On Thu, Mar 22, 2018 at 8:01 AM, Kees Cook wrote:
>
> Seems like it doesn't like void * arguments:
Yeah, that was discussed separately, I just didn't realize we had any
such users.
As David said, just adding a (long) cast to it should be fine, ie
#define __is_constant(a) \
(sizeof(in
From: Kees Cook
> Sent: 22 March 2018 15:01
...
> > /* Glory to Martin Uecker */
> > #define __is_constant(a) \
> > (sizeof(int) == sizeof(*(1 ? ((void*)((a) * 0l)) : (int*)1)))
...
> So, this time it's not a catastrophic failure with gcc 4.4. Instead it
> fails in 11 distinct places:
On Tue, Mar 20, 2018 at 4:23 PM, Linus Torvalds
wrote:
> On Sat, Mar 17, 2018 at 1:07 PM, Kees Cook wrote:
>>
>> No luck! :( gcc 4.4 refuses to play along. And, hilariously, not only
>> does it not change the complaint about __builtin_choose_expr(), it
>> also thinks that's a VLA now.
>
> Hmm. So
On Tue, Mar 20, 2018 at 04:26:52PM -0700, Linus Torvalds wrote:
> On Tue, Mar 20, 2018 at 4:23 PM, Linus Torvalds
> wrote:
> >
> > Hmm. So thanks to the diseased mind of Martin Uecker, there's a better
> > test for "__is_constant()":
> >
> > /* Glory to Martin Uecker */
> > #define __is_const
On Tue, Mar 20, 2018 at 4:23 PM, Linus Torvalds
wrote:
>
> Hmm. So thanks to the diseased mind of Martin Uecker, there's a better
> test for "__is_constant()":
>
> /* Glory to Martin Uecker */
> #define __is_constant(a) \
> (sizeof(int) == sizeof(*(1 ? ((void*)((a) * 0l)) : (int*)1)))
On Sat, Mar 17, 2018 at 1:07 PM, Kees Cook wrote:
>
> No luck! :( gcc 4.4 refuses to play along. And, hilariously, not only
> does it not change the complaint about __builtin_choose_expr(), it
> also thinks that's a VLA now.
Hmm. So thanks to the diseased mind of Martin Uecker, there's a better
t
On Tue, Mar 20, 2018 at 7:29 AM, Linus Torvalds
wrote:
> On Mon, Mar 19, 2018 at 2:43 AM, David Laight wrote:
>>
>> Is it necessary to have the full checks for old versions of gcc?
>>
>> Even -Wvla could be predicated on very recent gcc - since we aren't
>> worried about whether gcc decides to ge
On Mon, Mar 19, 2018 at 2:43 AM, David Laight wrote:
>
> Is it necessary to have the full checks for old versions of gcc?
>
> Even -Wvla could be predicated on very recent gcc - since we aren't
> worried about whether gcc decides to generate a vla, but whether
> the source requests one.
You are c
From: linus...@gmail.com [mailto:linus...@gmail.com] On Behalf Of Linus Torvalds
> Sent: 18 March 2018 23:36
...
>
> Yeah, and since we're in the situation that *new* gcc versions work
> for us anyway, and we only have issues with older gcc's (that sadly
> people still use), even if there was a ne
On Sun, Mar 18, 2018 at 3:59 PM, Rasmus Villemoes
wrote:
>
> OK, I missed where this was made about side effects of x and y
We never made it explicit, since all we really cared about in the end
is the constantness.
But yes:
> but I suppose the idea was to use
>
> no_side_effects(x) && no_side
On 2018-03-18 22:33, Linus Torvalds wrote:
> On Sun, Mar 18, 2018 at 2:13 PM, Rasmus Villemoes
> wrote:
>> On 2018-03-17 19:52, Linus Torvalds wrote:
>>>
>>> Ok, so it really looks like that same "__builtin_constant_p() doesn't
>>> return a constant".
