linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length
@ 2018-05-29  1:35 kbuild test robot
  2018-06-05 15:19 ` Andy Shevchenko
  0 siblings, 1 reply; 5+ messages in thread
From: kbuild test robot @ 2018-05-29  1:35 UTC (permalink / raw)
  To: Josh Poimboeuf; +Cc: kbuild-all, linux-kernel, Arnaldo Carvalho de Melo

[-- Attachment #1: Type: text/plain, Size: 3142 bytes --]

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   786b71f5b754273ccef6d9462e52062b3e1f9877
commit: 854e55ad289ef8888e7991f0ada85d5846f5afb9 objtool, perf: Fix GCC 8 -Wrestrict error
date:   2 months ago
config: x86_64-randconfig-s4-05290856 (attached as .config)
compiler: gcc-8 (Debian 8.1.0-3) 8.1.0
reproduce:
        git checkout 854e55ad289ef8888e7991f0ada85d5846f5afb9
        # save the attached .config to linux build tree
        make ARCH=x86_64 

All warnings (new ones prefixed by >>):

   In file included from include/linux/bitmap.h:9,
                    from include/linux/cpumask.h:12,
                    from arch/x86/include/asm/cpumask.h:5,
                    from arch/x86/include/asm/msr.h:11,
                    from arch/x86/include/asm/processor.h:21,
                    from arch/x86/include/asm/cpufeature.h:5,
                    from arch/x86/include/asm/thread_info.h:53,
                    from include/linux/thread_info.h:38,
                    from arch/x86/include/asm/preempt.h:7,
                    from include/linux/preempt.h:81,
                    from include/linux/spinlock.h:51,
                    from include/linux/seqlock.h:36,
                    from include/linux/time.h:6,
                    from include/linux/stat.h:19,
                    from include/linux/module.h:10,
                    from drivers/video/fbdev/uvesafb.c:12:
   In function 'strncpy',
       inlined from 'uvesafb_vbe_getinfo' at drivers/video/fbdev/uvesafb.c:425:2:
>> include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length [-Wstringop-truncation]
     return __builtin_strncpy(p, q, size);
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~

vim +/__builtin_strncpy +246 include/linux/string.h

6974f0c4 Daniel Micay 2017-07-12  237  
6974f0c4 Daniel Micay 2017-07-12  238  #if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE)
6974f0c4 Daniel Micay 2017-07-12  239  __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size)
6974f0c4 Daniel Micay 2017-07-12  240  {
6974f0c4 Daniel Micay 2017-07-12  241  	size_t p_size = __builtin_object_size(p, 0);
6974f0c4 Daniel Micay 2017-07-12  242  	if (__builtin_constant_p(size) && p_size < size)
6974f0c4 Daniel Micay 2017-07-12  243  		__write_overflow();
6974f0c4 Daniel Micay 2017-07-12  244  	if (p_size < size)
6974f0c4 Daniel Micay 2017-07-12  245  		fortify_panic(__func__);
6974f0c4 Daniel Micay 2017-07-12 @246  	return __builtin_strncpy(p, q, size);
6974f0c4 Daniel Micay 2017-07-12  247  }
6974f0c4 Daniel Micay 2017-07-12  248  

:::::: The code at line 246 was first introduced by commit
:::::: 6974f0c4555e285ab217cee58b6e874f776ff409 include/linux/string.h: add the option of fortified string.h functions

:::::: TO: Daniel Micay <danielmicay@gmail.com>
:::::: CC: Linus Torvalds <torvalds@linux-foundation.org>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 35030 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length
  2018-05-29  1:35 include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length kbuild test robot
@ 2018-06-05 15:19 ` Andy Shevchenko
  2018-06-05 15:30   ` Josh Poimboeuf
  0 siblings, 1 reply; 5+ messages in thread
From: Andy Shevchenko @ 2018-06-05 15:19 UTC (permalink / raw)
  To: kbuild test robot, Michal Januszewski, Bartlomiej Zolnierkiewicz
  Cc: Josh Poimboeuf, kbuild-all, Linux Kernel Mailing List,
	Arnaldo Carvalho de Melo

On Tue, May 29, 2018 at 4:35 AM, kbuild test robot <lkp@intel.com> wrote:
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> head:   786b71f5b754273ccef6d9462e52062b3e1f9877
> commit: 854e55ad289ef8888e7991f0ada85d5846f5afb9 objtool, perf: Fix GCC 8 -Wrestrict error
> date:   2 months ago
> config: x86_64-randconfig-s4-05290856 (attached as .config)
> compiler: gcc-8 (Debian 8.1.0-3) 8.1.0
> reproduce:
>         git checkout 854e55ad289ef8888e7991f0ada85d5846f5afb9
>         # save the attached .config to linux build tree
>         make ARCH=x86_64
>

