Recent changes[0] to make use of __compiletime_assert() from
container_of() increased the usage of this macro, allowing developers to
notice type conflicts in usage of container_of() at compile time.
However, the implementation of __compiletime_assert relies on compiler
optimizations to report an error. This means that if a developer uses
"-O0" with any code that performs container_of(), the compiler will
always report an error regardless of whether there is an actual problem
in the code.
This patch disables compile_time_assert when optimizations are disabled
to allow such code to compile with CFLAGS="-O0".
Example compilation failure:
./include/linux/compiler.h:547:38: error: call to ‘__compiletime_assert_94’ declared with attribute error: pointer type mismatch in container_of()
_compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
^
./include/linux/compiler.h:530:4: note: in definition of macro ‘__compiletime_assert’
prefix ## suffix(); \
^~~~~~
./include/linux/compiler.h:547:2: note: in expansion of macro ‘_compiletime_assert’
_compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
^~~~~~~~~~~~~~~~~~~
./include/linux/build_bug.h:46:37: note: in expansion of macro ‘compiletime_assert’
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^~~~~~~~~~~~~~~~~~
./include/linux/kernel.h:860:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’
BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
^~~~~~~~~~~~~~~~
[0] http://lkml.kernel.org/r/[email protected]
Signed-off-by: Joe Stringer <[email protected]>
Cc: Ian Abbott <[email protected]>
Cc: Arnd Bergmann <[email protected]>
Cc: Michal Nazarewicz <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Andrew Morton <[email protected]>
---
include/linux/compiler.h | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index eca8ad75e28b..b67e5ec9b810 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -517,7 +517,8 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
# define __compiletime_error_fallback(condition) do { } while (0)
#endif
-#define __compiletime_assert(condition, msg, prefix, suffix) \
+#ifdef __OPTIMIZE__
+# define __compiletime_assert(condition, msg, prefix, suffix) \
do { \
bool __cond = !(condition); \
extern void prefix ## suffix(void) __compiletime_error(msg); \
@@ -525,6 +526,9 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
prefix ## suffix(); \
__compiletime_error_fallback(__cond); \
} while (0)
+#else
+# define __compiletime_assert(condition, msg, prefix, suffix)
+#endif
#define _compiletime_assert(condition, msg, prefix, suffix) \
__compiletime_assert(condition, msg, prefix, suffix)
--
2.14.1
On Tue, Aug 29 2017, Joe Stringer wrote:
> Recent changes[0] to make use of __compiletime_assert() from
> container_of() increased the usage of this macro, allowing developers to
> notice type conflicts in usage of container_of() at compile time.
> However, the implementation of __compiletime_assert relies on compiler
> optimizations to report an error. This means that if a developer uses
> "-O0" with any code that performs container_of(), the compiler will
> always report an error regardless of whether there is an actual problem
> in the code.
>
> This patch disables compile_time_assert when optimizations are disabled
> to allow such code to compile with CFLAGS="-O0".
>
> Example compilation failure:
>
> ./include/linux/compiler.h:547:38: error: call to ‘__compiletime_assert_94’ declared with attribute error: pointer type mismatch in container_of()
> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
> ^
> ./include/linux/compiler.h:530:4: note: in definition of macro ‘__compiletime_assert’
> prefix ## suffix(); \
> ^~~~~~
> ./include/linux/compiler.h:547:2: note: in expansion of macro ‘_compiletime_assert’
> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
> ^~~~~~~~~~~~~~~~~~~
> ./include/linux/build_bug.h:46:37: note: in expansion of macro ‘compiletime_assert’
> #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
> ^~~~~~~~~~~~~~~~~~
> ./include/linux/kernel.h:860:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’
> BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
> ^~~~~~~~~~~~~~~~
>
> [0] http://lkml.kernel.org/r/[email protected]
>
> Signed-off-by: Joe Stringer <[email protected]>
> Cc: Ian Abbott <[email protected]>
> Cc: Arnd Bergmann <[email protected]>
> Cc: Michal Nazarewicz <[email protected]>
> Cc: Kees Cook <[email protected]>
> Cc: Andrew Morton <[email protected]>
> ---
> include/linux/compiler.h | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/compiler.h b/include/linux/compiler.h
> index eca8ad75e28b..b67e5ec9b810 100644
> --- a/include/linux/compiler.h
> +++ b/include/linux/compiler.h
> @@ -517,7 +517,8 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
> # define __compiletime_error_fallback(condition) do { } while (0)
> #endif
>
> -#define __compiletime_assert(condition, msg, prefix, suffix) \
> +#ifdef __OPTIMIZE__
> +# define __compiletime_assert(condition, msg, prefix, suffix) \
> do { \
> bool __cond = !(condition); \
> extern void prefix ## suffix(void) __compiletime_error(msg); \
> @@ -525,6 +526,9 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
> prefix ## suffix(); \
> __compiletime_error_fallback(__cond); \
> } while (0)
> +#else
> +# define __compiletime_assert(condition, msg, prefix, suffix)
+# define __compiletime_assert(condition, msg, prefix, suffix) \
+ do { } while (0)
With that fix,
Acked-by: Michal Nazarewicz <[email protected]>
> +#endif
>
> #define _compiletime_assert(condition, msg, prefix, suffix) \
> __compiletime_assert(condition, msg, prefix, suffix)
--
Best regards
ミハウ “????????????????86” ナザレヴイツ
«If at first you don’t succeed, give up skydiving»
On 30 August 2017 at 03:26, Michal Nazarewicz <[email protected]> wrote:
> On Tue, Aug 29 2017, Joe Stringer wrote:
>> Recent changes[0] to make use of __compiletime_assert() from
>> container_of() increased the usage of this macro, allowing developers to
>> notice type conflicts in usage of container_of() at compile time.
>> However, the implementation of __compiletime_assert relies on compiler
>> optimizations to report an error. This means that if a developer uses
>> "-O0" with any code that performs container_of(), the compiler will
>> always report an error regardless of whether there is an actual problem
>> in the code.
>>
>> This patch disables compile_time_assert when optimizations are disabled
>> to allow such code to compile with CFLAGS="-O0".
>>
>> Example compilation failure:
>>
>> ./include/linux/compiler.h:547:38: error: call to ‘__compiletime_assert_94’ declared with attribute error: pointer type mismatch in container_of()
>> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
>> ^
>> ./include/linux/compiler.h:530:4: note: in definition of macro ‘__compiletime_assert’
>> prefix ## suffix(); \
>> ^~~~~~
>> ./include/linux/compiler.h:547:2: note: in expansion of macro ‘_compiletime_assert’
>> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
>> ^~~~~~~~~~~~~~~~~~~
>> ./include/linux/build_bug.h:46:37: note: in expansion of macro ‘compiletime_assert’
>> #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
>> ^~~~~~~~~~~~~~~~~~
>> ./include/linux/kernel.h:860:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’
>> BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
>> ^~~~~~~~~~~~~~~~
>>
>> [0] http://lkml.kernel.org/r/[email protected]
>>
>> Signed-off-by: Joe Stringer <[email protected]>
>> Cc: Ian Abbott <[email protected]>
>> Cc: Arnd Bergmann <[email protected]>
>> Cc: Michal Nazarewicz <[email protected]>
>> Cc: Kees Cook <[email protected]>
>> Cc: Andrew Morton <[email protected]>
>> ---
>> include/linux/compiler.h | 6 +++++-
>> 1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/linux/compiler.h b/include/linux/compiler.h
>> index eca8ad75e28b..b67e5ec9b810 100644
>> --- a/include/linux/compiler.h
>> +++ b/include/linux/compiler.h
>> @@ -517,7 +517,8 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
>> # define __compiletime_error_fallback(condition) do { } while (0)
>> #endif
>>
>> -#define __compiletime_assert(condition, msg, prefix, suffix) \
>> +#ifdef __OPTIMIZE__
>> +# define __compiletime_assert(condition, msg, prefix, suffix) \
>> do { \
>> bool __cond = !(condition); \
>> extern void prefix ## suffix(void) __compiletime_error(msg); \
>> @@ -525,6 +526,9 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
>> prefix ## suffix(); \
>> __compiletime_error_fallback(__cond); \
>> } while (0)
>> +#else
>> +# define __compiletime_assert(condition, msg, prefix, suffix)
>
> +# define __compiletime_assert(condition, msg, prefix, suffix) \
> + do { } while (0)
>
> With that fix,
>
> Acked-by: Michal Nazarewicz <[email protected]>
Thanks, I applied this change and send a v2 with your ack.
On Tue, 29 Aug 2017 16:01:14 -0700 Joe Stringer <[email protected]> wrote:
> Recent changes[0] to make use of __compiletime_assert() from
> container_of() increased the usage of this macro, allowing developers to
> notice type conflicts in usage of container_of() at compile time.
> However, the implementation of __compiletime_assert relies on compiler
> optimizations to report an error. This means that if a developer uses
> "-O0" with any code that performs container_of(), the compiler will
> always report an error regardless of whether there is an actual problem
> in the code.
>
> This patch disables compile_time_assert when optimizations are disabled
> to allow such code to compile with CFLAGS="-O0".
I'm wondering if we should backport this into -stable. Probably not,
as I doubt if many people use -O0 - it's a pretty weird thing to do. I
used to use it a bit because it makes the ".lst" files (intermingled .c
and .s files) make more sense. In fact I'm wondering how you even
noticed this?
So unless disagreed with, I think I'll leave this out of -stable. I
redid the changelog somewhat, presenting it as a fix against
c7acec713d14c6c:
From: Joe Stringer <[email protected]>
Subject: include/linux/compiler.h: don't perform compiletime_assert with -O0
c7acec713d14c6c ("kernel.h: handle pointers to arrays better in
container_of()") made use of __compiletime_assert() from container_of()
thus increasing the usage of this macro, allowing developers to notice
type conflicts in usage of container_of() at compile time.
However, the implementation of __compiletime_assert relies on compiler
optimizations to report an error. This means that if a developer uses
"-O0" with any code that performs container_of(), the compiler will always
report an error regardless of whether there is an actual problem in the
code.
This patch disables compile_time_assert when optimizations are disabled to
allow such code to compile with CFLAGS="-O0".
Example compilation failure:
./include/linux/compiler.h:547:38: error: call to `__compiletime_assert_94' declared with attribute error: pointer type mismatch in container_of()
_compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
^
./include/linux/compiler.h:530:4: note: in definition of macro `__compiletime_assert'
prefix ## suffix(); \
^~~~~~
./include/linux/compiler.h:547:2: note: in expansion of macro `_compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
^~~~~~~~~~~~~~~~~~~
./include/linux/build_bug.h:46:37: note: in expansion of macro `compiletime_assert'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^~~~~~~~~~~~~~~~~~
./include/linux/kernel.h:860:2: note: in expansion of macro `BUILD_BUG_ON_MSG'
BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
^~~~~~~~~~~~~~~~
Link: http://lkml.kernel.org/r/[email protected]
Fixes: c7acec713d14c6c ("kernel.h: handle pointers to arrays better in container_of()")
Signed-off-by: Joe Stringer <[email protected]>
Cc: Ian Abbott <[email protected]>
Cc: Arnd Bergmann <[email protected]>
Cc: Michal Nazarewicz <[email protected]>
Cc: Kees Cook <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
---
include/linux/compiler.h | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff -puN include/linux/compiler.h~compiler-dont-perform-compiletime_assert-with-o0 include/linux/compiler.h
--- a/include/linux/compiler.h~compiler-dont-perform-compiletime_assert-with-o0
+++ a/include/linux/compiler.h
@@ -517,7 +517,8 @@ static __always_inline void __write_once
# define __compiletime_error_fallback(condition) do { } while (0)
#endif
-#define __compiletime_assert(condition, msg, prefix, suffix) \
+#ifdef __OPTIMIZE__
+# define __compiletime_assert(condition, msg, prefix, suffix) \
do { \
bool __cond = !(condition); \
extern void prefix ## suffix(void) __compiletime_error(msg); \
@@ -525,6 +526,9 @@ static __always_inline void __write_once
prefix ## suffix(); \
__compiletime_error_fallback(__cond); \
} while (0)
+#else
+# define __compiletime_assert(condition, msg, prefix, suffix)
+#endif
#define _compiletime_assert(condition, msg, prefix, suffix) \
__compiletime_assert(condition, msg, prefix, suffix)
_
On 30 August 2017 at 15:59, Andrew Morton <[email protected]> wrote:
> On Tue, 29 Aug 2017 16:01:14 -0700 Joe Stringer <[email protected]> wrote:
>
>> Recent changes[0] to make use of __compiletime_assert() from
>> container_of() increased the usage of this macro, allowing developers to
>> notice type conflicts in usage of container_of() at compile time.