>>>
>>> Which is really odd, but there you hav
On Sun, Mar 18, 2018 at 2:13 PM, Rasmus Villemoes
wrote:
> On 2018-03-17 19:52, Linus Torvalds wrote:
>>
>> Ok, so it really looks like that same "__builtin_constant_p() doesn't
>> return a constant".
>>
>> Which is really odd, but there you have it.
>
> Not really. We do rely on builtin_constant_
On 2018-03-17 19:52, Linus Torvalds wrote:
> On Sat, Mar 17, 2018 at 12:27 AM, Kees Cook wrote:
>>
>> Unfortunately my 4.4 test fails quickly:
>>
>> ./include/linux/jiffies.h: In function ‘jiffies_delta_to_clock_t’:
>> ./include/linux/jiffies.h:444: error: first argument to
>> ‘__builtin_choose_ex
On Sat, Mar 17, 2018 at 01:07:32PM -0700, Kees Cook wrote:
> On Sat, Mar 17, 2018 at 11:52 AM, Linus Torvalds
> wrote:
> > So the above is completely insane, bit there is actually a chance that
> > using that completely crazy "x -> sizeof(char[x])" conversion actually
> > helps, because it really
On Sat, Mar 17, 2018 at 11:52 AM, Linus Torvalds
wrote:
> So the above is completely insane, bit there is actually a chance that
> using that completely crazy "x -> sizeof(char[x])" conversion actually
> helps, because it really does have a (very odd) evaluation-time
> change. sizeof() has to be
On Sat, Mar 17, 2018 at 12:27 AM, Kees Cook wrote:
>
> Unfortunately my 4.4 test fails quickly:
>
> ./include/linux/jiffies.h: In function ‘jiffies_delta_to_clock_t’:
> ./include/linux/jiffies.h:444: error: first argument to
> ‘__builtin_choose_expr’ not a constant
Ok, so it really looks like tha
On Fri, Mar 16, 2018 at 12:27 PM, Linus Torvalds
wrote:
> Kees - is there some online "gcc-4.4 checker" somewhere? This does
> seem to work with my gcc. I actually tested some of those files you
> pointed at now.
Unfortunately my 4.4 test fails quickly:
./include/linux/jiffies.h: In function ‘ji
On Fri, Mar 16, 2018 at 9:14 PM, Linus Torvalds
wrote:
> On Fri, Mar 16, 2018 at 1:03 PM, Miguel Ojeda
> wrote:
>>>
>>> Kees - is there some online "gcc-4.4 checker" somewhere? This does
>>> seem to work with my gcc. I actually tested some of those files you
>>> pointed at now.
>>
>> I use this o
On Fri, Mar 16, 2018 at 9:14 PM, Linus Torvalds
wrote:
> On Fri, Mar 16, 2018 at 1:03 PM, Miguel Ojeda
> wrote:
>>>
>>> Kees - is there some online "gcc-4.4 checker" somewhere? This does
>>> seem to work with my gcc. I actually tested some of those files you
>>> pointed at now.
>>
>> I use this o
On Fri, Mar 16, 2018 at 10:44 AM, David Laight wrote:
>
> I looked at the generated code for one of the constant sized VLA that
> the compiler barfed at.
> It seemed to subtract constants from %sp separately for the VLA.
> So it looks like the compiler treats them as VLA even though it
> knows the
On Fri, Mar 16, 2018 at 1:14 PM, Linus Torvalds
wrote:
>
> It does not work with gcc-4.1.x, but works with gcc-4.4.x.
>
> I can't seem to see the errors any way, I wonder if
> __builtin_choose_expr() simply didn't exist back then.
No, that goes further back.
It seems to be -Wvla itself that does
On Fri, Mar 16, 2018 at 01:15:27PM -0700, Linus Torvalds wrote:
> On Fri, Mar 16, 2018 at 1:12 PM, Al Viro wrote:
> >
> > That's C99, straight from N1256.pdf (C99-TC3)...
