[PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[Alexander Popov]

Currently the 'stackleak_cleanup' pass deleting a CALL insn is executed
after the 'reload' pass. That allows gcc to do some weird optimization in
function prologues and epilogues, which are generated later [1].

Let's avoid that by registering the 'stackleak_cleanup' pass before
the 'mach' pass, which performs the machine dependent code transformations.
It's the moment when the stack frame size is final and function prologues
and epilogues are already generated.

[1] https://www.openwall.com/lists/kernel-hardening/2018/11/23/2

Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Alexander Popov <alex.popov@linux.com>
---
 scripts/gcc-plugins/stackleak_plugin.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/scripts/gcc-plugins/stackleak_plugin.c b/scripts/gcc-plugins/stackleak_plugin.c
index 2f48da9..6f41b32 100644
--- a/scripts/gcc-plugins/stackleak_plugin.c
+++ b/scripts/gcc-plugins/stackleak_plugin.c
@@ -363,10 +363,12 @@ __visible int plugin_init(struct plugin_name_args *plugin_info,
 						PASS_POS_INSERT_BEFORE);
 
 	/*
-	 * The stackleak_cleanup pass should be executed after the
-	 * "reload" pass, when the stack frame size is final.
+	 * The stackleak_cleanup pass should be executed before the "mach"
+	 * pass, which performs the machine dependent code transformations.
+	 * It's the moment when the stack frame size is already final and
+	 * function prologues and epilogues are generated.
 	 */
-	PASS_INFO(stackleak_cleanup, "reload", 1, PASS_POS_INSERT_AFTER);
+	PASS_INFO(stackleak_cleanup, "mach", 1, PASS_POS_INSERT_BEFORE);
 
 	if (!plugin_default_version_check(version, &gcc_version)) {
 		error(G_("incompatible gcc/plugin versions"));
-- 
2.7.4

Re: [PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[Kees Cook]

On Fri, Nov 30, 2018 at 5:20 AM Alexander Popov <alex.popov@linux.com> wrote:
>
> Currently the 'stackleak_cleanup' pass deleting a CALL insn is executed
> after the 'reload' pass. That allows gcc to do some weird optimization in
> function prologues and epilogues, which are generated later [1].
>
> Let's avoid that by registering the 'stackleak_cleanup' pass before
> the 'mach' pass, which performs the machine dependent code transformations.
> It's the moment when the stack frame size is final and function prologues
> and epilogues are already generated.
>
> [1] https://www.openwall.com/lists/kernel-hardening/2018/11/23/2
>
> Reported-by: kbuild test robot <lkp@intel.com>
> Signed-off-by: Alexander Popov <alex.popov@linux.com>

Thanks, applied!

-Kees

> ---
>  scripts/gcc-plugins/stackleak_plugin.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/scripts/gcc-plugins/stackleak_plugin.c b/scripts/gcc-plugins/stackleak_plugin.c
> index 2f48da9..6f41b32 100644
> --- a/scripts/gcc-plugins/stackleak_plugin.c
> +++ b/scripts/gcc-plugins/stackleak_plugin.c
> @@ -363,10 +363,12 @@ __visible int plugin_init(struct plugin_name_args *plugin_info,
>                                                 PASS_POS_INSERT_BEFORE);
>
>         /*
> -        * The stackleak_cleanup pass should be executed after the
> -        * "reload" pass, when the stack frame size is final.
> +        * The stackleak_cleanup pass should be executed before the "mach"
> +        * pass, which performs the machine dependent code transformations.
> +        * It's the moment when the stack frame size is already final and
> +        * function prologues and epilogues are generated.
>          */
> -       PASS_INFO(stackleak_cleanup, "reload", 1, PASS_POS_INSERT_AFTER);
> +       PASS_INFO(stackleak_cleanup, "mach", 1, PASS_POS_INSERT_BEFORE);
>
>         if (!plugin_default_version_check(version, &gcc_version)) {
>                 error(G_("incompatible gcc/plugin versions"));
> --
> 2.7.4
>


-- 
Kees Cook

Re: [PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[Kees Cook]

On Fri, Nov 30, 2018 at 9:09 AM Kees Cook <keescook@chromium.org> wrote:
>
> On Fri, Nov 30, 2018 at 5:20 AM Alexander Popov <alex.popov@linux.com> wrote:
> >
> > Currently the 'stackleak_cleanup' pass deleting a CALL insn is executed
> > after the 'reload' pass. That allows gcc to do some weird optimization in
> > function prologues and epilogues, which are generated later [1].
> >
> > Let's avoid that by registering the 'stackleak_cleanup' pass before
> > the 'mach' pass, which performs the machine dependent code transformations.
> > It's the moment when the stack frame size is final and function prologues
> > and epilogues are already generated.
> >
> > [1] https://www.openwall.com/lists/kernel-hardening/2018/11/23/2
> >
> > Reported-by: kbuild test robot <lkp@intel.com>
> > Signed-off-by: Alexander Popov <alex.popov@linux.com>
>
> Thanks, applied!

