From: Segher Boessenkool <segher@kernel.crashing.org>
To: Rob Landley <rob@landley.net>
Cc: "Michael.Karcher" <Michael.Karcher@fu-berlin.de>,
John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>,
Geert Uytterhoeven <geert@linux-m68k.org>,
linux-xtensa@linux-xtensa.org, Arnd Bergmann <arnd@arndb.de>,
linux-sh@vger.kernel.org, linux-wireless@vger.kernel.org,
linux-mips@vger.kernel.org, amd-gfx@lists.freedesktop.org,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>,
linux-f2fs-devel@lists.sourceforge.net,
linuxppc-dev@lists.ozlabs.org,
linux-arm-kernel@lists.infradead.org,
linux-media@vger.kernel.org
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1
Date: Fri, 20 Jan 2023 04:53:41 -0600 [thread overview]
Message-ID: <20230120105341.GI25951@gate.crashing.org> (raw)
In-Reply-To: <0f51dac4-836b-0ff2-38c6-5521745c1c88@landley.net>
On Thu, Jan 19, 2023 at 09:31:21PM -0600, Rob Landley wrote:
> On 1/19/23 16:11, Michael.Karcher wrote:
> > I don't see a clear bug at this point. We are talking about the C expression
> >
> > __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))
(__same_type is a kernel macro, it expands to something with
__builtin_compatible_type()).
> *(void*) is type "void" which does not have a size.
It has size 1, in GCC, so that you can do arithmetic on pointers to
void. This is a long-standing and very widely used GCC extension.
"""
6.24 Arithmetic on 'void'- and Function-Pointers
================================================
In GNU C, addition and subtraction operations are supported on pointers
to 'void' and on pointers to functions. This is done by treating the
size of a 'void' or of a function as 1.
A consequence of this is that 'sizeof' is also allowed on 'void' and on
function types, and returns 1.
The option '-Wpointer-arith' requests a warning if these extensions are
used.
"""
> The problem is gcc "optimizing out" an earlier type check, the same way it
> "optimizes out" checks for signed integer math overflowing, or "optimizes out" a
> comparison to pointers from two different local variables from different
> function calls trying to calculate the amount of stack used, or "optimizes out"
Are you saying something in the kernel code here is invalid code?
Because your other examples are.
> using char *x = (char *)1; as a flag value and then doing "if (!(x-1)) because
> it can "never happen"...
Like here. And no, this is not allowed by -fno-strict-aliasing.
> > I suggest to file a bug against gcc complaining about a "spurious
> > warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
> > adapted to not emit the warning about the pointer division if the result
> > is not used.
Yeah. If the first operand of a conditional operator is non-zero, the
second operand is not evaluated, and if the first is zero, the third
operand is not evaluated. It is better if we do not warn about
something we do not evaluate. In cases like here where it is clear at
compile time which branch is taken, that shouldn't be too hard.
Can someone please file a GCC PR? With reduced testcase preferably.
Segher
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Segher Boessenkool <segher@kernel.crashing.org>
To: Rob Landley <rob@landley.net>
Cc: linux-xtensa@linux-xtensa.org, Arnd Bergmann <arnd@arndb.de>,
linux-sh@vger.kernel.org,
"Michael.Karcher" <Michael.Karcher@fu-berlin.de>,
Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>,
linux-wireless@vger.kernel.org, linux-mips@vger.kernel.org,
amd-gfx@lists.freedesktop.org, linux-kernel@vger.kernel.org,
Geert Uytterhoeven <geert@linux-m68k.org>,
kasan-dev@googlegroups.com,
John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>,
linux-f2fs-devel@lists.sourceforge.net,
linuxppc-dev@lists.ozlabs.org,
linux-arm-kernel@lists.infradead.org,
linux-media@vger.kernel.org
Subject: Re: [f2fs-dev] Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1
Date: Fri, 20 Jan 2023 04:53:41 -0600 [thread overview]
Message-ID: <20230120105341.GI25951@gate.crashing.org> (raw)
In-Reply-To: <0f51dac4-836b-0ff2-38c6-5521745c1c88@landley.net>
On Thu, Jan 19, 2023 at 09:31:21PM -0600, Rob Landley wrote:
> On 1/19/23 16:11, Michael.Karcher wrote:
> > I don't see a clear bug at this point. We are talking about the C expression
> >
> > __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))
(__same_type is a kernel macro, it expands to something with
__builtin_compatible_type()).
> *(void*) is type "void" which does not have a size.
