Module Name: src
Committed By: jmcneill
Date: Mon Aug 29 09:50:04 UTC 2011
Modified Files:
src/sys/dist/pf/net: pf.c pf_ioctl.c pf_norm.c
src/sys/modules/pf: Makefile
src/sys/net: files.pf
Log Message:
build pf module with WARNS=3, and remove the need for -Wno-shadow
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 src/sys/dist/pf/net/pf.c
cvs rdiff -u -r1.43 -r1.44 src/sys/dist/pf/net/pf_ioctl.c
cvs rdiff -u -r1.24 -r1.25 src/sys/dist/pf/net/pf_norm.c
cvs rdiff -u -r1.2 -r1.3 src/sys/modules/pf/Makefile
cvs rdiff -u -r1.5 -r1.6 src/sys/net/files.pf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dist/pf/net/pf.c
diff -u src/sys/dist/pf/net/pf.c:1.65 src/sys/dist/pf/net/pf.c:1.66
--- src/sys/dist/pf/net/pf.c:1.65 Tue May 3 18:28:45 2011
+++ src/sys/dist/pf/net/pf.c Mon Aug 29 09:50:04 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: pf.c,v 1.65 2011/05/03 18:28:45 dyoung Exp $ */
+/* $NetBSD: pf.c,v 1.66 2011/08/29 09:50:04 jmcneill Exp $ */
/* $OpenBSD: pf.c,v 1.552.2.1 2007/11/27 16:37:57 henning Exp $ */
/*
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pf.c,v 1.65 2011/05/03 18:28:45 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pf.c,v 1.66 2011/08/29 09:50:04 jmcneill Exp $");
#include "pflog.h"
@@ -3436,14 +3436,14 @@
(r->rule_flag & PFRULE_RETURN)) &&
!(th->th_flags & TH_RST)) {
u_int32_t ack = ntohl(th->th_seq) + pd->p_len;
- struct ip *h = mtod(m, struct ip *);
+ struct ip *hip = mtod(m, struct ip *);
#ifdef __NetBSD__
if (pf_check_proto_cksum(m, direction, off,
- ntohs(h->ip_len) - off, IPPROTO_TCP, AF_INET))
+ ntohs(hip->ip_len) - off, IPPROTO_TCP, AF_INET))
#else
if (pf_check_proto_cksum(m, off,
- ntohs(h->ip_len) - off, IPPROTO_TCP, AF_INET))
+ ntohs(hip->ip_len) - off, IPPROTO_TCP, AF_INET))
#endif /* !__NetBSD__ */
REASON_SET(&reason, PFRES_PROTCKSUM);
else {
@@ -3877,14 +3877,14 @@
(*state)->src.state = PF_TCPS_PROXY_DST;
}
if ((*state)->src.state == PF_TCPS_PROXY_DST) {
- struct pf_state_host *src, *dst;
+ struct pf_state_host *psrc, *pdst;
if (direction == PF_OUT) {
- src = &(*state)->state_key->gwy;
- dst = &(*state)->state_key->ext;
+ psrc = &(*state)->state_key->gwy;
+ pdst = &(*state)->state_key->ext;
} else {
- src = &(*state)->state_key->ext;
- dst = &(*state)->state_key->lan;
+ psrc = &(*state)->state_key->ext;
+ pdst = &(*state)->state_key->lan;
}
if (direction == (*state)->state_key->direction) {
if (((th->th_flags & (TH_SYN|TH_ACK)) != TH_ACK) ||
@@ -3896,8 +3896,8 @@
(*state)->src.max_win = MAX(ntohs(th->th_win), 1);
if ((*state)->dst.seqhi == 1)
(*state)->dst.seqhi = htonl(arc4random());
- pf_send_tcp((*state)->rule.ptr, pd->af, &src->addr,
- &dst->addr, src->port, dst->port,
+ pf_send_tcp((*state)->rule.ptr, pd->af, &psrc->addr,
