From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-oi0-f68.google.com ([209.85.218.68]:53745 "EHLO mail-oi0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752156AbdI1ObB (ORCPT ); Thu, 28 Sep 2017 10:31:01 -0400 MIME-Version: 1.0 In-Reply-To: <2631e8a6-03f2-69ea-d889-afd9a345e7ef@virtuozzo.com> References: <20170922212930.620249-1-arnd@arndb.de> <20170922212930.620249-5-arnd@arndb.de> <063D6719AE5E284EB5DD2968C1650D6DD007F521@AcuExch.aculab.com> <2631e8a6-03f2-69ea-d889-afd9a345e7ef@virtuozzo.com> From: Arnd Bergmann Date: Thu, 28 Sep 2017 07:30:59 -0700 Message-ID: (sfid-20170928_163219_315372_51132E1E) Subject: Re: [PATCH v4 4/9] em28xx: fix em28xx_dvb_init for KASAN To: Andrey Ryabinin Cc: David Laight , Mauro Carvalho Chehab , Jiri Pirko , Arend van Spriel , Kalle Valo , "David S. Miller" , Alexander Potapenko , Dmitry Vyukov , Masahiro Yamada , Michal Marek , Andrew Morton , Kees Cook , Geert Uytterhoeven , Greg Kroah-Hartman , "linux-media@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "netdev@vger.kernel.org" , "linux-wireless@vger.kernel.org" , "brcm80211-dev-list.pdl@broadcom.com" , "brcm80211-dev-list@cypress.com" , "kasan-dev@googlegroups.com" , "linux-kbuild@vger.kernel.org" , Jakub Jelinek , =?UTF-8?Q?Martin_Li=C5=A1ka?= , "stable@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-wireless-owner@vger.kernel.org List-ID: On Thu, Sep 28, 2017 at 6:09 AM, Andrey Ryabinin wrote: > On 09/27/2017 04:26 PM, Arnd Bergmann wrote: >> On Tue, Sep 26, 2017 at 9:49 AM, Andrey Ryabinin >> wrote: >> --- a/include/linux/string.h >> +++ b/include/linux/string.h >> @@ -227,7 +227,7 @@ static inline const char *kbasename(const char *path) >> #define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline)) >> #define __RENAME(x) __asm__(#x) >> >> -void fortify_panic(const char *name) __noreturn __cold; >> +void fortify_panic(const char *name) __cold; >> void __read_overflow(void) __compiletime_error("detected read beyond >> size of object passed as 1st parameter"); >> void __read_overflow2(void) __compiletime_error("detected read beyond >> size of object passed as 2nd parameter"); >> void __read_overflow3(void) __compiletime_error("detected read beyond >> size of object passed as 3rd parameter"); >> >> I don't immediately see why the __noreturn changes the behavior here, any idea? >> > > > At first I thought that this somehow might be related to __asan_handle_no_return(). GCC calls it > before noreturn function. So I made patch to remove generation of these calls (we don't need them in the kernel anyway) > but it didn't help. It must be something else than. I made a reduced test case yesterday (see http://paste.ubuntu.com/25628030/), and it shows the same behavior with and without the sanitizer, it uses 128 bytes without the noreturn attribute and 480 bytes when its added, the sanitizer adds a factor of 1.5x on top. It's possible that I did something wrong while reducing, since the original driver file uses very little stack (a few hundred bytes) without -fsanitize=kernel-address, but finding out what happens in the reduced case may still help understand the other one. Arnd From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arnd Bergmann Subject: Re: [PATCH v4 4/9] em28xx: fix em28xx_dvb_init for KASAN Date: Thu, 28 Sep 2017 07:30:59 -0700 Message-ID: References: <20170922212930.620249-1-arnd@arndb.de> <20170922212930.620249-5-arnd@arndb.de> <063D6719AE5E284EB5DD2968C1650D6DD007F521@AcuExch.aculab.com> <2631e8a6-03f2-69ea-d889-afd9a345e7ef@virtuozzo.com> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Cc: David Laight , Mauro Carvalho Chehab , Jiri Pirko , Arend van Spriel , Kalle Valo , "David S. Miller" , Alexander Potapenko , Dmitry Vyukov , Masahiro Yamada , Michal Marek , Andrew Morton , Kees Cook , Geert Uytterhoeven , Greg Kroah-Hartman , "linux-media@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "netdev@vger.kernel.org" , "linux-wireless@v To: Andrey Ryabinin Return-path: In-Reply-To: <2631e8a6-03f2-69ea-d889-afd9a345e7ef@virtuozzo.com> Sender: linux-media-owner@vger.kernel.org List-Id: netdev.vger.kernel.org On Thu, Sep 28, 2017 at 6:09 AM, Andrey Ryabinin wrote: > On 09/27/2017 04:26 PM, Arnd Bergmann wrote: >> On Tue, Sep 26, 2017 at 9:49 AM, Andrey Ryabinin >> wrote: >> --- a/include/linux/string.h >> +++ b/include/linux/string.h >> @@ -227,7 +227,7 @@ static inline const char *kbasename(const char *path) >> #define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline)) >> #define __RENAME(x) __asm__(#x) >> >> -void fortify_panic(const char *name) __noreturn __cold; >> +void fortify_panic(const char *name) __cold; >> void __read_overflow(void) __compiletime_error("detected read beyond >> size of object passed as 1st parameter"); >> void __read_overflow2(void) __compiletime_error("detected read beyond >> size of object passed as 2nd parameter"); >> void __read_overflow3(void) __compiletime_error("detected read beyond >> size of object passed as 3rd parameter"); >> >> I don't immediately see why the __noreturn changes the behavior here, any idea? >> > > > At first I thought that this somehow might be related to __asan_handle_no_return(). GCC calls it > before noreturn function. So I made patch to remove generation of these calls (we don't need them in the kernel anyway) > but it didn't help. It must be something else than. I made a reduced test case yesterday (see http://paste.ubuntu.com/25628030/), and it shows the same behavior with and without the sanitizer, it uses 128 bytes without the noreturn attribute and 480 bytes when its added, the sanitizer adds a factor of 1.5x on top. It's possible that I did something wrong while reducing, since the original driver file uses very little stack (a few hundred bytes) without -fsanitize=kernel-address, but finding out what happens in the reduced case may still help understand the other one. Arnd