It has size 1, in GCC, so that you can do arithmetic on pointers to
void. This is a long-standing and very widely used GCC extension.
"""
6.24 Arithmetic on 'void'- and Function-Pointers
================================================
In GNU C, addition and subtraction operations are supported on pointers
to 'void' and on pointers to functions. This is done by treating the
size of a 'void' or of a function as 1.
A consequence of this is that 'sizeof' is also allowed on 'void' and on
function types, and returns 1.
The option '-Wpointer-arith' requests a warning if these extensions are
used.
"""
> The problem is gcc "optimizing out" an earlier type check, the same way it
> "optimizes out" checks for signed integer math overflowing, or "optimizes out" a
> comparison to pointers from two different local variables from different
> function calls trying to calculate the amount of stack used, or "optimizes out"
Are you saying something in the kernel code here is invalid code?
Because your other examples are.
> using char *x = (char *)1; as a flag value and then doing "if (!(x-1)) because
> it can "never happen"...
Like here. And no, this is not allowed by -fno-strict-aliasing.
> > I suggest to file a bug against gcc complaining about a "spurious
> > warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
> > adapted to not emit the warning about the pointer division if the result
> > is not used.
Yeah. If the first operand of a conditional operator is non-zero, the
second operand is not evaluated, and if the first is zero, the third
operand is not evaluated. It is better if we do not warn about
something we do not evaluate. In cases like here where it is clear at
compile time which branch is taken, that shouldn't be too hard.
Can someone please file a GCC PR? With reduced testcase preferably.
Segher
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
WARNING: multiple messages have this Message-ID (diff)
From: Segher Boessenkool <segher@kernel.crashing.org>
To: Rob Landley <rob@landley.net>
Cc: linux-xtensa@linux-xtensa.org, Arnd Bergmann <arnd@arndb.de>,
linux-sh@vger.kernel.org,
"Michael.Karcher" <Michael.Karcher@fu-berlin.de>,
Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>,
linux-wireless@vger.kernel.org, linux-mips@vger.kernel.org,
amd-gfx@lists.freedesktop.org, linux-kernel@vger.kernel.org,
Geert Uytterhoeven <geert@linux-m68k.org>,
kasan-dev@googlegroups.com,
John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>,
linux-f2fs-devel@lists.sourceforge.net,
linuxppc-dev@lists.ozlabs.org,
linux-arm-kernel@lists.infradead.org,
linux-media@vger.kernel.org
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1
Date: Fri, 20 Jan 2023 04:53:41 -0600 [thread overview]
Message-ID: <20230120105341.GI25951@gate.crashing.org> (raw)
In-Reply-To: <0f51dac4-836b-0ff2-38c6-5521745c1c88@landley.net>
On Thu, Jan 19, 2023 at 09:31:21PM -0600, Rob Landley wrote:
> On 1/19/23 16:11, Michael.Karcher wrote:
> > I don't see a clear bug at this point. We are talking about the C expression
> >
> > __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))
(__same_type is a kernel macro, it expands to something with
__builtin_compatible_type()).
> *(void*) is type "void" which does not have a size.
It has size 1, in GCC, so that you can do arithmetic on pointers to
void. This is a long-standing and very widely used GCC extension.
"""
6.24 Arithmetic on 'void'- and Function-Pointers
================================================
In GNU C, addition and subtraction operations are supported on pointers
to 'void' and on pointers to functions. This is done by treating the
size of a 'void' or of a function as 1.
