Received: by 10.213.65.68 with SMTP id h4csp1244161imn; Wed, 4 Apr 2018 15:30:44 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+2kCXe+/6AjOGuVqeeUi2B6iY9LZfKwd8Hti2oVpwbs7G+SyU/PVbcADsIYhxSGXgWf/DM X-Received: by 10.99.164.18 with SMTP id c18mr13117669pgf.85.1522881044896; Wed, 04 Apr 2018 15:30:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522881044; cv=none; d=google.com; s=arc-20160816; b=0aPGAywNm6P5W6dAgDWQzb41o/+lUHriko1ifPNmwF8o6ZAkL90zJ47DKrk04lgGob 7xIr+KEPRIq/LJInlXD1JxWm/a7HEhgBzg15SxdsORN+UdqXDcGq4/pbKqFvsWsmYRMd DlHkheQOEGnvc9IG3/onmLiXMeCEwtm1rZxb8lreokt7o0qgjoCf53u/rqHkGSXxOfNl swod5q6z92YrxnH71Ei4f+IyUq3GVrl5BnHZJSZIxqEXLkBzXyAF9XTkFBknvZeOa9+p Rf63B9hnpYFAJab1eK+odpFR685TCSVUewF0Mh2m3aoQ5DF4qp0CheX77sOulYBLP8in qq9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=D/i685TLzvf+8+xd4mVTyIlm/xzULgWI8X/vGWMdA2U=; b=ub9Od+Tmzgzh531PfN0bE9Y0+X99DYFLKS24JR6vYOrE2OPeS0FFSBFGatuCcpb0qj iHR987vQ+IBLp1L7FPtgI6HVaHsIGyyz0mwygUI5JGxyL6bLg4mUKCa7YecepDXm/Ugs qAXKNya26/KlOxQudNSqioKkzOoRMm424LlddiWjPuFV7hXGVEWbXefm+h1XxRUCQ05B NwWMs0vNCOickcYTYKTsyC8tTPG91+v8cIRS3o5g9/3m2BB982o8A3Y48bd23t55zYRv dvbeaX/ODw6/c/MevNJjwdbWcHEKBMvfLXpM5mukqznaVs2DyoSSPCpyPqLm1DA/QA/a 009Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=QykNWscj; dkim=fail header.i=@linux-foundation.org header.s=google header.b=DeO6bqC/; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d128si4373509pgc.445.2018.04.04.15.30.28; Wed, 04 Apr 2018 15:30:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=QykNWscj; dkim=fail header.i=@linux-foundation.org header.s=google header.b=DeO6bqC/; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752322AbeDDW3U (ORCPT + 99 others); Wed, 4 Apr 2018 18:29:20 -0400 Received: from mail-io0-f181.google.com ([209.85.223.181]:45275 "EHLO mail-io0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751749AbeDDW3T (ORCPT ); Wed, 4 Apr 2018 18:29:19 -0400 Received: by mail-io0-f181.google.com with SMTP id 141so28213425iou.12 for ; Wed, 04 Apr 2018 15:29:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=D/i685TLzvf+8+xd4mVTyIlm/xzULgWI8X/vGWMdA2U=; b=QykNWscj1GPxVssiLLi5k+QSlqssNdTqi73agnqKF7kGqMBfjeOCckqwtVJnMmo+Ly ttmhAoGwY9r5GYZr1SmeCEtP6eH+L5xGMmkEjivNhUVZnR+Zcv2qjp7PbRw9in4oFakY sySV4HtdTHJn2Qh9UwXEr8cltRuZ1wEUrjV0OwEwQMna3YkbPYA8rDI2Txy6BtPdq06X jnSR6kokattiYOtabLKIjtuJm2Azv8x7rqP+3ROWSsSlaOoJqQ/M/2OceqHQ1KukPNen aSOk3aVZWrMtcLma532Tq/p88sXm1dkIC9bgscT2Hyce62yLxF1YaPCiRmnpp5CFHW3y PeoA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=D/i685TLzvf+8+xd4mVTyIlm/xzULgWI8X/vGWMdA2U=; b=DeO6bqC/I5C3Y2Q7aQ7n0+aD1A6GdTWzkTW3LmCxv8vbnhWqs19x2LjyruX6fcAFz1 21bX5Gle5961fbBf4HMe980q4R+y+Xx7H7+HOibQ/C3NU0QxJOV/bAb9aMyVOzNKo8v5 pUhgHvhP5jzpCv1kqqXHZ/hUtjeBLjSpgtBto= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=D/i685TLzvf+8+xd4mVTyIlm/xzULgWI8X/vGWMdA2U=; b=OzvfLtj+AH1hUe8j5KcQRzU1DI7YHJp50ATwKFIzJEWSHyRflErEjAmp4dYiw2rJ6H R8tQapc/0mnDOlozkipM64fCHMvPH9OSbdjN3Dzn6KKnbp41SNyKl2e7lb9wt4H4G1wS ai90Fm1I//0lyGh7O3ZLdFbNQYlxFNIzhY1xRQS4k5WOqnF0fs9jEh2WnZ1uj05BdyMz Go5qGYOPEjsa3phI98aZfk9NuKai0Xl+L5tOb8RLajGu0pAyrs93Tx0pN1BK8sK1QjMK dYj56at0T5e5rYQSsnTu63K5KJVj19/dadPriV5st/LBo7NcIKOO82quqKQhqgN/63nB szPQ== X-Gm-Message-State: ALQs6tBALBcEtenr2Tu2f7+19+Crm+eDXwFGw5gYvTA0uiWY2L9B/R6G k3lbwO/eBnqpNI6xGdLgWCRfWcDvWG6VkRToIeY= X-Received: by 10.107.12.201 with SMTP id 70mr18295648iom.48.1522880958732; Wed, 04 Apr 2018 15:29:18 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.95.15 with HTTP; Wed, 4 Apr 2018 15:29:18 -0700 (PDT) In-Reply-To: References: <20180402095033.nfzcrmxvpm46dhbl@gmail.com> <20180403085904.GY4082@hirez.programming.kicks-ass.net> <20180403095118.rpf7tj577dppvx7d@gmail.com> <20180403180658.GE87376@google.com> <20180404093823.GC25996@kroah.com> <20180404165914.GA9034@kroah.com> From: Linus Torvalds Date: Wed, 4 Apr 2018 15:29:18 -0700 X-Google-Sender-Auth: sEq3t7szlU9WL-VqZawAkkDp05A Message-ID: Subject: Re: [GIT PULL] x86/build changes for v4.17 To: James Y Knight Cc: Greg Kroah-Hartman , Nick Desaulniers , Matthias Kaehlcke , Ingo Molnar , Peter Zijlstra , Linux Kernel Mailing List , Thomas Gleixner , Andrew Morton , Chandler Carruth , Stephen Hines , Kees Cook , Guenter Roeck , Greg Hackmann Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 4, 2018 at 3:21 PM, James Y Knight wrote: > > But allowing random pointer arithmetic, and pointer arithmetic wraparound, > is still different than asserting that an object _field access_ can > overflow. But that's not what the code does. It never _accessed_ the field. It only looked at the *address* of the field. So clang got this case wrong: &(pos)->member != NULL where that "&" thing is very much important. There was no access. An access would in fact have been a bug (and was the bug that the compiler caused, because it removed the check for NULL). You may consider this an "access", but to me, it's all just pointer arithmetic, and not in the least different from the kind of pointer arithmetic that "offsetof()" traditionally does. So I think your "it's a field access" is just a syntactic argument and should not semantically be *any* different from doing arithmetic on a pointer. Linus