+ &pdst->addr, psrc->port, pdst->port,
(*state)->dst.seqhi, 0, TH_SYN, 0,
(*state)->src.mss, 0, 0, (*state)->tag, NULL, NULL);
REASON_SET(reason, PFRES_SYNPROXY);
@@ -3915,8 +3915,8 @@
ntohl(th->th_ack), ntohl(th->th_seq) + 1,
TH_ACK, (*state)->src.max_win, 0, 0, 0,
(*state)->tag, NULL, NULL);
- pf_send_tcp((*state)->rule.ptr, pd->af, &src->addr,
- &dst->addr, src->port, dst->port,
+ pf_send_tcp((*state)->rule.ptr, pd->af, &psrc->addr,
+ &pdst->addr, psrc->port, pdst->port,
(*state)->src.seqhi + 1, (*state)->src.seqlo + 1,
TH_ACK, (*state)->dst.max_win, 0, 0, 1,
0, NULL, NULL);
Index: src/sys/dist/pf/net/pf_ioctl.c
diff -u src/sys/dist/pf/net/pf_ioctl.c:1.43 src/sys/dist/pf/net/pf_ioctl.c:1.44
--- src/sys/dist/pf/net/pf_ioctl.c:1.43 Wed Jan 19 19:58:02 2011
+++ src/sys/dist/pf/net/pf_ioctl.c Mon Aug 29 09:50:04 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: pf_ioctl.c,v 1.43 2011/01/19 19:58:02 drochner Exp $ */
+/* $NetBSD: pf_ioctl.c,v 1.44 2011/08/29 09:50:04 jmcneill Exp $ */
/* $OpenBSD: pf_ioctl.c,v 1.182 2007/06/24 11:17:13 mcbride Exp $ */
/*
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pf_ioctl.c,v 1.43 2011/01/19 19:58:02 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pf_ioctl.c,v 1.44 2011/08/29 09:50:04 jmcneill Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1370,7 +1370,6 @@
struct pfioc_rule *pr = (struct pfioc_rule *)addr;
struct pf_ruleset *ruleset;
struct pf_rule *rule, *tail;
- struct pf_pooladdr *pa;
int rs_num;
pr->anchor[sizeof(pr->anchor) - 1] = 0;
@@ -1830,20 +1829,20 @@
}
case DIOCCLRSTATES: {
- struct pf_state *s, *nexts;
+ struct pf_state *ps, *nexts;
struct pfioc_state_kill *psk = (struct pfioc_state_kill *)addr;
int killed = 0;
- for (s = RB_MIN(pf_state_tree_id, &tree_id); s; s = nexts) {
- nexts = RB_NEXT(pf_state_tree_id, &tree_id, s);
+ for (ps = RB_MIN(pf_state_tree_id, &tree_id); ps; ps = nexts) {
+ nexts = RB_NEXT(pf_state_tree_id, &tree_id, ps);
if (!psk->psk_ifname[0] || !strcmp(psk->psk_ifname,
- s->kif->pfik_name)) {
+ ps->kif->pfik_name)) {
#if NPFSYNC
/* don't send out individual delete messages */
- s->sync_flags = PFSTATE_NOSYNC;
+ ps->sync_flags = PFSTATE_NOSYNC;
#endif
- pf_unlink_state(s);
+ pf_unlink_state(ps);
killed++;
}
}
@@ -1855,16 +1854,16 @@
}
case DIOCKILLSTATES: {
- struct pf_state *s, *nexts;
+ struct pf_state *ps, *nexts;
struct pf_state_key *sk;
struct pf_state_host *src, *dst;
struct pfioc_state_kill *psk = (struct pfioc_state_kill *)addr;
int killed = 0;
- for (s = RB_MIN(pf_state_tree_id, &tree_id); s;
- s = nexts) {
- nexts = RB_NEXT(pf_state_tree_id, &tree_id, s);
- sk = s->state_key;
+ for (ps = RB_MIN(pf_state_tree_id, &tree_id); ps;
+ ps = nexts) {