Eek, no, this is breaking my build badly:

*** WARNING *** there are active plugins, do not report this as a bug
unless you can reproduce it without enabling any plugins.
Event                            | Plugins
PLUGIN_START_UNIT                | stackleak_plugin
kernel/exit.c: In function ‘release_task’:
kernel/exit.c:228:1: internal compiler error: Segmentation fault
 }

Failing with:

gcc (Ubuntu 7.3.0-16ubuntu3) 7.3.0

-Kees

>
> -Kees
>
> > ---
> >  scripts/gcc-plugins/stackleak_plugin.c | 8 +++++---
> >  1 file changed, 5 insertions(+), 3 deletions(-)
> >
> > diff --git a/scripts/gcc-plugins/stackleak_plugin.c b/scripts/gcc-plugins/stackleak_plugin.c
> > index 2f48da9..6f41b32 100644
> > --- a/scripts/gcc-plugins/stackleak_plugin.c
> > +++ b/scripts/gcc-plugins/stackleak_plugin.c
> > @@ -363,10 +363,12 @@ __visible int plugin_init(struct plugin_name_args *plugin_info,
> >                                                 PASS_POS_INSERT_BEFORE);
> >
> >         /*
> > -        * The stackleak_cleanup pass should be executed after the
> > -        * "reload" pass, when the stack frame size is final.
> > +        * The stackleak_cleanup pass should be executed before the "mach"
> > +        * pass, which performs the machine dependent code transformations.
> > +        * It's the moment when the stack frame size is already final and
> > +        * function prologues and epilogues are generated.
> >          */
> > -       PASS_INFO(stackleak_cleanup, "reload", 1, PASS_POS_INSERT_AFTER);
> > +       PASS_INFO(stackleak_cleanup, "mach", 1, PASS_POS_INSERT_BEFORE);
> >
> >         if (!plugin_default_version_check(version, &gcc_version)) {
> >                 error(G_("incompatible gcc/plugin versions"));
> > --
> > 2.7.4
> >
>
>
> --
> Kees Cook



-- 
Kees Cook

Re: [PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[Alexander Popov]

On 30.11.2018 20:12, Kees Cook wrote:
> On Fri, Nov 30, 2018 at 9:09 AM Kees Cook <keescook@chromium.org> wrote:
>>
>> On Fri, Nov 30, 2018 at 5:20 AM Alexander Popov <alex.popov@linux.com> wrote:
>>>
>>> Currently the 'stackleak_cleanup' pass deleting a CALL insn is executed
>>> after the 'reload' pass. That allows gcc to do some weird optimization in
>>> function prologues and epilogues, which are generated later [1].
>>>
>>> Let's avoid that by registering the 'stackleak_cleanup' pass before
>>> the 'mach' pass, which performs the machine dependent code transformations.
>>> It's the moment when the stack frame size is final and function prologues
>>> and epilogues are already generated.
>>>
>>> [1] https://www.openwall.com/lists/kernel-hardening/2018/11/23/2
>>>
>>> Reported-by: kbuild test robot <lkp@intel.com>
>>> Signed-off-by: Alexander Popov <alex.popov@linux.com>
>>
>> Thanks, applied!
> 
> Eek, no, this is breaking my build badly:
> 
> *** WARNING *** there are active plugins, do not report this as a bug
> unless you can reproduce it without enabling any plugins.
> Event                            | Plugins
> PLUGIN_START_UNIT                | stackleak_plugin
> kernel/exit.c: In function ‘release_task’:
> kernel/exit.c:228:1: internal compiler error: Segmentation fault
>  }
> 
> Failing with:
> 
> gcc (Ubuntu 7.3.0-16ubuntu3) 7.3.0

Nice... I don't reproduce it with gcc-7.3 built from source.
I'll investigate this, return with details and we'll decide what to do.