>
> I checked C90, since the error is
>
>ISO C90 forbids variable length array
>
> and I didn't see anything there.
Wel
On Fri, Mar 16, 2018 at 1:12 PM, Al Viro wrote:
>
> That's C99, straight from N1256.pdf (C99-TC3)...
I checked C90, since the error is
ISO C90 forbids variable length array
and I didn't see anything there.
Admittedly I only found a draft copy.
Linus
On Fri, Mar 16, 2018 at 1:03 PM, Miguel Ojeda
wrote:
>>
>> Kees - is there some online "gcc-4.4 checker" somewhere? This does
>> seem to work with my gcc. I actually tested some of those files you
>> pointed at now.
>
> I use this one:
>
> https://godbolt.org/
Well, my *test* code works on that
On Fri, Mar 16, 2018 at 12:27:23PM -0700, Linus Torvalds wrote:
> But it sure isn't "variable" either as far as the standard is
> concerned, because the standard doesn't even have that concept (it
> uses "variable" for argument numbers and for variables).
Huh? 6.7.5.2p4:
If the size is not pres
On Fri, Mar 16, 2018 at 8:27 PM, Linus Torvalds
wrote:
> On Fri, Mar 16, 2018 at 10:55 AM, Al Viro wrote:
>>
>> That's not them, that's C standard regarding ICE.
>
> Yes. The C standard talks about "integer constant expression". I know.
> It's come up in this very thread before.
>
> The C standar
On Fri, Mar 16, 2018 at 10:55 AM, Al Viro wrote:
>
> That's not them, that's C standard regarding ICE.
Yes. The C standard talks about "integer constant expression". I know.
It's come up in this very thread before.
The C standard at no point talks about - or forbids - "variable length
arrays". T
On Fri, Mar 16, 2018 at 05:55:02PM +, Al Viro wrote:
> On Fri, Mar 16, 2018 at 10:29:16AM -0700, Linus Torvalds wrote:
> >t.c: In function ‘test’:
> >t.c:6:6: error: argument to variable-length array is too large
> > [-Werror=vla-larger-than=]
> > int array[(1,100)];
> >
> > Gcc p
On Fri, Mar 16, 2018 at 10:29:16AM -0700, Linus Torvalds wrote:
>t.c: In function ‘test’:
>t.c:6:6: error: argument to variable-length array is too large
> [-Werror=vla-larger-than=]
> int array[(1,100)];
>
> Gcc people are crazy.
That's not them, that's C standard regarding ICE. 1,
From: Linus Torvalds
> Sent: 16 March 2018 17:29
> On Fri, Mar 16, 2018 at 4:47 AM, Florian Weimer wrote:
> >
> > If you want to catch stack frames which have unbounded size,
> > -Werror=stack-usage=1000 or -Werror=vla-larger-than=1000 (with the constant
> > adjusted as needed) might be the better
On 03/16/2018 06:29 PM, Linus Torvalds wrote:
Gcc people are crazy.
End of discussion from me. This is not acceptable.
Florian
On Fri, Mar 16, 2018 at 4:47 AM, Florian Weimer wrote:
>
> If you want to catch stack frames which have unbounded size,
> -Werror=stack-usage=1000 or -Werror=vla-larger-than=1000 (with the constant
> adjusted as needed) might be the better approach.
No, we want to catch *variable* stack sizes.
D
On 03/16/2018 05:25 AM, Kees Cook wrote:
In the effort to remove all VLAs from the kernel[1], it is desirable to
build with -Wvla. However, this warning is overly pessimistic, in that
it is only happy with stack array sizes that are declared as constant
expressions, and not constant values. One c
Patch 1 adds const_max_t(), patch 2 uses it in all the places max()
was used for stack arrays. Commit log from patch 1:
---snip---
kernel.h: Introduce const_max_t() for VLA removal
In the effort to remove all VLAs from the kernel[1], it is desirable to
build with -Wvla. However, this warning is o
34 matches
Mail list logo