+ nexts = RB_NEXT(pf_state_tree_id, &tree_id, ps);
+ sk = ps->state_key;
if (sk->direction == PF_OUT) {
src = &sk->lan;
@@ -1893,13 +1892,13 @@
psk->psk_dst.port[0], psk->psk_dst.port[1],
dst->port)) &&
(!psk->psk_ifname[0] || !strcmp(psk->psk_ifname,
- s->kif->pfik_name))) {
+ ps->kif->pfik_name))) {
#if NPFSYNC > 0
/* send immediate delete of state */
- pfsync_delete_state(s);
- s->sync_flags |= PFSTATE_NOSYNC;
+ pfsync_delete_state(ps);
+ ps->sync_flags |= PFSTATE_NOSYNC;
#endif
- pf_unlink_state(s);
+ pf_unlink_state(ps);
killed++;
}
}
@@ -1945,22 +1944,22 @@
case DIOCGETSTATE: {
struct pfioc_state *ps = (struct pfioc_state *)addr;
- struct pf_state *s;
+ struct pf_state *pfs;
u_int32_t nr;
nr = 0;
- RB_FOREACH(s, pf_state_tree_id, &tree_id) {
+ RB_FOREACH(pfs, pf_state_tree_id, &tree_id) {
if (nr >= ps->nr)
break;
nr++;
}
- if (s == NULL) {
+ if (pfs == NULL) {
error = EBUSY;
break;
}
pf_state_export((struct pfsync_state *)&ps->state,
- s->state_key, s);
+ pfs->state_key, pfs);
break;
}
@@ -2006,9 +2005,9 @@
}
case DIOCGETSTATUS: {
- struct pf_status *s = (struct pf_status *)addr;
- bcopy(&pf_status, s, sizeof(struct pf_status));
- pfi_fill_oldstatus(s);
+ struct pf_status *ps = (struct pf_status *)addr;
+ bcopy(&pf_status, ps, sizeof(struct pf_status));
+ pfi_fill_oldstatus(ps);
break;
}
@@ -3136,7 +3135,7 @@
case DIOCKILLSRCNODES: {
struct pf_src_node *sn;
- struct pf_state *s;
+ struct pf_state *ps;
struct pfioc_src_node_kill *psnk = \
(struct pfioc_src_node_kill *) addr;
int killed = 0;
@@ -3152,12 +3151,12 @@
&sn->raddr, sn->af)) {
/* Handle state to src_node linkage */
if (sn->states != 0) {
- RB_FOREACH(s, pf_state_tree_id,
+ RB_FOREACH(ps, pf_state_tree_id,
&tree_id) {
- if (s->src_node == sn)
- s->src_node = NULL;
- if (s->nat_src_node == sn)
- s->nat_src_node = NULL;
+ if (ps->src_node == sn)
+ ps->src_node = NULL;
+ if (ps->nat_src_node == sn)
+ ps->nat_src_node = NULL;
}
sn->states = 0;
}
@@ -3174,12 +3173,12 @@
}
case DIOCSETHOSTID: {
- u_int32_t *hostid = (u_int32_t *)addr;
+ u_int32_t *hid = (u_int32_t *)addr;
- if (*hostid == 0)
+ if (*hid == 0)
pf_status.hostid = arc4random();
else
- pf_status.hostid = *hostid;
+ pf_status.hostid = *hid;
break;
}
Index: src/sys/dist/pf/net/pf_norm.c
diff -u src/sys/dist/pf/net/pf_norm.c:1.24 src/sys/dist/pf/net/pf_norm.c:1.25
--- src/sys/dist/pf/net/pf_norm.c:1.24 Fri Jul 1 02:33:23 2011
+++ src/sys/dist/pf/net/pf_norm.c Mon Aug 29 09:50:04 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: pf_norm.c,v 1.24 2011/07/01 02:33:23 mrg Exp $ */
+/* $NetBSD: pf_norm.c,v 1.25 2011/08/29 09:50:04 jmcneill Exp $ */
/* $OpenBSD: pf_norm.c,v 1.109 2007/05/28 17:16:39 henning Exp $ */
/*