A consequence of this is that 'sizeof' is also allowed on 'void' and on
function types, and returns 1.
The option '-Wpointer-arith' requests a warning if these extensions are
used.
"""
> The problem is gcc "optimizing out" an earlier type check, the same way it
> "optimizes out" checks for signed integer math overflowing, or "optimizes out" a
> comparison to pointers from two different local variables from different
> function calls trying to calculate the amount of stack used, or "optimizes out"
Are you saying something in the kernel code here is invalid code?
Because your other examples are.
> using char *x = (char *)1; as a flag value and then doing "if (!(x-1)) because
> it can "never happen"...
Like here. And no, this is not allowed by -fno-strict-aliasing.
> > I suggest to file a bug against gcc complaining about a "spurious
> > warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
> > adapted to not emit the warning about the pointer division if the result
> > is not used.
Yeah. If the first operand of a conditional operator is non-zero, the
second operand is not evaluated, and if the first is zero, the third
operand is not evaluated. It is better if we do not warn about
something we do not evaluate. In cases like here where it is clear at
compile time which branch is taken, that shouldn't be too hard.
Can someone please file a GCC PR? With reduced testcase preferably.
Segher
WARNING: multiple messages have this Message-ID (diff)
From: Segher Boessenkool <segher@kernel.crashing.org>
To: Rob Landley <rob@landley.net>
Cc: "Michael.Karcher" <Michael.Karcher@fu-berlin.de>,
John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>,
Geert Uytterhoeven <geert@linux-m68k.org>,
linux-xtensa@linux-xtensa.org, Arnd Bergmann <arnd@arndb.de>,
linux-sh@vger.kernel.org, linux-wireless@vger.kernel.org,
linux-mips@vger.kernel.org, amd-gfx@lists.freedesktop.org,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>,
linux-f2fs-devel@lists.sourceforge.net,
linuxppc-dev@lists.ozlabs.org,
linux-arm-kernel@lists.infradead.org,
linux-media@vger.kernel.org
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1
Date: Fri, 20 Jan 2023 04:53:41 -0600 [thread overview]
Message-ID: <20230120105341.GI25951@gate.crashing.org> (raw)
In-Reply-To: <0f51dac4-836b-0ff2-38c6-5521745c1c88@landley.net>
On Thu, Jan 19, 2023 at 09:31:21PM -0600, Rob Landley wrote:
> On 1/19/23 16:11, Michael.Karcher wrote:
> > I don't see a clear bug at this point. We are talking about the C expression
> >
> > __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))
(__same_type is a kernel macro, it expands to something with
__builtin_compatible_type()).
> *(void*) is type "void" which does not have a size.
It has size 1, in GCC, so that you can do arithmetic on pointers to
void. This is a long-standing and very widely used GCC extension.
"""
6.24 Arithmetic on 'void'- and Function-Pointers
================================================
In GNU C, addition and subtraction operations are supported on pointers
to 'void' and on pointers to functions. This is done by treating the
size of a 'void' or of a function as 1.
A consequence of this is that 'sizeof' is also allowed on 'void' and on
function types, and returns 1.
The option '-Wpointer-arith' requests a warning if these extensions are
used.
"""
> The problem is gcc "optimizing out" an earlier type check, the same way it
> "optimizes out" checks for signed integer math overflowing, or "optimizes out" a
> comparison to pointers from two different local variables from different
> function calls trying to calculate the amount of stack used, or "optimizes out"
Are you saying something in the kernel code here is invalid code?
Because your other examples are.
> using char *x = (char *)1; as a flag value and then doing "if (!(x-1)) because
> it can "never happen"...
Like here. And no, this is not allowed by -fno-strict-aliasing.
> > I suggest to file a bug against gcc complaining about a "spurious
> > warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
> > adapted to not emit the warning about the pointer division if the result
> > is not used.
Yeah. If the first operand of a conditional operator is non-zero, the
second operand is not evaluated, and if the first is zero, the third
operand is not evaluated. It is better if we do not warn about
something we do not evaluate. In cases like here where it is clear at
compile time which branch is taken, that shouldn't be too hard.
Can someone please file a GCC PR? With reduced testcase preferably.
Segher
next prev parent reply other threads:[~2023-01-20 10:59 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-25 22:07 Linux 6.2-rc1 Linus Torvalds
2022-12-26 19:52 ` Guenter Roeck
2022-12-26 20:56 ` Linus Torvalds
2022-12-26 21:03 ` Kees Cook
2022-12-26 22:10 ` Guenter Roeck
2022-12-27 0:29 ` Guenter Roeck
2022-12-27 1:32 ` Kees Cook
2022-12-27 5:52 ` Guenter Roeck
2022-12-28 3:40 ` Kees Cook
2022-12-28 14:44 ` Guenter Roeck
2023-01-07 0:06 ` Jaegeuk Kim
2022-12-26 22:41 ` Vlastimil Babka
2022-12-26 21:10 ` Max Filippov
2022-12-26 22:08 ` Guenter Roeck
2022-12-27 8:29 ` Build regressions/improvements in v6.2-rc1 Geert Uytterhoeven
2022-12-27 8:35 ` Geert Uytterhoeven
2022-12-27 8:35 ` Geert Uytterhoeven
2022-12-27 8:35 ` Geert Uytterhoeven
2023-01-01 1:33 ` Rob Landley
2023-01-01 12:24 ` Geert Uytterhoeven
2023-01-04 6:32 ` Michael Ellerman
2023-01-06 15:10 ` John Paul Adrian Glaubitz
2023-01-06 15:10 ` John Paul Adrian Glaubitz
2023-01-06 15:10 ` John Paul Adrian Glaubitz
2023-01-06 15:10 ` [f2fs-dev] " John Paul Adrian Glaubitz
2023-01-06 15:17 ` Geert Uytterhoeven
2023-01-06 15:17 ` Geert Uytterhoeven
2023-01-06 15:17 ` Geert Uytterhoeven
2023-01-06 15:17 ` [f2fs-dev] " Geert Uytterhoeven
2023-01-06 15:18 ` Geert Uytterhoeven
2023-01-06 15:18 ` Geert Uytterhoeven
2023-01-06 15:18 ` Geert Uytterhoeven
2023-01-06 15:18 ` Geert Uytterhoeven
2023-01-17 16:42 ` Calculating array sizes in C - was: " John Paul Adrian Glaubitz
2023-01-17 16:42 ` John Paul Adrian Glaubitz
2023-01-17 16:42 ` John Paul Adrian Glaubitz
2023-01-17 16:42 ` [f2fs-dev] " John Paul Adrian Glaubitz
2023-01-17 17:01 ` Geert Uytterhoeven
2023-01-17 17:01 ` Geert Uytterhoeven
2023-01-17 17:01 ` Geert Uytterhoeven
2023-01-17 17:01 ` [f2fs-dev] " Geert Uytterhoeven
2023-01-17 17:06 ` John Paul Adrian Glaubitz
2023-01-17 17:06 ` John Paul Adrian Glaubitz
2023-01-17 17:06 ` John Paul Adrian Glaubitz
2023-01-17 17:06 ` [f2fs-dev] " John Paul Adrian Glaubitz
2023-01-17 20:05 ` Geert Uytterhoeven
2023-01-17 20:05 ` Geert Uytterhoeven
2023-01-17 20:05 ` Geert Uytterhoeven
2023-01-17 20:05 ` Geert Uytterhoeven
2023-01-17 20:37 ` [f2fs-dev] " John Paul Adrian Glaubitz
2023-01-17 20:37 ` John Paul Adrian Glaubitz
2023-01-17 20:37 ` John Paul Adrian Glaubitz
2023-01-17 20:37 ` John Paul Adrian Glaubitz
