[PATCH] [RFC] blk-iocost stringop-overread warning workaround

[PATCH] [RFC] blk-iocost stringop-overread warning workaround

[Arnd Bergmann]

From: Arnd Bergmann <arnd@arndb.de>

In some randconfig builds with gcc-11, I get a warning from
the fortified string helpers:

In function 'memcpy',
    inlined from 'ioc_cost_model_write' at block/blk-iocost.c:3345:2:
include/linux/fortify-string.h:20:33: error: '__builtin_memcpy' reading 48 bytes from a region of size 0 [-Werror=stringop-overread]
   20 | #define __underlying_memcpy     __builtin_memcpy
      |                                 ^
include/linux/fortify-string.h:191:16: note: in expansion of macro '__underlying_memcpy'
  191 |         return __underlying_memcpy(p, q, size);
      |                ^~~~~~~~~~~~~~~~~~~

I don't see anything wrong in the code itself, so I suspect it's
gcc doing something weird again. The only way I could find to make
this warning go away is to hide the object using the RELOC_HIDE()
macro, but this is really ugly and I hope someone has a better
idea.

Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
 block/blk-iocost.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/block/blk-iocost.c b/block/blk-iocost.c
index b3880e4ba22a..51f641840ed9 100644
--- a/block/blk-iocost.c
+++ b/block/blk-iocost.c
@@ -3173,6 +3173,7 @@ static ssize_t ioc_qos_write(struct kernfs_open_file *of, char *input,
 		ioc = q_to_ioc(bdev->bd_disk->queue);
 	}
 
+	ioc = RELOC_HIDE(ioc, 0);
 	spin_lock_irq(&ioc->lock);
 	memcpy(qos, ioc->params.qos, sizeof(qos));
 	enable = ioc->enabled;
@@ -3340,6 +3341,7 @@ static ssize_t ioc_cost_model_write(struct kernfs_open_file *of, char *input,
 		ioc = q_to_ioc(bdev->bd_disk->queue);
 	}
 
+	ioc = RELOC_HIDE(ioc, 0);
 	spin_lock_irq(&ioc->lock);
 	memcpy(u, ioc->params.i_lcoefs, sizeof(u));
 	user = ioc->user_cost_model;
-- 
2.29.2

Re: [PATCH] [RFC] blk-iocost stringop-overread warning workaround

[Arnd Bergmann]

On Mon, Sep 20, 2021 at 3:15 PM Arnd Bergmann <arnd@kernel.org> wrote:
>
> From: Arnd Bergmann <arnd@arndb.de>
>
> In some randconfig builds with gcc-11, I get a warning from
> the fortified string helpers:
>
> In function 'memcpy',
>     inlined from 'ioc_cost_model_write' at block/blk-iocost.c:3345:2:
> include/linux/fortify-string.h:20:33: error: '__builtin_memcpy' reading 48 bytes from a region of size 0 [-Werror=stringop-overread]
>    20 | #define __underlying_memcpy     __builtin_memcpy
>       |                                 ^
> include/linux/fortify-string.h:191:16: note: in expansion of macro '__underlying_memcpy'
>   191 |         return __underlying_memcpy(p, q, size);
>       |                ^~~~~~~~~~~~~~~~~~~
>
> I don't see anything wrong in the code itself, so I suspect it's
> gcc doing something weird again. The only way I could find to make
> this warning go away is to hide the object using the RELOC_HIDE()
> macro, but this is really ugly and I hope someone has a better
> idea.
>
> Cc: Kees Cook <keescook@chromium.org>
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>

Please disregard my patch for now. After looking closer, I found that I had
applied a patch that accidentally removed the

KBUILD_CFLAGS  += -fno-delete-null-pointer-checks

line from the top-level Makefile. If I put that line back, the warning
disappears.

        Arnd