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pf_norm.c,v 1.24 2011/07/01 02:33:23 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pf_norm.c,v 1.25 2011/08/29 09:50:04 jmcneill Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -365,7 +365,7 @@
int hlen = ip->ip_hl << 2;
u_int16_t off = (ntohs(ip->ip_off) & IP_OFFMASK) << 3;
u_int16_t ip_len = ntohs(ip->ip_len) - ip->ip_hl * 4;
- u_int16_t max = ip_len + off;
+ u_int16_t frmax = ip_len + off;
KASSERT(*frag == NULL || BUFFER_FRAGMENTS(*frag));
@@ -459,8 +459,8 @@
insert:
/* Update maximum data size */
- if ((*frag)->fr_max < max)
- (*frag)->fr_max = max;
+ if ((*frag)->fr_max < frmax)
+ (*frag)->fr_max = frmax;
/* This is the last segment */
if (!mff)
(*frag)->fr_flags |= PFFRAG_SEENLAST;
@@ -564,7 +564,7 @@
struct pf_frcache *frp, *fra, *cur = NULL;
int ip_len = ntohs(h->ip_len) - (h->ip_hl << 2);
u_int16_t off = ntohs(h->ip_off) << 3;
- u_int16_t max = ip_len + off;
+ u_int16_t frmax = ip_len + off;
int hosed = 0;
KASSERT(*frag == NULL || !BUFFER_FRAGMENTS(*frag));
@@ -597,14 +597,14 @@
(*frag)->fr_timeout = time_second;
cur->fr_off = off;
- cur->fr_end = max;
+ cur->fr_end = frmax;
LIST_INIT(&(*frag)->fr_cache);
LIST_INSERT_HEAD(&(*frag)->fr_cache, cur, fr_next);
RB_INSERT(pf_frag_tree, &pf_cache_tree, *frag);
TAILQ_INSERT_HEAD(&pf_cachequeue, *frag, frag_next);
- DPFPRINTF(("fragcache[%d]: new %d-%d\n", h->ip_id, off, max));
+ DPFPRINTF(("fragcache[%d]: new %d-%d\n", h->ip_id, off, frmax));
goto pass;
}
@@ -629,14 +629,14 @@
if (precut >= ip_len) {
/* Fragment is entirely a duplicate */
DPFPRINTF(("fragcache[%d]: dead (%d-%d) %d-%d\n",
- h->ip_id, frp->fr_off, frp->fr_end, off, max));
+ h->ip_id, frp->fr_off, frp->fr_end, off, frmax));
goto drop_fragment;
}
if (precut == 0) {
/* They are adjacent. Fixup cache entry */
DPFPRINTF(("fragcache[%d]: adjacent (%d-%d) %d-%d\n",
- h->ip_id, frp->fr_off, frp->fr_end, off, max));
- frp->fr_end = max;
+ h->ip_id, frp->fr_off, frp->fr_end, off, frmax));
+ frp->fr_end = frmax;
} else if (precut > 0) {
/* The first part of this payload overlaps with a
* fragment that has already been passed.
@@ -647,12 +647,12 @@
DPFPRINTF(("fragcache[%d]: chop %d (%d-%d) %d-%d\n",
h->ip_id, precut, frp->fr_off, frp->fr_end, off,
- max));
+ frmax));
off += precut;
- max -= precut;
+ frmax -= precut;
/* Update the previous frag to encompass this one */
- frp->fr_end = max;
+ frp->fr_end = frmax;
if (!drop) {
/* XXX Optimization opportunity
@@ -694,7 +694,7 @@
DPFPRINTF(("fragcache[%d]: gap %d (%d-%d) %d-%d\n",
h->ip_id, -precut, frp->fr_off, frp->fr_end, off,
- max));
+ frmax));
cur = pool_get(&pf_cent_pl, PR_NOWAIT);
if (cur == NULL)
@@ -702,7 +702,7 @@
pf_ncache++;
cur->fr_off = off;
- cur->fr_end = max;
