From 638fdf25fd25baead020c9f578193f075f931c51 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kittywhiskers@users.noreply.github.com> Date: Fri, 1 May 2020 14:05:48 +0200 Subject: [PATCH] bitcoin#18843: warn on potentially uninitialized reads --- configure.ac | 2 ++ src/Makefile.leveldb.include | 2 +- src/random.cpp | 7 +++++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 8887a423fd..579e9770b9 100644 --- a/configure.ac +++ b/configure.ac @@ -367,6 +367,7 @@ if test "x$enable_werror" = "xyes"; then AX_CHECK_COMPILE_FLAG([-Werror=unused-variable],[ERROR_CXXFLAGS="$ERROR_CXXFLAGS -Werror=unused-variable"],,[[$CXXFLAG_WERROR]]) AX_CHECK_COMPILE_FLAG([-Werror=date-time],[ERROR_CXXFLAGS="$ERROR_CXXFLAGS -Werror=date-time"],,[[$CXXFLAG_WERROR]]) AX_CHECK_COMPILE_FLAG([-Werror=return-type],[ERROR_CXXFLAGS="$ERROR_CXXFLAGS -Werror=return-type"],,[[$CXXFLAG_WERROR]]) + AX_CHECK_COMPILE_FLAG([-Werror=conditional-uninitialized],[ERROR_CXXFLAGS="$ERROR_CXXFLAGS -Werror=conditional-uninitialized"],,[[$CXXFLAG_WERROR]]) fi if test "x$CXXFLAGS_overridden" = "xno"; then @@ -381,6 +382,7 @@ if test "x$CXXFLAGS_overridden" = "xno"; then AX_CHECK_COMPILE_FLAG([-Wredundant-decls],[WARN_CXXFLAGS="$WARN_CXXFLAGS -Wredundant-decls"],,[[$CXXFLAG_WERROR]]) AX_CHECK_COMPILE_FLAG([-Wunused-variable],[WARN_CXXFLAGS="$WARN_CXXFLAGS -Wunused-variable"],,[[$CXXFLAG_WERROR]]) AX_CHECK_COMPILE_FLAG([-Wdate-time],[WARN_CXXFLAGS="$WARN_CXXFLAGS -Wdate-time"],,[[$CXXFLAG_WERROR]]) + AX_CHECK_COMPILE_FLAG([-Wconditional-uninitialized],[WARN_CXXFLAGS="$WARN_CXXFLAGS -Wconditional-uninitialized"],,[[$CXXFLAG_WERROR]]) ## Some compilers (gcc) ignore unknown -Wno-* options, but warn about all ## unknown options if any other warning is produced. Test the -Wfoo case, and diff --git a/src/Makefile.leveldb.include b/src/Makefile.leveldb.include index 833f3d2a10..f4828361fd 100644 --- a/src/Makefile.leveldb.include +++ b/src/Makefile.leveldb.include @@ -30,7 +30,7 @@ LEVELDB_CPPFLAGS_INT += -DLEVELDB_PLATFORM_POSIX endif leveldb_libleveldb_a_CPPFLAGS = $(AM_CPPFLAGS) $(LEVELDB_CPPFLAGS_INT) $(LEVELDB_CPPFLAGS) -leveldb_libleveldb_a_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +leveldb_libleveldb_a_CXXFLAGS = $(filter-out -Wconditional-uninitialized -Werror=conditional-uninitialized, $(AM_CXXFLAGS)) $(PIE_FLAGS) leveldb_libleveldb_a_SOURCES= leveldb_libleveldb_a_SOURCES += leveldb/port/atomic_pointer.h diff --git a/src/random.cpp b/src/random.cpp index c2c1a863bd..61c21f040f 100644 --- a/src/random.cpp +++ b/src/random.cpp @@ -100,7 +100,10 @@ static bool GetHWRand(unsigned char* ent32) { // Not all assemblers support the rdrand instruction, write it in hex. #ifdef __i386__ for (int iter = 0; iter < 4; ++iter) { - uint32_t r1, r2; + // Initialize to 0 to silence a compiler warning that r1 or r2 may be used + // uninitialized. Even if rdrand fails (!ok) it will set the output to 0, + // but there is no way that the compiler could know that. + uint32_t r1 = 0, r2 = 0; __asm__ volatile (".byte 0x0f, 0xc7, 0xf0;" // rdrand %eax ".byte 0x0f, 0xc7, 0xf2;" // rdrand %edx "setc %2" : @@ -110,7 +113,7 @@ static bool GetHWRand(unsigned char* ent32) { WriteLE32(ent32 + 8 * iter + 4, r2); } #else - uint64_t r1, r2, r3, r4; + uint64_t r1 = 0, r2 = 0, r3 = 0, r4 = 0; // See above why we initialize to 0. __asm__ volatile (".byte 0x48, 0x0f, 0xc7, 0xf0, " // rdrand %rax "0x48, 0x0f, 0xc7, 0xf3, " // rdrand %rbx "0x48, 0x0f, 0xc7, 0xf1, " // rdrand %rcx