And some are obviously correct... But others would require a lot more understanding of the code to be sure they're correct.
Someone should go through this with a keen eye to check the fixes are actually correct, and aren't just making the fuzzer stop alerting while leaving a more subtle vulnerability open.
Yeah the fact that the kernel has changes like this with such minimal testing is the reason why we see regressions in these kinds of bugs all too often.
That is an odd position when -Wstringop-overflow also highly depends on the optimizer (and will frequently generate false positives!) but not only remains in GCC but is enabled by default (even without any -Wall/-Wextra).
Things like this are why its pays to compile your project with as many compilers as possible (as well as static analysis tools).
And some are obviously correct... But others would require a lot more understanding of the code to be sure they're correct.
Someone should go through this with a keen eye to check the fixes are actually correct, and aren't just making the fuzzer stop alerting while leaving a more subtle vulnerability open.