+ cur->fr_end = frmax;
LIST_INSERT_AFTER(frp, cur, fr_next);
}
}
@@ -711,20 +711,20 @@
int aftercut;
int merge = 0;
- aftercut = max - fra->fr_off;
+ aftercut = frmax - fra->fr_off;
if (aftercut == 0) {
/* Adjacent fragments */
DPFPRINTF(("fragcache[%d]: adjacent %d-%d (%d-%d)\n",
- h->ip_id, off, max, fra->fr_off, fra->fr_end));
+ h->ip_id, off, frmax, fra->fr_off, fra->fr_end));
fra->fr_off = off;
merge = 1;
} else if (aftercut > 0) {
/* Need to chop off the tail of this fragment */
DPFPRINTF(("fragcache[%d]: chop %d %d-%d (%d-%d)\n",
- h->ip_id, aftercut, off, max, fra->fr_off,
+ h->ip_id, aftercut, off, frmax, fra->fr_off,
fra->fr_end));
fra->fr_off = off;
- max -= aftercut;
+ frmax -= aftercut;
merge = 1;
@@ -747,7 +747,7 @@
} else if (frp == NULL) {
/* There is a gap between fragments */
DPFPRINTF(("fragcache[%d]: gap %d %d-%d (%d-%d)\n",
- h->ip_id, -aftercut, off, max, fra->fr_off,
+ h->ip_id, -aftercut, off, frmax, fra->fr_off,
fra->fr_end));
cur = pool_get(&pf_cent_pl, PR_NOWAIT);
@@ -756,7 +756,7 @@
pf_ncache++;
cur->fr_off = off;
- cur->fr_end = max;
+ cur->fr_end = frmax;
LIST_INSERT_BEFORE(fra, cur, fr_next);
}
@@ -768,7 +768,7 @@
DPFPRINTF(("fragcache[%d]: adjacent(merge "
"%d-%d) %d-%d (%d-%d)\n",
h->ip_id, cur->fr_off, cur->fr_end, off,
- max, fra->fr_off, fra->fr_end));
+ frmax, fra->fr_off, fra->fr_end));
fra->fr_off = cur->fr_off;
LIST_REMOVE(cur, fr_next);
pool_put(&pf_cent_pl, cur);
@@ -781,7 +781,7 @@
DPFPRINTF(("fragcache[%d]: adjacent(merge "
"%d-%d) %d-%d (%d-%d)\n",
h->ip_id, frp->fr_off, frp->fr_end, off,
- max, fra->fr_off, fra->fr_end));
+ frmax, fra->fr_off, fra->fr_end));
fra->fr_off = frp->fr_off;
LIST_REMOVE(frp, fr_next);
pool_put(&pf_cent_pl, frp);
@@ -804,8 +804,8 @@
pass:
/* Update maximum data size */
- if ((*frag)->fr_max < max)
- (*frag)->fr_max = max;
+ if ((*frag)->fr_max < frmax)
+ (*frag)->fr_max = frmax;
/* This is the last segment */
if (!mff)
@@ -864,7 +864,7 @@
int mff = (ntohs(h->ip_off) & IP_MF);
int hlen = h->ip_hl << 2;
u_int16_t fragoff = (ntohs(h->ip_off) & IP_OFFMASK) << 3;
- u_int16_t max;
+ u_int16_t frmax;
int ip_len;
int ip_off;
@@ -907,10 +907,10 @@
/* Clear IP_DF if the rule uses the no-df option */
if (r->rule_flag & PFRULE_NODF && h->ip_off & htons(IP_DF)) {
- u_int16_t ip_off = h->ip_off;
+ u_int16_t off = h->ip_off;
h->ip_off &= htons(~IP_DF);
- h->ip_sum = pf_cksum_fixup(h->ip_sum, ip_off, h->ip_off, 0);
+ h->ip_sum = pf_cksum_fixup(h->ip_sum, off, h->ip_off, 0);
}
/* We will need other tests here */
@@ -940,7 +940,7 @@
DPFPRINTF(("max packet %d\n", fragoff + ip_len));
goto bad;
}
- max = fragoff + ip_len;
+ frmax = fragoff + ip_len;
if ((r->rule_flag & (PFRULE_FRAGCROP|PFRULE_FRAGDROP)) == 0) {
