lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070627140636.GT21478@ftp.linux.org.uk>
Date:	Wed, 27 Jun 2007 15:06:36 +0100
From:	Al Viro <viro@....linux.org.uk>
To:	Neil Booth <neil@...kokuya.co.uk>
Cc:	Josh Triplett <josh@...edesktop.org>,
	Segher Boessenkool <segher@...nel.crashing.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, linux-sparse@...r.kernel.org
Subject: Re: [PATCH 16/16] fix handling of integer constant expressions

On Wed, Jun 27, 2007 at 10:35:46PM +0900, Neil Booth wrote:
> Al Viro wrote:-
> 
> > 
> > Son of a...  expand_comma() cannibalizes the node, should restore ->flags
> > to 0 (same as other similar suckers).
> > 
> > > struct c { unsigned int c1: 1 ? 2: a++; };
> > 
> > Ditto for expand_conditional, but there we should preserve the original
> > ->flags instead - might be non-zero and we ought to do that after
> > expanding the taken branch...
> > 
> > From: Al Viro <viro@...iv.linux.org.uk>
> > Date: Wed, 27 Jun 2007 09:10:54 -0400
> > Subject: [PATCH] fix the missed cannibalizing simplifications
> > 
> > Signed-off-by: Al Viro <viro@...iv.linux.org.uk>
> 
> Now I think I only see one class of issues; the following is valid
> C99 (I believe that's what you intend to follow) but being rejected:
> 
>    struct a { int comma: 1 ? 2: (2, 3); };

*unprintable*

Yes, I see...  OK, null pointer constants handling (next patch in the
queue) introduces is_zero_constant() (silent evaluation of integer
constant expression, with division by 0/too large shift/- on lowest
value of signed integer type leaving the branch as-is, so that later
expand would generate a proper error on it; then checking if we'd
reduced the sucker to EXPR_VALUE[0]).  I'll pull it into a separate
patch, along with is_nonzero_constant(), and change rules for potential
ICE on parser stage to
	maybe-ICE && y => maybe-ICE
	maybe-ICE || y => maybe-ICE
	maybe-ICE ? x : y => maybe-ICE if at least one of x and y is maybe-ICE
	maybe-ICE ? : y => maybe-ICE
letting evaluate_expression() on such suckers use them if the first argument
turns out to be ICE after its evaluate_expression()...

It really stinks, especially since we can't say "oh, parent it known to
be non-ICE, no need to bother" - subexpression might be shared.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