lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 18 Aug 2008 09:54:59 +0200
From:	Ingo Molnar <mingo@...e.hu>
To:	Rusty Russell <rusty@...tcorp.com.au>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Sam Ravnborg <sam@...nborg.org>
Subject: Re: [PATCH] debug: fix BUILD_BUG_ON() for non-constant expressions


* Rusty Russell <rusty@...tcorp.com.au> wrote:

> On Monday 18 August 2008 03:33:19 Ingo Molnar wrote:
> > * Linus Torvalds <torvalds@...ux-foundation.org> wrote:
> > > Gag me now.
> > >
> > > Why not just do
> > >
> > >  #define __BBO(c)                sizeof(const char[1 - 2*!!(c)])
> > >  #define __BBONC(c)              __BBO(!__builtin_constant_p(c))
> > >  #define BUILD_BUG_ON_ZERO(c)    (__BBO(c) - __BBONC(c))
> > >  #define BUILD_BUG_ON(c)         (void)BUILD_BUG_ON_ZERO(c)
> > >
> > > and be done with it?
> >
> > yeah, i first tried a few variants of that (compile-time warnings are
> > much better than link time warnings), but none worked when i tested
> > various failure modes.
> 
> Hey, I thought I was the "undisputed ruler of Ugly-land".
> 
> How about this instead:
> 
> #define BUILD_BUG_ON(condition)						\
> do {									\
> 	static struct { char arr[1 - 2*!!(condition)]; } x __maybe_unused;	\
> } while(0)

hm, have you tried it and do we get a severe enough link error about 
that? If the macro gets ignored by the compiler that's really a hard 
error - such things are essential safeguards of kernel sanity:

	/*
	 * Build-time sanity checks on the kernel image and module
	 * area mappings. (these are purely build-time and produce no code)
	 */
	BUILD_BUG_ON(MODULES_VADDR < KERNEL_IMAGE_START);
	BUILD_BUG_ON(MODULES_VADDR-KERNEL_IMAGE_START < KERNEL_IMAGE_SIZE);
	BUILD_BUG_ON(MODULES_LEN + KERNEL_IMAGE_SIZE > 2*PUD_SIZE);
	BUILD_BUG_ON((KERNEL_IMAGE_START & ~PMD_MASK) != 0);
	BUILD_BUG_ON((MODULES_VADDR & ~PMD_MASK) != 0);
	BUILD_BUG_ON(!(MODULES_VADDR > __START_KERNEL));
	BUILD_BUG_ON(!(((MODULES_END - 1) & PGDIR_MASK) ==
				(__START_KERNEL & PGDIR_MASK)));
	BUILD_BUG_ON(__fix_to_virt(__end_of_fixed_addresses) <= MODULES_END);

( and propagating them into runtime failures not only increases bloat,
  it also makes failures harder to debug. These checks 'run' _early_. )

Link time warnings are easy enough to miss.

So unless there's a better way of doing it all at compile time (i'd 
really prefer that!) i'd prefer the link time error about botched 
BUILD_BUG_ON() conditions - as my commits introduce.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists