Received: by 10.213.65.68 with SMTP id h4csp812170imn; Tue, 20 Mar 2018 16:25:12 -0700 (PDT) X-Google-Smtp-Source: AG47ELv31I+cBJK5I5MoUNUbdu/TZKZAXN3KA3QVUSd75i4oN8DA1QkV1fcWjvkKmGfCg+cSXz2e X-Received: by 10.167.130.130 with SMTP id s2mr14937783pfm.136.1521588312150; Tue, 20 Mar 2018 16:25:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521588312; cv=none; d=google.com; s=arc-20160816; b=KT8sEgStmtA0NgVimr7CwNZRPbAmouDnMwmezAc5gaVpGaIqHNwMd4UTOb475XLJ/L 5h+wETrrk08J2XCE/H1hMBXJOmhvO8bkenLqq8TgFsZlmPRbsFYpc7V19cp840t5+OqY 5I3kx/6R2f1jk6B3DW4akS7258EON+P9TbwMnOwa+boUijgf4QWoc8fqwbvs8qX+WoX/ XfQcTuFcrvRZaRUUXxYbLIrAUbBWX54FsmPJdf0E7BI7dHHbceo+YyJj39QoNTzSOxBP HIPGtnqKiHEgys+QiQwr51tOQxZuQ6H2rvlNgk00QOM/p3hcJ2wue8SJk+8u34E8bUvf NvSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=JXQo/eczRFK6vIJ3/MAaFpWi49YGyxghOqpSmAi8d0A=; b=lUntGyHs53pn+bIlyk0aiojjadNGM6MzRkb3wJPU9Cjduw2DS44W5GXWjoaO7xSeL7 AnM9T+ItfQYCDJBZJXiUzWokQtaKa6q2kD4ne49vRwvZ3emC/4BRN5s4w7VYx+wLuR5/ jgQ/YS0Flt0HWQsuEHI0WIMV0L6kjZw8OtIXGWMxB2OdMuFR3BHSO33ISFW8fI+R2aTj t94Q9EgsWBgKgHA8BN3B47Sa+p5GD4Bd1jbk2VJ68hemfKYFIJKCQjWiPY7aZKgGmYZD 41vHAe/zdPq/rcP8d/qhTpY5ClccS7O5lTO/otdOu9B/VzTsJSOfUYRgl9DnrIVTiAHK h1rQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=SwwysnbG; dkim=fail header.i=@linux-foundation.org header.s=google header.b=NsbKEteM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p12-v6si2406535plo.194.2018.03.20.16.24.57; Tue, 20 Mar 2018 16:25:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=SwwysnbG; dkim=fail header.i=@linux-foundation.org header.s=google header.b=NsbKEteM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751687AbeCTXYA (ORCPT + 99 others); Tue, 20 Mar 2018 19:24:00 -0400 Received: from mail-io0-f193.google.com ([209.85.223.193]:33025 "EHLO mail-io0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751468AbeCTXX4 (ORCPT ); Tue, 20 Mar 2018 19:23:56 -0400 Received: by mail-io0-f193.google.com with SMTP id l3so4444202iog.0; Tue, 20 Mar 2018 16:23:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=JXQo/eczRFK6vIJ3/MAaFpWi49YGyxghOqpSmAi8d0A=; b=SwwysnbG08tFY+34PAJ/sAwyt2AxTnj7BQJ9PGCYA0ioeHAcuEPLxkbH566Y+l6sk+ eElu35SKQvQni6aMC0HH7hBLseaKlADlVM1qQwWWV/WVTLahA42LQidDtA80Uf4HP01d M+1Gc2JrJYOdO0p99kNruZmSGIYQstiqpli583Gyffm7BJfzdrKs/ZHN6QgLSrzXZNgi fb8K1OGYVuqICIrmore7DOB1JUA4J3/10e7NsOFIxPn6A29iJLsSMsX+A0RutfPLJ+dx YECz6p5jX1FU6igao7IA2z6uSayZD1qPupQ2SW0Ls1klOna512HcnWJpJ9znXgQIgQ5t pcyA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=JXQo/eczRFK6vIJ3/MAaFpWi49YGyxghOqpSmAi8d0A=; b=NsbKEteMb0+42njwDBnGI7RJslO5Ygzyyq9pScP6zfBs17TdfhqxK58pThFAXtokYG IAYxdg6tkwNaODK/aFjCCduRozDUzfXpGDxuqGhVGScQdsSJLoem86V1H2bxRByKpXZg 9uuguFOKkAP2HiJGUzl2SMeeD44yljvaOFC0Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=JXQo/eczRFK6vIJ3/MAaFpWi49YGyxghOqpSmAi8d0A=; b=pjCewyUumurFgSmMQMM9FIr+f285Qls2Ak3OJ8WVE7fi/F6Xxa471GIS1BXJf9vdwd x9k80M5KgyMSNw741QoOVKTOENRJX/BMZn0hdzyVutuS9V60vSuTsW7sffMh812/5QBn MZ1DzW3jg+sqh+HW63h3ilIri9vhRSr/l0HnGCBxWfDvKuL/eO6Lif3lkE7atTj1Dlgz U7jcN6STatiB7kKQ7ONQRZKG0wNiWoDLVwo7KGskurkVQSd3i3RSicoJoJjm58F02YbN g5gFIUESU/uuvP/DrQ/md7Z0u0BIglmczEnKVAg3T/DLbs/1X6OWKL5OOf/Ed2iant6N R+7Q== X-Gm-Message-State: AElRT7EneLM29XD7VPflWbtUfhFtOjyLEuN+BB9u6bS6f9ail53E7tlF +uWHDI3xOSSV/2bZZZdY4BpQ2HdegxiM8fszkAs= X-Received: by 10.107.182.214 with SMTP id g205mr19349575iof.203.1521588235647; Tue, 20 Mar 2018 16:23:55 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.95.15 with HTTP; Tue, 20 Mar 2018 16:23:54 -0700 (PDT) In-Reply-To: References: <1521174359-46392-1-git-send-email-keescook@chromium.org> <20180316175502.GE30522@ZenIV.linux.org.uk> From: Linus Torvalds Date: Tue, 20 Mar 2018 16:23:54 -0700 X-Google-Sender-Auth: RTmoocTBjIQJOsC1ZJPU02y0V84 Message-ID: Subject: Re: [PATCH v5 0/2] Remove false-positive VLAs when using max() To: Kees Cook Cc: Al Viro , Florian Weimer , Andrew Morton , Josh Poimboeuf , Rasmus Villemoes , Randy Dunlap , Miguel Ojeda , Ingo Molnar , David Laight , Ian Abbott , linux-input , linux-btrfs , Network Development , Linux Kernel Mailing List , Kernel Hardening Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Mar 17, 2018 at 1:07 PM, Kees Cook wrote: > > No luck! :( gcc 4.4 refuses to play along. And, hilariously, not only > does it not change the complaint about __builtin_choose_expr(), it > also thinks that's a VLA now. Hmm. So thanks to the diseased mind of Martin Uecker, there's a better test for "__is_constant()": /* Glory to Martin Uecker */ #define __is_constant(a) \ (sizeof(int) == sizeof(*(1 ? ((void*)((a) * 0l)) : (int*)1))) that is actually *specified* by the C standard to work, and doesn't even depend on any gcc extensions. The reason is some really subtle pointer conversion rules, where the type of the ternary operator will depend on whether one of the pointers is NULL or not. And the definition of NULL, in turn, very much depends on "integer constant expression that has the value 0". Are you willing to do one final try on a generic min/max? Same as my last patch, but using the above __is_constant() test instead of __builtin_constant_p? Linus