[-next] lib/test_kasan: silence a -Warray-bounds warning
diff mbox series

Message ID 1583847469-4354-1-git-send-email-cai@lca.pw
State New
Headers show
Series
  • [-next] lib/test_kasan: silence a -Warray-bounds warning
Related show

Commit Message

Qian Cai March 10, 2020, 1:37 p.m. UTC
The commit "kasan: add test for invalid size in memmove" introduced a
compilation warning where it used a negative size on purpose. Silence it
by disabling "array-bounds" checking for this file only for testing
purpose.

In file included from ./include/linux/bitmap.h:9,
                 from ./include/linux/cpumask.h:12,
                 from ./arch/x86/include/asm/cpumask.h:5,
                 from ./arch/x86/include/asm/msr.h:11,
                 from ./arch/x86/include/asm/processor.h:22,
                 from ./arch/x86/include/asm/cpufeature.h:5,
                 from ./arch/x86/include/asm/thread_info.h:53,
                 from ./include/linux/thread_info.h:38,
                 from ./arch/x86/include/asm/preempt.h:7,
                 from ./include/linux/preempt.h:78,
                 from ./include/linux/rcupdate.h:27,
                 from ./include/linux/rculist.h:11,
                 from ./include/linux/pid.h:5,
                 from ./include/linux/sched.h:14,
                 from ./include/linux/uaccess.h:6,
                 from ./arch/x86/include/asm/fpu/xstate.h:5,
                 from ./arch/x86/include/asm/pgtable.h:26,
                 from ./include/linux/kasan.h:15,
                 from lib/test_kasan.c:12:
In function 'memmove',
    inlined from 'kmalloc_memmove_invalid_size' at
lib/test_kasan.c:301:2:
./include/linux/string.h:441:9: warning: '__builtin_memmove' pointer
overflow between offset 0 and size [-2, 9223372036854775807]
[-Warray-bounds]
  return __builtin_memmove(p, q, size);
         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Qian Cai <cai@lca.pw>
---
 lib/Makefile | 2 ++
 1 file changed, 2 insertions(+)

Comments

Dmitry Vyukov March 10, 2020, 3:20 p.m. UTC | #1
On Tue, Mar 10, 2020 at 2:38 PM Qian Cai <cai@lca.pw> wrote:
>
> The commit "kasan: add test for invalid size in memmove" introduced a
> compilation warning where it used a negative size on purpose. Silence it
> by disabling "array-bounds" checking for this file only for testing
> purpose.
>
> In file included from ./include/linux/bitmap.h:9,
>                  from ./include/linux/cpumask.h:12,
>                  from ./arch/x86/include/asm/cpumask.h:5,
>                  from ./arch/x86/include/asm/msr.h:11,
>                  from ./arch/x86/include/asm/processor.h:22,
>                  from ./arch/x86/include/asm/cpufeature.h:5,
>                  from ./arch/x86/include/asm/thread_info.h:53,
>                  from ./include/linux/thread_info.h:38,
>                  from ./arch/x86/include/asm/preempt.h:7,
>                  from ./include/linux/preempt.h:78,
>                  from ./include/linux/rcupdate.h:27,
>                  from ./include/linux/rculist.h:11,
>                  from ./include/linux/pid.h:5,
>                  from ./include/linux/sched.h:14,
>                  from ./include/linux/uaccess.h:6,
>                  from ./arch/x86/include/asm/fpu/xstate.h:5,
>                  from ./arch/x86/include/asm/pgtable.h:26,
>                  from ./include/linux/kasan.h:15,
>                  from lib/test_kasan.c:12:
> In function 'memmove',
>     inlined from 'kmalloc_memmove_invalid_size' at
> lib/test_kasan.c:301:2:
> ./include/linux/string.h:441:9: warning: '__builtin_memmove' pointer
> overflow between offset 0 and size [-2, 9223372036854775807]
> [-Warray-bounds]
>   return __builtin_memmove(p, q, size);
>          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: Qian Cai <cai@lca.pw>
> ---
>  lib/Makefile | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/lib/Makefile b/lib/Makefile
> index ab68a8674360..24d519a0741d 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -297,6 +297,8 @@ UBSAN_SANITIZE_ubsan.o := n
>  KASAN_SANITIZE_ubsan.o := n
>  KCSAN_SANITIZE_ubsan.o := n
>  CFLAGS_ubsan.o := $(call cc-option, -fno-stack-protector) $(DISABLE_STACKLEAK_PLUGIN)
> +# kmalloc_memmove_invalid_size() does this on purpose.
> +CFLAGS_test_kasan.o += $(call cc-disable-warning, array-bounds)
>
>  obj-$(CONFIG_SBITMAP) += sbitmap.o
>
> --
> 1.8.3.1
>