Thanks,
Alexander

Re: [PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[kbuild test robot]

[-- Attachment #1: Type: text/plain, Size: 30864 bytes --]

Hi Alexander,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on linus/master]
[also build test ERROR on v4.20-rc4 next-20181130]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Alexander-Popov/stackleak-Register-the-stackleak_cleanup-pass-before-the-mach-pass/20181201-092818
config: x86_64-allmodconfig (attached as .config)
compiler: gcc-7 (Debian 7.3.0-1) 7.3.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=x86_64 

All error/warnings (new ones prefixed by >>):

>> drivers/scsi/fnic/fnic_fcs.c:38:37: error: invalid initializer
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   drivers/scsi/fnic/cq_enet_desc.h:142:39: warning: restricted __le16 degrades to integer
   include/scsi/fc/fc_fcoe.h:101:36: warning: cast truncates bits from constant value (efc becomes fc)
   include/scsi/fc/fc_fcoe.h:102:23: warning: cast truncates bits from constant value (efc00 becomes 0)
   drivers/scsi/fnic/fnic_fcs.c:1316:6: warning: context imbalance in 'fnic_handle_fip_timer' - different lock contexts for basic block
--
   drivers/soc/qcom/smem.c:413:16: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:413:16:    expected struct smem_header *header
   drivers/soc/qcom/smem.c:413:16:    got void [noderef] <asn:2>*virt_base
   drivers/soc/qcom/smem.c:498:16: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:498:16:    expected struct smem_header *header
   drivers/soc/qcom/smem.c:498:16:    got void [noderef] <asn:2>*virt_base
   drivers/soc/qcom/smem.c:511:50: warning: incorrect type in return expression (different address spaces)
   drivers/soc/qcom/smem.c:511:50:    expected void *
   drivers/soc/qcom/smem.c:511:50:    got void [noderef] <asn:2>*
   drivers/soc/qcom/smem.c:646:24: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:646:24:    expected struct smem_header *header
   drivers/soc/qcom/smem.c:646:24:    got void [noderef] <asn:2>*virt_base
>> drivers/soc/qcom/smem.c:668:23: error: incompatible types in comparison expression (different address spaces)
   drivers/soc/qcom/smem.c:670:23: error: incompatible types in comparison expression (different address spaces)
>> drivers/soc/qcom/smem.c:671:40: error: subtraction of different types can't work (different address spaces)
   drivers/soc/qcom/smem.c:686:16: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:686:16:    expected struct smem_header *header
   drivers/soc/qcom/smem.c:686:16:    got void [noderef] <asn:2>*virt_base
   drivers/soc/qcom/smem.c:697:16: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:697:16:    expected struct smem_ptable *ptable
   drivers/soc/qcom/smem.c:697:16:    got void [noderef] <asn:2>*
   drivers/soc/qcom/smem.c:719:57: warning: restricted __le32 degrades to integer
   drivers/soc/qcom/smem.c:738:16: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:738:16:    expected struct smem_partition_header *header
   drivers/soc/qcom/smem.c:738:16:    got void [noderef] <asn:2>*
   drivers/soc/qcom/smem.c:933:16: warning: incorrect type in assignment (different address spaces)
   drivers/soc/qcom/smem.c:933:16:    expected struct smem_header *header
   drivers/soc/qcom/smem.c:933:16:    got void [noderef] <asn:2>*virt_base
--
   kernel//trace/ftrace.c:1073:43:    expected struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1073:43:    got struct ftrace_hash *<noident>
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:1295:40: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:1295:40:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1295:40:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1296:40: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:1296:40:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1296:40:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:1957:54: warning: incorrect type in initializer (different address spaces)
   kernel//trace/ftrace.c:1957:54:    expected struct ftrace_hash *old_hash
   kernel//trace/ftrace.c:1957:54:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1488:39: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:1488:39:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1488:39:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1489:40: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:1489:40:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1489:40:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1490:40: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:1490:40:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1490:40:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:1491:42: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:1491:42:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1491:42:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:1635:18: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:1635:18:    expected struct ftrace_ops *ops
   kernel//trace/ftrace.c:1635:18:    got struct ftrace_ops [noderef] <asn:4>*static [addressable] [toplevel] ftrace_ops_list
   kernel//trace/ftrace.c:1636:43: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:1636:43:    expected struct ftrace_ops *ops
   kernel//trace/ftrace.c:1636:43:    got struct ftrace_ops [noderef] <asn:4>*next
   kernel//trace/ftrace.c:1677:22: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:1677:22:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1677:22:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1678:28: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:1678:28:    expected struct ftrace_hash *other_hash
   kernel//trace/ftrace.c:1678:28:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:1683:22: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:1683:22:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1683:22:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:1684:28: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:1684:28:    expected struct ftrace_hash *other_hash
   kernel//trace/ftrace.c:1684:28:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1935:50: warning: incorrect type in initializer (different address spaces)
   kernel//trace/ftrace.c:1935:50:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1935:50:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:1946:50: warning: incorrect type in initializer (different address spaces)
   kernel//trace/ftrace.c:1946:50:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:1946:50:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:2661:13: warning: symbol 'arch_ftrace_trampoline_free' was not declared. Should it be static?
   kernel//trace/ftrace.c:3020:24: warning: Using plain integer as NULL pointer
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:3112:14: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:3112:14:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:3112:14:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:3121:22: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:3121:22:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:3121:22:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:3415:6: warning: symbol 'arch_ftrace_trampoline_func' was not declared. Should it be static?
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:3573:22: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:3573:22:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:3573:22:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:3576:22: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:3576:22:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:3576:22:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:3654:6: warning: symbol 'arch_ftrace_match_adjust' was not declared. Should it be static?
   kernel//trace/ftrace.c:3940:27: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:3940:27:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:3940:27:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   kernel//trace/ftrace.c:3942:27: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:3942:27:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:3942:27:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:4307:19: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4307:19:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:4307:19:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   kernel//trace/ftrace.c:4444:19: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4444:19:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:4444:19:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   kernel//trace/ftrace.c:4450:34: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4450:34:    expected struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:4450:34:    got struct ftrace_hash *[assigned] old_hash
   kernel//trace/ftrace.c:4702:27: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4702:27:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:4702:27:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   kernel//trace/ftrace.c:4704:27: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4704:27:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:4704:27:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   kernel//trace/ftrace.c:4741:37: warning: Using plain integer as NULL pointer
   kernel//trace/ftrace.c:4988:35: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4988:35:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:4988:35:    got struct ftrace_hash [noderef] <asn:4>**<noident>
   kernel//trace/ftrace.c:4992:35: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:4992:35:    expected struct ftrace_hash **orig_hash
   kernel//trace/ftrace.c:4992:35:    got struct ftrace_hash [noderef] <asn:4>**<noident>
>> kernel//trace/ftrace.c:5109:29: error: incompatible types in comparison expression (different address spaces)
   kernel//trace/ftrace.c:5112:29: error: incompatible types in comparison expression (different address spaces)
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:5226:21: error: incompatible types in comparison expression (different address spaces)
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:5254:21: error: incompatible types in comparison expression (different address spaces)
   kernel//trace/ftrace.c:5305:36: error: incompatible types in comparison expression (different address spaces)
   kernel//trace/ftrace.c:5309:36: error: incompatible types in comparison expression (different address spaces)
   kernel//trace/ftrace.c:5628:18: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:5628:18:    expected struct ftrace_ops *ops
   kernel//trace/ftrace.c:5628:18:    got struct ftrace_ops [noderef] <asn:4>*static [addressable] [toplevel] ftrace_ops_list
   kernel//trace/ftrace.c:2884:48: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:2884:48:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:2884:48:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:2885:49: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:2885:49:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:2885:49:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:2907:46: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:2907:46:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:2907:46:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:2908:47: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:2908:47:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:2908:47:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:2912:44: warning: incorrect type in argument 1 (different address spaces)
   kernel//trace/ftrace.c:2912:44:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:2912:44:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   kernel//trace/ftrace.c:5628:66: warning: incorrect type in assignment (different address spaces)
   kernel//trace/ftrace.c:5628:66:    expected struct ftrace_ops *ops
   kernel//trace/ftrace.c:5628:66:    got struct ftrace_ops [noderef] <asn:4>*next
   kernel//trace/ftrace.c:5669:59: warning: incorrect type in argument 2 (different address spaces)
   kernel//trace/ftrace.c:5669:59:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:5669:59:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:5670:59: warning: incorrect type in argument 2 (different address spaces)
   kernel//trace/ftrace.c:5670:59:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:5670:59:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:6027:62: warning: incorrect type in argument 2 (different address spaces)
   kernel//trace/ftrace.c:6027:62:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:6027:62:    got struct ftrace_hash [noderef] <asn:4>*filter_hash
   kernel//trace/ftrace.c:6028:62: warning: incorrect type in argument 2 (different address spaces)
   kernel//trace/ftrace.c:6028:62:    expected struct ftrace_hash *hash
   kernel//trace/ftrace.c:6028:62:    got struct ftrace_hash [noderef] <asn:4>*notrace_hash
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:6074:36: error: incompatible types in comparison expression (different address spaces)
   kernel//trace/ftrace.c:6163:13: warning: symbol 'arch_ftrace_update_trampoline' was not declared. Should it be static?
   kernel//trace/ftrace.c:6774:5: warning: symbol 'ftrace_graph_entry_stub' was not declared. Should it be static?
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   kernel//trace/ftrace.c:235:20: warning: dereference of noderef expression
   kernel//trace/ftrace.c:235:20: warning: dereference of noderef expression
   kernel//trace/ftrace.c:235:20: warning: dereference of noderef expression
--
>> net/ipv4/netfilter/nf_nat_snmp_basic_main.c:223:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_snmp_basic_main.c:230:9: error: incompatible types in comparison expression (different address spaces)
--
>> net/ipv4/netfilter/nf_nat_h323.c:596:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:597:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:598:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:599:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:600:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:601:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:602:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:603:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:604:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:613:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:614:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:615:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:616:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:617:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:618:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:619:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:620:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_h323.c:621:9: error: incompatible types in comparison expression (different address spaces)
--
>> net/ipv4/netfilter/nf_nat_pptp.c:305:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:308:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:311:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:314:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:320:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:321:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:322:9: error: incompatible types in comparison expression (different address spaces)
   net/ipv4/netfilter/nf_nat_pptp.c:323:9: error: incompatible types in comparison expression (different address spaces)
--
>> include/linux/rculist_bl.h:24:33: error: incompatible types in comparison expression (different address spaces)
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
   fs//gfs2/quota.c:315:9: warning: context imbalance in 'qd_put' - unexpected unlock
--
>> net/xfrm/xfrm_input.c:74:21: error: incompatible types in comparison expression (different address spaces)
   net/xfrm/xfrm_input.c:96:9: warning: context imbalance in 'xfrm_input_get_afinfo' - different lock contexts for basic block
   include/linux/rcupdate.h:659:9: warning: context imbalance in 'xfrm_rcv_cb' - unexpected unlock
--
>> include/net/xfrm.h:1806:16: error: incompatible types in comparison expression (different address spaces)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:826:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:835:42: warning: incorrect type in argument 1 (different address spaces)
   net/xfrm/xfrm_state.c:835:42:    expected struct xfrm_state [noderef] <asn:4>*x
   net/xfrm/xfrm_state.c:835:42:    got struct xfrm_state *[assigned] x
   net/xfrm/xfrm_state.c:52:39: warning: incorrect type in argument 1 (different address spaces)
   net/xfrm/xfrm_state.c:52:39:    expected struct refcount_struct [usertype] *r
   net/xfrm/xfrm_state.c:52:39:    got struct refcount_struct [noderef] <asn:4>*<noident>
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:851:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:860:42: warning: incorrect type in argument 1 (different address spaces)
   net/xfrm/xfrm_state.c:860:42:    expected struct xfrm_state [noderef] <asn:4>*x
   net/xfrm/xfrm_state.c:860:42:    got struct xfrm_state *[assigned] x
   net/xfrm/xfrm_state.c:52:39: warning: incorrect type in argument 1 (different address spaces)
   net/xfrm/xfrm_state.c:52:39:    expected struct refcount_struct [usertype] *r
   net/xfrm/xfrm_state.c:52:39:    got struct refcount_struct [noderef] <asn:4>*<noident>
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:953:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:970:9: warning: cast removes address space of expression (<asn:4>)
   net/xfrm/xfrm_state.c:1028:77: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1028:77:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1028:77:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1030:77: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1030:77:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1030:77:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1033:85: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1033:85:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1033:85:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1049:42: warning: incorrect type in argument 1 (different address spaces)
   net/xfrm/xfrm_state.c:1049:42:    expected struct xfrm_state [noderef] <asn:4>*x
   net/xfrm/xfrm_state.c:1049:42:    got struct xfrm_state *[assigned] x
   net/xfrm/xfrm_state.c:52:39: warning: incorrect type in argument 1 (different address spaces)
   net/xfrm/xfrm_state.c:52:39:    expected struct refcount_struct [usertype] *r
   net/xfrm/xfrm_state.c:52:39:    got struct refcount_struct [noderef] <asn:4>*<noident>
   net/xfrm/xfrm_state.c:1136:61: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1136:61:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1136:61:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1139:61: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1139:61:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1139:61:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1145:69: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1145:69:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1145:69:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1257:69: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1257:69:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1257:69:    got struct hlist_head [noderef] <asn:4>*
   net/xfrm/xfrm_state.c:1259:69: warning: incorrect type in argument 2 (different address spaces)
   net/xfrm/xfrm_state.c:1259:69:    expected struct hlist_head *h
   net/xfrm/xfrm_state.c:1259:69:    got struct hlist_head [noderef] <asn:4>*
   include/linux/slab.h:332:43: warning: dubious: x & !y
   net/xfrm/xfrm_state.c:1814:69: warning: incorrect type in argument 2 (different address spaces)
..

vim +38 drivers/scsi/fnic/fnic_fcs.c

5df6d737d Abhijeet Joglekar 2009-04-17  37  
86001f248 Hiral Shah        2014-05-02 @38  static u8 fcoe_all_fcfs[ETH_ALEN] = FIP_ALL_FCF_MACS;
d3c995f1d Hiral Patel       2013-02-25  39  struct workqueue_struct *fnic_fip_queue;
5df6d737d Abhijeet Joglekar 2009-04-17  40  struct workqueue_struct *fnic_event_queue;
5df6d737d Abhijeet Joglekar 2009-04-17  41  

:::::: The code at line 38 was first introduced by commit
:::::: 86001f248e943b7b22c22b50151ffaee9447df2d fnic: assign FIP_ALL_FCF_MACS to fcoe_all_fcfs

:::::: TO: Hiral Shah <hishah@cisco.com>
:::::: CC: Christoph Hellwig <hch@lst.de>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 66640 bytes --]

Re: [PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[Alexander Popov]

On 30.11.2018 20:12, Kees Cook wrote:
> On Fri, Nov 30, 2018 at 9:09 AM Kees Cook <keescook@chromium.org> wrote:
>>
>> On Fri, Nov 30, 2018 at 5:20 AM Alexander Popov <alex.popov@linux.com> wrote:
>>>
>>> Currently the 'stackleak_cleanup' pass deleting a CALL insn is executed
>>> after the 'reload' pass. That allows gcc to do some weird optimization in
>>> function prologues and epilogues, which are generated later [1].
>>>
>>> Let's avoid that by registering the 'stackleak_cleanup' pass before
>>> the 'mach' pass, which performs the machine dependent code transformations.
>>> It's the moment when the stack frame size is final and function prologues
>>> and epilogues are already generated.
>>>
>>> [1] https://www.openwall.com/lists/kernel-hardening/2018/11/23/2
>>>
>>> Reported-by: kbuild test robot <lkp@intel.com>
>>> Signed-off-by: Alexander Popov <alex.popov@linux.com>
>>
>> Thanks, applied!
> 
> Eek, no, this is breaking my build badly:
> 
> *** WARNING *** there are active plugins, do not report this as a bug
> unless you can reproduce it without enabling any plugins.
> Event                            | Plugins
> PLUGIN_START_UNIT                | stackleak_plugin
> kernel/exit.c: In function ‘release_task’:
> kernel/exit.c:228:1: internal compiler error: Segmentation fault
>  }
> 
> Failing with:
> 
> gcc (Ubuntu 7.3.0-16ubuntu3) 7.3.0

I've done debugging of gcc with gdb and now understand my mistake.

It turned out that I register the 'stackleak_cleanup' pass deleting CALL insn
for that particular moment when the control flow graph is inconsistent.

That's what the machine-specific reorg passes do on various architectures:

  /* We are freeing block_for_insn in the toplev to keep compatibility
     with old MDEP_REORGS that are not CFG based.  Recompute it now.  */
  compute_bb_for_insn ();

So recomputing basic block info for insns before calling delete_insn_and_edges()
fixes the issue.

But I think it's better to register the 'stackleak_cleanup' pass just one pass
earlier -- before the '*free_cfg' pass. I'll double check it for different
versions of gcc on all supported architectures and return with a new patch.

Best regards,
Alexander

Re: [PATCH 1/1] stackleak: Register the 'stackleak_cleanup' pass before the 'mach' pass

[Alexander Popov]

On 03.12.2018 21:25, Alexander Popov wrote:
> But I think it's better to register the 'stackleak_cleanup' pass just one pass
> earlier -- before the '*free_cfg' pass. I'll double check it for different
> versions of gcc on all supported architectures and return with a new patch.

I've tested this idea for gcc-5,6,7,8 on x86_64, x86_32, and arm64.
I'll send the patch soon.

Best regards,
Alexander