>> However, the implementation of __compiletime_assert relies on compiler
>> optimizations to report an error. This means that if a developer uses
>> "-O0" with any code that performs container_of(), the compiler will
>> always report an error regardless of whether there is an actual problem
>> in the code.
>>
>> This patch disables compile_time_assert when optimizations are disabled
>> to allow such code to compile with CFLAGS="-O0".
>
> I'm wondering if we should backport this into -stable. Probably not,
> as I doubt if many people use -O0 - it's a pretty weird thing to do. I
> used to use it a bit because it makes the ".lst" files (intermingled .c
> and .s files) make more sense. In fact I'm wondering how you even
> noticed this?
Local debugging, was trying to get a better understanding of the
underlying assembly and the code I was using just happened to use
container_of().
I doubt this is going to affect a large number of people, and most
developers will rebase against something newish on a regular basis so
I personally wouldn't push to apply against -stable.
> So unless disagreed with, I think I'll leave this out of -stable. I
> redid the changelog somewhat, presenting it as a fix against
> c7acec713d14c6c:
>
>
> From: Joe Stringer <[email protected]>
> Subject: include/linux/compiler.h: don't perform compiletime_assert with -O0
>
> c7acec713d14c6c ("kernel.h: handle pointers to arrays better in
> container_of()") made use of __compiletime_assert() from container_of()
> thus increasing the usage of this macro, allowing developers to notice
> type conflicts in usage of container_of() at compile time.
>
> However, the implementation of __compiletime_assert relies on compiler
> optimizations to report an error. This means that if a developer uses
> "-O0" with any code that performs container_of(), the compiler will always
> report an error regardless of whether there is an actual problem in the
> code.
>
> This patch disables compile_time_assert when optimizations are disabled to
> allow such code to compile with CFLAGS="-O0".
>
> Example compilation failure:
>
> ./include/linux/compiler.h:547:38: error: call to `__compiletime_assert_94' declared with attribute error: pointer type mismatch in container_of()
> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
> ^
> ./include/linux/compiler.h:530:4: note: in definition of macro `__compiletime_assert'
> prefix ## suffix(); \
> ^~~~~~
> ./include/linux/compiler.h:547:2: note: in expansion of macro `_compiletime_assert'
> _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
> ^~~~~~~~~~~~~~~~~~~
> ./include/linux/build_bug.h:46:37: note: in expansion of macro `compiletime_assert'
> #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
> ^~~~~~~~~~~~~~~~~~
> ./include/linux/kernel.h:860:2: note: in expansion of macro `BUILD_BUG_ON_MSG'
> BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
> ^~~~~~~~~~~~~~~~
>
> Link: http://lkml.kernel.org/r/[email protected]
> Fixes: c7acec713d14c6c ("kernel.h: handle pointers to arrays better in container_of()")
> Signed-off-by: Joe Stringer <[email protected]>
> Cc: Ian Abbott <[email protected]>
> Cc: Arnd Bergmann <[email protected]>
> Cc: Michal Nazarewicz <[email protected]>
> Cc: Kees Cook <[email protected]>
> Signed-off-by: Andrew Morton <[email protected]>
> ---
>
> include/linux/compiler.h | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff -puN include/linux/compiler.h~compiler-dont-perform-compiletime_assert-with-o0 include/linux/compiler.h
> --- a/include/linux/compiler.h~compiler-dont-perform-compiletime_assert-with-o0
> +++ a/include/linux/compiler.h
> @@ -517,7 +517,8 @@ static __always_inline void __write_once
> # define __compiletime_error_fallback(condition) do { } while (0)
> #endif
>
> -#define __compiletime_assert(condition, msg, prefix, suffix) \
> +#ifdef __OPTIMIZE__
> +# define __compiletime_assert(condition, msg, prefix, suffix) \
> do { \
> bool __cond = !(condition); \
> extern void prefix ## suffix(void) __compiletime_error(msg); \
> @@ -525,6 +526,9 @@ static __always_inline void __write_once
> prefix ## suffix(); \
> __compiletime_error_fallback(__cond); \
> } while (0)
> +#else
> +# define __compiletime_assert(condition, msg, prefix, suffix)
> +#endif
The commit message update looks fine, but it looks like this is v1 not
v2 (see the #else part).
Thanks,
Joe
Joe Stringer <[email protected]> writes:
> On 30 August 2017 at 15:59, Andrew Morton <[email protected]> wrote:
>> On Tue, 29 Aug 2017 16:01:14 -0700 Joe Stringer <[email protected]> wrote:
>>
>>> Recent changes[0] to make use of __compiletime_assert() from
>>> container_of() increased the usage of this macro, allowing developers to
>>> notice type conflicts in usage of container_of() at compile time.
>>> However, the implementation of __compiletime_assert relies on compiler
>>> optimizations to report an error. This means that if a developer uses
>>> "-O0" with any code that performs container_of(), the compiler will
>>> always report an error regardless of whether there is an actual problem
>>> in the code.
>>>
>>> This patch disables compile_time_assert when optimizations are disabled
>>> to allow such code to compile with CFLAGS="-O0".
>>
>> I'm wondering if we should backport this into -stable. Probably not,
>> as I doubt if many people use -O0 - it's a pretty weird thing to do. I
>> used to use it a bit because it makes the ".lst" files (intermingled .c
>> and .s files) make more sense. In fact I'm wondering how you even
>> noticed this?
>
> Local debugging, was trying to get a better understanding of the
> underlying assembly and the code I was using just happened to use
> container_of().
Does the kernel actually build with -O0? I didn't think it actually
worked.
cheers
On 30 August 2017 at 19:16, Michael Ellerman <[email protected]> wrote:
> Joe Stringer <[email protected]> writes:
>
>> On 30 August 2017 at 15:59, Andrew Morton <[email protected]> wrote:
>>> On Tue, 29 Aug 2017 16:01:14 -0700 Joe Stringer <[email protected]> wrote:
>>>
>>>> Recent changes[0] to make use of __compiletime_assert() from
>>>> container_of() increased the usage of this macro, allowing developers to
>>>> notice type conflicts in usage of container_of() at compile time.
>>>> However, the implementation of __compiletime_assert relies on compiler
>>>> optimizations to report an error. This means that if a developer uses
>>>> "-O0" with any code that performs container_of(), the compiler will
>>>> always report an error regardless of whether there is an actual problem
>>>> in the code.
>>>>
>>>> This patch disables compile_time_assert when optimizations are disabled
>>>> to allow such code to compile with CFLAGS="-O0".
>>>
>>> I'm wondering if we should backport this into -stable. Probably not,
>>> as I doubt if many people use -O0 - it's a pretty weird thing to do. I
>>> used to use it a bit because it makes the ".lst" files (intermingled .c
>>> and .s files) make more sense. In fact I'm wondering how you even
>>> noticed this?
>>
>> Local debugging, was trying to get a better understanding of the
>> underlying assembly and the code I was using just happened to use
>> container_of().
>
> Does the kernel actually build with -O0? I didn't think it actually
> worked.
I haven't tried the whole kernel, but you can set these CFLAGS on
specific files with a one-liner in a makefile:
CFLAGS_foo.o = -O0