/* Fully buffer all of the fragments */
@@ -949,7 +949,7 @@
/* Check if we saw the last fragment already */
if (frag != NULL && (frag->fr_flags & PFFRAG_SEENLAST) &&
- max > frag->fr_max)
+ frmax > frag->fr_max)
goto bad;
/* Get an entry for the fragment queue */
@@ -963,7 +963,7 @@
frent->fr_m = m;
/* Might return a completely reassembled mbuf, or NULL */
- DPFPRINTF(("reass frag %d @ %d-%d\n", h->ip_id, fragoff, max));
+ DPFPRINTF(("reass frag %d @ %d-%d\n", h->ip_id, fragoff, frmax));
*m0 = m = pf_reassemble(m0, &frag, frent, mff);
if (m == NULL)
@@ -997,7 +997,7 @@
/* Check if we saw the last fragment already */
if (frag != NULL && (frag->fr_flags & PFFRAG_SEENLAST) &&
- max > frag->fr_max) {
+ frmax > frag->fr_max) {
if (r->rule_flag & PFRULE_FRAGDROP)
frag->fr_flags |= PFFRAG_DROP;
goto bad;
@@ -1029,10 +1029,10 @@
no_fragment:
/* At this point, only IP_DF is allowed in ip_off */
if (h->ip_off & ~htons(IP_DF)) {
- u_int16_t ip_off = h->ip_off;
+ u_int16_t off = h->ip_off;
h->ip_off &= htons(IP_DF);
- h->ip_sum = pf_cksum_fixup(h->ip_sum, ip_off, h->ip_off, 0);
+ h->ip_sum = pf_cksum_fixup(h->ip_sum, off, h->ip_off, 0);
}
/* Enforce a minimum ttl, may cause endless packet loops */
@@ -1044,10 +1044,10 @@
}
if (r->rule_flag & PFRULE_RANDOMID) {
- u_int16_t ip_id = h->ip_id;
+ u_int16_t id = h->ip_id;
h->ip_id = ip_randomid(ip_ids, 0);
- h->ip_sum = pf_cksum_fixup(h->ip_sum, ip_id, h->ip_id, 0);
+ h->ip_sum = pf_cksum_fixup(h->ip_sum, id, h->ip_id, 0);
}
if ((r->rule_flag & (PFRULE_FRAGCROP|PFRULE_FRAGDROP)) == 0)
pd->flags |= PFDESC_IP_REAS;
Index: src/sys/modules/pf/Makefile
diff -u src/sys/modules/pf/Makefile:1.2 src/sys/modules/pf/Makefile:1.3
--- src/sys/modules/pf/Makefile:1.2 Sun Aug 28 15:40:50 2011
+++ src/sys/modules/pf/Makefile Mon Aug 29 09:50:04 2011
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.2 2011/08/28 15:40:50 jmcneill Exp $
+# $NetBSD: Makefile,v 1.3 2011/08/29 09:50:04 jmcneill Exp $
.include "../Makefile.inc"
.PATH: ${S}/dist/pf/net ${S}/dist/pf/netinet
KMOD= pf
-WARNS= 1
SRCS= if_compat.c
SRCS+= if_pflog.c
Index: src/sys/net/files.pf
diff -u src/sys/net/files.pf:1.5 src/sys/net/files.pf:1.6
--- src/sys/net/files.pf:1.5 Mon Sep 14 10:36:50 2009
+++ src/sys/net/files.pf Mon Aug 29 09:50:04 2011
@@ -1,4 +1,4 @@
-# $NetBSD: files.pf,v 1.5 2009/09/14 10:36:50 degroote Exp $
+# $NetBSD: files.pf,v 1.6 2011/08/29 09:50:04 jmcneill Exp $
defpseudo pf: ifnet
defpseudo pflog: ifnet
@@ -20,7 +20,3 @@
file dist/pf/netinet/tcp_rndiss.c pf
makeoptions pf CPPFLAGS+="-I$S/dist/pf"
-
-makeoptions pf "CWARNFLAGS.pf.c"+="-Wno-shadow"
-makeoptions pf "CWARNFLAGS.pf_ioctl.c"+="-Wno-shadow"
-makeoptions pf "CWARNFLAGS.pf_norm.c"+="-Wno-shadow"
