From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Florian Weimer <fweimer@redhat.com>,
Kees Cook <keescook@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Randy Dunlap <rdunlap@infradead.org>,
Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>,
Ingo Molnar <mingo@kernel.org>,
David Laight <David.Laight@aculab.com>,
Ian Abbott <abbotti@mev.co.uk>,
linux-input <linux-input@vger.kernel.org>,
linux-btrfs <linux-btrfs@vger.kernel.org>,
Network Development <netdev@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Kernel Hardening <kernel-hardening@lists.openwall.com>
Subject: Re: [PATCH v5 0/2] Remove false-positive VLAs when using max()
Date: Fri, 16 Mar 2018 17:55:02 +0000 [thread overview]
Message-ID: <20180316175502.GE30522@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFx92dXg-qnrjGS2Rsna6TE5HSPBgGpSA3cv4n_n3RqBzA@mail.gmail.com>
On Fri, Mar 16, 2018 at 10:29:16AM -0700, Linus Torvalds wrote:
> t.c: In function ‘test’:
> t.c:6:6: error: argument to variable-length array is too large
> [-Werror=vla-larger-than=]
> int array[(1,100)];
>
> Gcc people are crazy.
That's not them, that's C standard regarding ICE. 1,100 is *not* a
constant expression as far as the standard is concerned, and that
type is actually a VLA with the size that can be optimized into
a compiler-calculated value.
Would you argue that in
void foo(char c)
{
int a[(c<<1) + 10 - c + 2 - c];
a is not a VLA? Sure, compiler probably would be able to reduce
that expression to 12, but demanding that to be recognized means
that compiler must do a bunch of optimizations in the middle of
typechecking.
expr, constant_expression is not a constant_expression. And in
this particular case the standard is not insane - the only reason
for using that is typechecking and _that_ can be achieved without
violating 6.6p6:
sizeof(expr,0) * 0 + ICE
*is* an integer constant expression, and it gives you exact same
typechecking. So if somebody wants to play odd games, they can
do that just fine, without complicating the logics for compilers...
next prev parent reply other threads:[~2018-03-16 17:55 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-16 4:25 [PATCH v5 0/2] Remove false-positive VLAs when using max() Kees Cook
2018-03-16 4:25 ` [PATCH v5 1/2] kernel.h: Introduce const_max_t() for VLA removal Kees Cook
2018-03-16 4:25 ` [PATCH v5 2/2] Remove false-positive VLAs when using max() Kees Cook
2018-03-19 10:45 ` Andrey Ryabinin
2018-03-16 11:47 ` [PATCH v5 0/2] " Florian Weimer
2018-03-16 17:29 ` Linus Torvalds
2018-03-16 17:32 ` Florian Weimer
2018-03-16 17:44 ` David Laight
2018-03-16 20:25 ` Linus Torvalds
2018-03-16 17:55 ` Al Viro [this message]
2018-03-16 18:14 ` Al Viro
2018-03-16 19:27 ` Linus Torvalds
2018-03-16 20:03 ` Miguel Ojeda
2018-03-16 20:14 ` Linus Torvalds
2018-03-16 20:19 ` Linus Torvalds
2018-03-17 0:48 ` Miguel Ojeda
2018-03-17 1:49 ` Miguel Ojeda
2018-03-16 20:12 ` Al Viro
2018-03-16 20:15 ` Linus Torvalds
2018-03-16 20:18 ` Al Viro
2018-03-17 7:27 ` Kees Cook
2018-03-17 18:52 ` Linus Torvalds
2018-03-17 20:07 ` Kees Cook
2018-03-17 22:55 ` Josh Poimboeuf
2018-03-20 23:23 ` Linus Torvalds
2018-03-20 23:26 ` Linus Torvalds
2018-03-21 0:05 ` Al Viro
2018-03-22 15:01 ` Kees Cook
2018-03-22 15:13 ` David Laight
2018-03-22 17:04 ` Linus Torvalds
2018-03-18 21:13 ` Rasmus Villemoes
2018-03-18 21:33 ` Linus Torvalds
2018-03-18 22:59 ` Rasmus Villemoes
2018-03-18 23:36 ` Linus Torvalds
2018-03-19 9:43 ` David Laight
2018-03-19 23:29 ` Linus Torvalds
2018-03-20 3:10 ` Arnd Bergmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180316175502.GE30522@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=David.Laight@aculab.com \
--cc=abbotti@mev.co.uk \
--cc=akpm@linux-foundation.org \
--cc=fweimer@redhat.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-input@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=miguel.ojeda.sandonis@gmail.com \
--cc=mingo@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=rdunlap@infradead.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).