compiler, and recommended for "debug builds". -- Kees Cook