Acked-by: Dmitry Vyukov <dvyukov@google.com>

Thanks
Walter Wu March 11, 2020, 1:53 a.m. UTC | #2
Hi Qian,

On Tue, 2020-03-10 at 16:20 +0100, 'Dmitry Vyukov' via kasan-dev wrote:
> On Tue, Mar 10, 2020 at 2:38 PM Qian Cai <cai@lca.pw> wrote:
> >
> > The commit "kasan: add test for invalid size in memmove" introduced a
> > compilation warning where it used a negative size on purpose. Silence it
> > by disabling "array-bounds" checking for this file only for testing
> > purpose.
> >
> > In file included from ./include/linux/bitmap.h:9,
> >                  from ./include/linux/cpumask.h:12,
> >                  from ./arch/x86/include/asm/cpumask.h:5,
> >                  from ./arch/x86/include/asm/msr.h:11,
> >                  from ./arch/x86/include/asm/processor.h:22,
> >                  from ./arch/x86/include/asm/cpufeature.h:5,
> >                  from ./arch/x86/include/asm/thread_info.h:53,
> >                  from ./include/linux/thread_info.h:38,
> >                  from ./arch/x86/include/asm/preempt.h:7,
> >                  from ./include/linux/preempt.h:78,
> >                  from ./include/linux/rcupdate.h:27,
> >                  from ./include/linux/rculist.h:11,
> >                  from ./include/linux/pid.h:5,
> >                  from ./include/linux/sched.h:14,
> >                  from ./include/linux/uaccess.h:6,
> >                  from ./arch/x86/include/asm/fpu/xstate.h:5,
> >                  from ./arch/x86/include/asm/pgtable.h:26,
> >                  from ./include/linux/kasan.h:15,
> >                  from lib/test_kasan.c:12:
> > In function 'memmove',
> >     inlined from 'kmalloc_memmove_invalid_size' at
> > lib/test_kasan.c:301:2:
> > ./include/linux/string.h:441:9: warning: '__builtin_memmove' pointer
> > overflow between offset 0 and size [-2, 9223372036854775807]
> > [-Warray-bounds]
> >   return __builtin_memmove(p, q, size);
> >          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >

When pass the negative numbers, then there are two warning. In gcc-8 the
warning is checked by array-bounds, but in gcc-9 the warning is checked
by stringop-overflow.

I try to use you patch to check the gcc-9 toolchains, but it still have
the warning, but using below the patch can fix the warning in gcc-8 and
gcc-9.


--- a/lib/test_kasan.c
+++ b/lib/test_kasan.c
@@ -289,6 +289,7 @@ static noinline void __init
kmalloc_memmove_invalid_size(void)
 {
        char *ptr;
        size_t size = 64;
+       volatile size_t invalid_size = -2;

        pr_info("invalid size in memmove\n");
        ptr = kmalloc(size, GFP_KERNEL);
@@ -298,7 +299,7 @@ static noinline void __init
kmalloc_memmove_invalid_size(void)
        }

        memset((char *)ptr, 0, 64);
-       memmove((char *)ptr, (char *)ptr + 4, -2);
+       memmove((char *)ptr, (char *)ptr + 4, invalid_size);
        kfree(ptr);
 }



> > Signed-off-by: Qian Cai <cai@lca.pw>
> > ---
> >  lib/Makefile | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/lib/Makefile b/lib/Makefile
> > index ab68a8674360..24d519a0741d 100644
> > --- a/lib/Makefile
> > +++ b/lib/Makefile
> > @@ -297,6 +297,8 @@ UBSAN_SANITIZE_ubsan.o := n
> >  KASAN_SANITIZE_ubsan.o := n
> >  KCSAN_SANITIZE_ubsan.o := n
> >  CFLAGS_ubsan.o := $(call cc-option, -fno-stack-protector) $(DISABLE_STACKLEAK_PLUGIN)
> > +# kmalloc_memmove_invalid_size() does this on purpose.
> > +CFLAGS_test_kasan.o += $(call cc-disable-warning, array-bounds)
> >
> >  obj-$(CONFIG_SBITMAP) += sbitmap.o
> >
> > --
> > 1.8.3.1
> >
> 
> Acked-by: Dmitry Vyukov <dvyukov@google.com>
> 
> Thanks
>

Patch
diff mbox series

diff --git a/lib/Makefile b/lib/Makefile
index ab68a8674360..24d519a0741d 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -297,6 +297,8 @@  UBSAN_SANITIZE_ubsan.o := n
 KASAN_SANITIZE_ubsan.o := n
 KCSAN_SANITIZE_ubsan.o := n
 CFLAGS_ubsan.o := $(call cc-option, -fno-stack-protector) $(DISABLE_STACKLEAK_PLUGIN)
+# kmalloc_memmove_invalid_size() does this on purpose.
+CFLAGS_test_kasan.o += $(call cc-disable-warning, array-bounds)
 
 obj-$(CONFIG_SBITMAP) += sbitmap.o