I guess it's easy to fix by

--- a/drivers/video/fbdev/uvesafb.c
+++ b/drivers/video/fbdev/uvesafb.c
@@ -422,7 +422,7 @@ static int uvesafb_vbe_getinfo(struct uvesafb_ktask *task,
       task->t.flags = TF_VBEIB;
       task->t.buf_len = sizeof(struct vbe_ib);
       task->buf = &par->vbe_ib;
-       strncpy(par->vbe_ib.vbe_signature, "VBE2", 4);
+       snprintf(par->vbe_ib.vbe_signature,
sizeof(par->vbe_ib.vbe_signature), "VBE2");

The question is do we want this to just shut up a compiler? It's
obviously false positive.

> All warnings (new ones prefixed by >>):
>
>    In file included from include/linux/bitmap.h:9,
>                     from include/linux/cpumask.h:12,
>                     from arch/x86/include/asm/cpumask.h:5,
>                     from arch/x86/include/asm/msr.h:11,
>                     from arch/x86/include/asm/processor.h:21,
>                     from arch/x86/include/asm/cpufeature.h:5,
>                     from arch/x86/include/asm/thread_info.h:53,
>                     from include/linux/thread_info.h:38,
>                     from arch/x86/include/asm/preempt.h:7,
>                     from include/linux/preempt.h:81,
>                     from include/linux/spinlock.h:51,
>                     from include/linux/seqlock.h:36,
>                     from include/linux/time.h:6,
>                     from include/linux/stat.h:19,
>                     from include/linux/module.h:10,
>                     from drivers/video/fbdev/uvesafb.c:12:
>    In function 'strncpy',
>        inlined from 'uvesafb_vbe_getinfo' at drivers/video/fbdev/uvesafb.c:425:2:
>>> include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length [-Wstringop-truncation]
>      return __builtin_strncpy(p, q, size);
>             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> vim +/__builtin_strncpy +246 include/linux/string.h
>
> 6974f0c4 Daniel Micay 2017-07-12  237
> 6974f0c4 Daniel Micay 2017-07-12  238  #if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE)
> 6974f0c4 Daniel Micay 2017-07-12  239  __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size)
> 6974f0c4 Daniel Micay 2017-07-12  240  {
> 6974f0c4 Daniel Micay 2017-07-12  241   size_t p_size = __builtin_object_size(p, 0);
> 6974f0c4 Daniel Micay 2017-07-12  242   if (__builtin_constant_p(size) && p_size < size)
> 6974f0c4 Daniel Micay 2017-07-12  243           __write_overflow();
> 6974f0c4 Daniel Micay 2017-07-12  244   if (p_size < size)
> 6974f0c4 Daniel Micay 2017-07-12  245           fortify_panic(__func__);
> 6974f0c4 Daniel Micay 2017-07-12 @246   return __builtin_strncpy(p, q, size);
> 6974f0c4 Daniel Micay 2017-07-12  247  }
> 6974f0c4 Daniel Micay 2017-07-12  248
>
> :::::: The code at line 246 was first introduced by commit
> :::::: 6974f0c4555e285ab217cee58b6e874f776ff409 include/linux/string.h: add the option of fortified string.h functions
>
> :::::: TO: Daniel Micay <danielmicay@gmail.com>
> :::::: CC: Linus Torvalds <torvalds@linux-foundation.org>
>
> ---
> 0-DAY kernel test infrastructure                Open Source Technology Center
> https://lists.01.org/pipermail/kbuild-all                   Intel Corporation



-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length
  2018-06-05 15:19 ` Andy Shevchenko
@ 2018-06-05 15:30   ` Josh Poimboeuf
  2018-06-05 15:31     ` Andy Shevchenko
  2018-06-06 15:34     ` David Laight
  0 siblings, 2 replies; 5+ messages in thread
From: Josh Poimboeuf @ 2018-06-05 15:30 UTC (permalink / raw)
  To: Andy Shevchenko
  Cc: kbuild test robot, Michal Januszewski, Bartlomiej Zolnierkiewicz,
	kbuild-all, Linux Kernel Mailing List, Arnaldo Carvalho de Melo

On Tue, Jun 05, 2018 at 06:19:07PM +0300, Andy Shevchenko wrote:
> On Tue, May 29, 2018 at 4:35 AM, kbuild test robot <lkp@intel.com> wrote:
> > tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> > head:   786b71f5b754273ccef6d9462e52062b3e1f9877
> > commit: 854e55ad289ef8888e7991f0ada85d5846f5afb9 objtool, perf: Fix GCC 8 -Wrestrict error
> > date:   2 months ago
> > config: x86_64-randconfig-s4-05290856 (attached as .config)
> > compiler: gcc-8 (Debian 8.1.0-3) 8.1.0
> > reproduce:
> >         git checkout 854e55ad289ef8888e7991f0ada85d5846f5afb9
> >         # save the attached .config to linux build tree
> >         make ARCH=x86_64
> >
> 
> I guess it's easy to fix by
> 
> --- a/drivers/video/fbdev/uvesafb.c
> +++ b/drivers/video/fbdev/uvesafb.c
> @@ -422,7 +422,7 @@ static int uvesafb_vbe_getinfo(struct uvesafb_ktask *task,
>        task->t.flags = TF_VBEIB;
>        task->t.buf_len = sizeof(struct vbe_ib);
>        task->buf = &par->vbe_ib;
> -       strncpy(par->vbe_ib.vbe_signature, "VBE2", 4);
> +       snprintf(par->vbe_ib.vbe_signature,
> sizeof(par->vbe_ib.vbe_signature), "VBE2");
> 
> The question is do we want this to just shut up a compiler? It's
> obviously false positive.

What about just changing it to a memcpy?  Seems like that would be
cleaner anyway, since the whole point of strncpy is to add the
terminating NULL, which isn't need here.

> 
> > All warnings (new ones prefixed by >>):
> >
> >    In file included from include/linux/bitmap.h:9,
> >                     from include/linux/cpumask.h:12,
> >                     from arch/x86/include/asm/cpumask.h:5,
> >                     from arch/x86/include/asm/msr.h:11,
> >                     from arch/x86/include/asm/processor.h:21,
> >                     from arch/x86/include/asm/cpufeature.h:5,
> >                     from arch/x86/include/asm/thread_info.h:53,
> >                     from include/linux/thread_info.h:38,
> >                     from arch/x86/include/asm/preempt.h:7,
> >                     from include/linux/preempt.h:81,
> >                     from include/linux/spinlock.h:51,
> >                     from include/linux/seqlock.h:36,
> >                     from include/linux/time.h:6,
> >                     from include/linux/stat.h:19,
> >                     from include/linux/module.h:10,
> >                     from drivers/video/fbdev/uvesafb.c:12:
> >    In function 'strncpy',
> >        inlined from 'uvesafb_vbe_getinfo' at drivers/video/fbdev/uvesafb.c:425:2:
> >>> include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length [-Wstringop-truncation]
> >      return __builtin_strncpy(p, q, size);
> >             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> > vim +/__builtin_strncpy +246 include/linux/string.h
> >
> > 6974f0c4 Daniel Micay 2017-07-12  237
> > 6974f0c4 Daniel Micay 2017-07-12  238  #if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE)
> > 6974f0c4 Daniel Micay 2017-07-12  239  __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size)
> > 6974f0c4 Daniel Micay 2017-07-12  240  {
> > 6974f0c4 Daniel Micay 2017-07-12  241   size_t p_size = __builtin_object_size(p, 0);
> > 6974f0c4 Daniel Micay 2017-07-12  242   if (__builtin_constant_p(size) && p_size < size)
> > 6974f0c4 Daniel Micay 2017-07-12  243           __write_overflow();
> > 6974f0c4 Daniel Micay 2017-07-12  244   if (p_size < size)
> > 6974f0c4 Daniel Micay 2017-07-12  245           fortify_panic(__func__);
> > 6974f0c4 Daniel Micay 2017-07-12 @246   return __builtin_strncpy(p, q, size);
> > 6974f0c4 Daniel Micay 2017-07-12  247  }
> > 6974f0c4 Daniel Micay 2017-07-12  248
> >
> > :::::: The code at line 246 was first introduced by commit
> > :::::: 6974f0c4555e285ab217cee58b6e874f776ff409 include/linux/string.h: add the option of fortified string.h functions
> >
> > :::::: TO: Daniel Micay <danielmicay@gmail.com>
> > :::::: CC: Linus Torvalds <torvalds@linux-foundation.org>
> >
> > ---
> > 0-DAY kernel test infrastructure                Open Source Technology Center
> > https://lists.01.org/pipermail/kbuild-all                   Intel Corporation
> 
> 
> 
> -- 
> With Best Regards,
> Andy Shevchenko

-- 
Josh

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length
  2018-06-05 15:30   ` Josh Poimboeuf
@ 2018-06-05 15:31     ` Andy Shevchenko
  2018-06-06 15:34     ` David Laight
  1 sibling, 0 replies; 5+ messages in thread
From: Andy Shevchenko @ 2018-06-05 15:31 UTC (permalink / raw)
  To: Josh Poimboeuf
  Cc: kbuild test robot, Bartlomiej Zolnierkiewicz, kbuild-all,
	Linux Kernel Mailing List, Arnaldo Carvalho de Melo

On Tue, Jun 5, 2018 at 6:30 PM, Josh Poimboeuf <jpoimboe@redhat.com> wrote:
> On Tue, Jun 05, 2018 at 06:19:07PM +0300, Andy Shevchenko wrote:
>> On Tue, May 29, 2018 at 4:35 AM, kbuild test robot <lkp@intel.com> wrote:
>> > tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
>> > head:   786b71f5b754273ccef6d9462e52062b3e1f9877
>> > commit: 854e55ad289ef8888e7991f0ada85d5846f5afb9 objtool, perf: Fix GCC 8 -Wrestrict error
>> > date:   2 months ago
>> > config: x86_64-randconfig-s4-05290856 (attached as .config)
>> > compiler: gcc-8 (Debian 8.1.0-3) 8.1.0
>> > reproduce:
>> >         git checkout 854e55ad289ef8888e7991f0ada85d5846f5afb9
>> >         # save the attached .config to linux build tree
>> >         make ARCH=x86_64
>> >
>>
>> I guess it's easy to fix by
>>
>> --- a/drivers/video/fbdev/uvesafb.c
>> +++ b/drivers/video/fbdev/uvesafb.c
>> @@ -422,7 +422,7 @@ static int uvesafb_vbe_getinfo(struct uvesafb_ktask *task,
>>        task->t.flags = TF_VBEIB;
>>        task->t.buf_len = sizeof(struct vbe_ib);
>>        task->buf = &par->vbe_ib;
>> -       strncpy(par->vbe_ib.vbe_signature, "VBE2", 4);
>> +       snprintf(par->vbe_ib.vbe_signature,
>> sizeof(par->vbe_ib.vbe_signature), "VBE2");
>>
>> The question is do we want this to just shut up a compiler? It's
>> obviously false positive.
>
> What about just changing it to a memcpy?  Seems like that would be
> cleaner anyway, since the whole point of strncpy is to add the
> terminating NULL, which isn't need here.

Agree.

Btw, Bartlomiej, it seems driver maintainer's address is bouncing.

-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply	[flat|nested] 5+ messages in thread
* RE: include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length
  2018-06-05 15:30   ` Josh Poimboeuf
  2018-06-05 15:31     ` Andy Shevchenko
@ 2018-06-06 15:34     ` David Laight
  1 sibling, 0 replies; 5+ messages in thread
From: David Laight @ 2018-06-06 15:34 UTC (permalink / raw)
  To: 'Josh Poimboeuf', Andy Shevchenko
  Cc: kbuild test robot, Michal Januszewski, Bartlomiej Zolnierkiewicz,
	kbuild-all, Linux Kernel Mailing List, Arnaldo Carvalho de Melo

From: Josh Poimboeuf
> Sent: 05 June 2018 16:30
...
> What about just changing it to a memcpy?  Seems like that would be
> cleaner anyway, since the whole point of strncpy is to add the
> terminating NULL, which isn't need here.

Not really, the point of strncpy is to copy strings that might
not be '\0' terminated and to zero fill the target buffer.

Unfortunately strncpy() has often been used with the assumption
that it always terminates the target string - which isn't true.

Unfortunately you can't always replace strncpy with strlcpy or
snprintf because both those require the source string be '\0'
terminated - which isn't a requirement for strncpy.

This warning on __builtin_strncpy() seems ott to me.
The only fix is to audit the code and replace at least some of
the strncpy() with really_strncpy().

	David


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-06-06 15:33 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-05-29  1:35 include/linux/string.h:246:9: warning: '__builtin_strncpy' output truncated before terminating nul copying 4 bytes from a string of the same length kbuild test robot
2018-06-05 15:19 ` Andy Shevchenko
2018-06-05 15:30   ` Josh Poimboeuf
2018-06-05 15:31     ` Andy Shevchenko
2018-06-06 15:34     ` David Laight

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).