[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wg=vvSf3M9O1VkwyYB4D4W6XS2AHVpQn6hEQY+usWrKGg@mail.gmail.com>
Date: Fri, 18 Sep 2020 12:37:48 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc: Dennis Zhou <dennis@...nel.org>, Tejun Heo <tj@...nel.org>,
Christoph Lameter <cl@...ux.com>,
Linux-MM <linux-mm@...ck.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Kees Cook <keescook@...omium.org>
Subject: Re: [GIT PULL] percpu fix for v5.9-rc6
On Fri, Sep 18, 2020 at 12:28 PM Gustavo A. R. Silva
<gustavoars@...nel.org> wrote:
>
> OK. It seems that we are talking about two different things here. One thing
> is to apply sizeof() to a structure that contains a flexible-array member.
> And the other thing is to apply sizeof() to a flexible array. The former
> is allowed, the latter is wrong and we already get a build error when that
> occurs.
The latter I'm not even interested in, it's such a pointless thing to do.
> Applying sizeof() to a structure containing a flex-array member is allowed,
Yes, and that's wrong and inconsistent, but what else is new about the
C standard. It's what allows these kinds of bugs to slip through.
I sent Luc a couple of examples in the hope that maybe sparse could do
better, but..
> > Is there some gcc option that I didn't find to help find any questionable cases?
>
> If the questionable case is the application of sizeof() to a flex-array
> member or a flex-array member not occuring last in the containing structure,
> then yes, GCC already generates a build error for both cases. And that's
> what we want, see at the bottom...
No.
The questionable thing is to do "sizeof(struct-with-flex-array)".
The point is, it's returning the same thing as if it was just a
zero-sized array, which makes the whole flex array entirely pointless
from a type safety standpoint.
The *only* thing it protects against is the "must be at the end" case,
which is almost entirely pointless and uninteresting.
Yeah, we've had that bug too, but that doesn't make it very interesting.
Linus
Powered by blists - more mailing lists