From: Andrew Morton <akpm@linux-foundation.org>
To: Xi Wang <xi.wang@gmail.com>
Cc: linux-kernel@vger.kernel.org, Jason Baron <jbaron@redhat.com>,
Al Viro <viro@zeniv.linux.org.uk>
Subject: Re: [PATCH RFC] exec: avoid possible undefined behavior in count()
Date: Mon, 7 Jan 2013 13:44:22 -0800 [thread overview]
Message-ID: <20130107134422.038de6f9.akpm@linux-foundation.org> (raw)
In-Reply-To: <1357450145-23964-1-git-send-email-xi.wang@gmail.com>
On Sun, 6 Jan 2013 00:29:05 -0500
Xi Wang <xi.wang@gmail.com> wrote:
> The tricky problem is this check:
>
> if (i++ >= max)
>
> icc (mis)optimizes this check as:
>
> if (++i > max)
>
> The check now becomes a no-op since max is MAX_ARG_STRINGS (0x7FFFFFFF).
>
> This is "allowed" by the C standard, assuming i++ never overflows,
> because signed integer overflow is undefined behavior. This optimization
> effectively reverts the previous commit 362e6663ef ("exec.c, compat.c:
> fix count(), compat_count() bounds checking") that tries to fix the check.
>
> This patch simply moves ++ after the check.
>
> ...
>
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -434,8 +434,9 @@ static int count(struct user_arg_ptr argv, int max)
> if (IS_ERR(p))
> return -EFAULT;
>
> - if (i++ >= max)
> + if (i >= max)
> return -E2BIG;
> + ++i;
>
> if (fatal_signal_pending(current))
> return -ERESTARTNOHAND;
I have no problem working around a compiler bug when the workaround is
so small and simple. For clarity and accuracy I renamed the patch to
"fs/exec.c: work around icc miscompilation".
However I'd also like to be able to add "this bug has been reported to
the icc developers and will be fixed in version X.Y"?
next prev parent reply other threads:[~2013-01-07 21:44 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-06 5:29 [PATCH RFC] exec: avoid possible undefined behavior in count() Xi Wang
2013-01-07 21:44 ` Andrew Morton [this message]
2013-01-16 21:47 ` Xi Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130107134422.038de6f9.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=jbaron@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
--cc=xi.wang@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox