https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
--- Comment #8 from Andi Kleen ---
__builtin_constant_p does not cover variable range information, which is what
we're looking for here to prevent security bugs.
Also in my experience these explicit expressions tend to be somewhat fragile
and
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
--- Comment #7 from Alexander Monakov ---
This sounds like a separate problem that is solvable via __builtin_constant_p?
For example:
void link_error(void) __attribute__((error("size check failed")));
if (__builtin_constant_p(size) &&
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
--- Comment #6 from Andi Kleen ---
In the kernel there is also an upper limit on allocations.
Perhaps just a generic assert builtin that:
- uses value range information
- uses constant propagation
- is a nop when the compiler doesn't have
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
Alexander Monakov changed:
What|Removed |Added
CC||amonakov at gcc dot gnu.org
---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
--- Comment #4 from Andi Kleen ---
I tested it now and the inline trick doesn't work. Here's a test case
extern void *do_alloc(int a, int b);
static inline __attribute__((alloc_size(1))) void check_alloc_size(int size)
{
}
static inline void
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
--- Comment #3 from Andi Kleen ---
Hmm, that trick may work for the shift too. Let me try.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
Richard Biener changed:
What|Removed |Added
Severity|normal |enhancement
--- Comment #2 from
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80378
--- Comment #1 from Andi Kleen ---
Small correction: argument 4 would need to be a constant for shifted by.