2023-01-19 22:11 ` [f2fs-dev] " Michael.Karcher
2023-01-19 22:11 ` Michael.Karcher
2023-01-19 22:11 ` Michael.Karcher
2023-01-19 22:11 ` Michael.Karcher
2023-01-20 3:31 ` Rob Landley
2023-01-20 3:31 ` [f2fs-dev] " Rob Landley
2023-01-20 3:31 ` Rob Landley
2023-01-20 3:31 ` Rob Landley
2023-01-20 10:53 ` Segher Boessenkool [this message]
2023-01-20 10:53 ` Segher Boessenkool
2023-01-20 10:53 ` Segher Boessenkool
2023-01-20 10:53 ` [f2fs-dev] " Segher Boessenkool
2023-01-20 11:42 ` David Laight
2023-01-20 11:42 ` David Laight
2023-01-20 11:42 ` David Laight
2023-01-20 18:29 ` Michael.Karcher
2023-01-20 18:29 ` Michael.Karcher
2023-01-20 18:29 ` Michael.Karcher
2023-01-20 18:29 ` [f2fs-dev] " Michael.Karcher
2023-01-20 8:49 ` John Paul Adrian Glaubitz
2023-01-20 8:49 ` John Paul Adrian Glaubitz
2023-01-20 8:49 ` John Paul Adrian Glaubitz
2023-01-20 8:49 ` [f2fs-dev] " John Paul Adrian Glaubitz
2023-01-20 19:29 ` Michael Karcher
2023-01-20 19:29 ` Michael Karcher
2023-01-20 19:29 ` Michael Karcher
2023-01-21 21:26 ` John Paul Adrian Glaubitz
2023-01-21 21:26 ` John Paul Adrian Glaubitz
2023-01-21 21:26 ` John Paul Adrian Glaubitz
2023-01-21 21:26 ` [f2fs-dev] " John Paul Adrian Glaubitz
2023-01-06 15:39 ` Alex Deucher
2023-01-06 15:39 ` Alex Deucher
2023-01-06 15:39 ` Alex Deucher
2023-01-06 15:39 ` [f2fs-dev] " Alex Deucher
2023-01-04 19:01 ` Linux 6.2-rc1 Pali Rohár
2023-01-04 19:25 ` Linus Torvalds
2023-01-04 20:56 ` Pali Rohár
2023-01-04 21:27 ` Pali Rohár
2023-01-04 21:32 ` Linus Torvalds
2023-01-04 21:43 ` Jens Axboe
2023-01-05 11:25 ` Greg Kroah-Hartman
2023-01-05 15:26 ` Jens Axboe
2023-01-05 17:42 ` Pali Rohár
2023-01-05 17:45 ` Jens Axboe
2023-01-05 19:06 ` Linus Torvalds
2023-01-05 19:22 ` Pali Rohár
2023-01-05 19:40 ` Jens Axboe
2023-01-05 20:03 ` Linus Torvalds
2023-01-05 20:33 ` Jens Axboe
2023-01-06 16:58 ` Pali Rohár
2023-01-06 17:04 ` Jens Axboe
2023-01-28 19:34 ` pktcdvd Pali Rohár
2023-01-28 19:43 ` pktcdvd Linus Torvalds
2023-01-29 21:53 ` pktcdvd Jens Axboe
2023-01-29 21:55 ` pktcdvd Jens Axboe
2023-01-29 22:21 ` pktcdvd Pali Rohár
2023-01-29 22:34 ` pktcdvd Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230120105341.GI25951@gate.crashing.org \
--to=segher@kernel.crashing.org \
--cc=Michael.Karcher@fu-berlin.de \
--cc=amd-gfx@lists.freedesktop.org \
--cc=arnd@arndb.de \
--cc=geert@linux-m68k.org \
--cc=glaubitz@physik.fu-berlin.de \
--cc=kasan-dev@googlegroups.com \
--cc=kernel@mkarcher.dialup.fu-berlin.de \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=linux-xtensa@linux-xtensa.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=rob@landley.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.