On Tue, 24 Nov 2020, Kees Cook wrote:
On Mon, Nov 23, 2020 at 08:31:30AM -0800, James Bottomley wrote:
Really, no ... something which produces no improvement has no value at all ... we really shouldn't be wasting maintainer time with it because it has a cost to merge. I'm not sure we understand where the balance lies in value vs cost to merge but I am confident in the zero value case.
What? We can't measure how many future bugs aren't introduced because the kernel requires explicit case flow-control statements for all new code.
These statements are not "missing" unless you presume that code written before the latest de facto language spec was written should somehow be held to that spec.
If the 'fallthrough' statement is not part of the latest draft spec then we should ask why not before we embrace it. Being that the kernel still prefers -std=gnu89 you might want to consider what has prevented -std=gnu99 or -std=gnu2x etc.
We already enable -Wimplicit-fallthrough globally, so that's not the discussion. The issue is that Clang is (correctly) even more strict than GCC for this, so these are the remaining ones to fix for full Clang coverage too.
Seems to me you should be patching the compiler.
When you have consensus among the language lawyers you'll have more credibility with those being subjected to enforcement.