From: Nathan Chancellor <nathan@kernel.org>
To: Kees Cook <keescook@chromium.org>, kernel test robot <lkp@intel.com>
Cc: clang-built-linux@googlegroups.com, kbuild-all@lists.01.org,
Linux Memory Management List <linux-mm@kvack.org>
Subject: Re: [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84
Date: Tue, 24 Aug 2021 19:41:50 -0700 [thread overview]
Message-ID: <2751fd54-f28e-6318-2fc1-3fa5d4a98b2d@kernel.org> (raw)
In-Reply-To: <202108241916.7EFB8D5E1C@keescook>
On 8/24/2021 7:17 PM, Kees Cook wrote:
> On Wed, Aug 25, 2021 at 05:59:01AM +0800, kernel test robot wrote:
>> tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
>> head: 372b2891c15acbf7b90d948b08ac174bde77102c
>> commit: 185e297653a7e0431db813764d2efb9ffd09160c [8858/10077] fortify: Explicitly disable Clang support
>> config: i386-randconfig-a016-20210824 (attached as .config)
>> compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
>> reproduce (this is a W=1 build):
>> wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
>> chmod +x ~/bin/make.cross
>> # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=185e297653a7e0431db813764d2efb9ffd09160c
>> git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
>> git fetch --no-tags linux-next master
>> git checkout 185e297653a7e0431db813764d2efb9ffd09160c
>> # save the attached .config to linux build tree
>> COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386
>>
>> If you fix the issue, kindly add following tag as appropriate
>> Reported-by: kernel test robot <lkp@intel.com>
>>
>> All warnings (new ones prefixed by >>):
>>
>> clang-14: warning: optimization flag '-falign-jumps=0' is not supported [-Wignored-optimization-argument]
>> In file included from fs/statfs.c:2:
>> In file included from include/linux/syscalls.h:76:
>> In file included from include/uapi/linux/aio_abi.h:31:
>> In file included from include/linux/fs.h:6:
>> In file included from include/linux/wait_bit.h:8:
>> In file included from include/linux/wait.h:9:
>> In file included from include/linux/spinlock.h:51:
>> In file included from include/linux/preempt.h:78:
>> In file included from arch/x86/include/asm/preempt.h:7:
>> In file included from include/linux/thread_info.h:60:
>> arch/x86/include/asm/thread_info.h:172:13: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
>> oldframe = __builtin_frame_address(1);
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~
>> arch/x86/include/asm/thread_info.h:174:11: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
>> frame = __builtin_frame_address(2);
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~
>> In file included from fs/statfs.c:2:
>> In file included from include/linux/syscalls.h:87:
>> In file included from include/trace/syscall.h:7:
>> In file included from include/linux/trace_events.h:10:
>> In file included from include/linux/perf_event.h:49:
>> In file included from include/linux/ftrace.h:22:
>> arch/x86/include/asm/ftrace.h:7:3: error: Compiler does not support fentry?
>> # error Compiler does not support fentry?
>> ^
I think that this error is why there is a fortify warning below (no idea
how) but applying my patch [1] which came out of [2] fixes this error
and I do not see any warning in this file with that config.
[1]: https://lore.kernel.org/r/20210824022640.2170859-1-nathan@kernel.org
[2]: https://lore.kernel.org/r/YSQE2f5teuvKLkON@Ryzen-9-3900X.localdomain/
Cheers,
Nathan
>> In file included from fs/statfs.c:2:
>> In file included from include/linux/syscalls.h:87:
>> In file included from include/trace/syscall.h:7:
>> In file included from include/linux/trace_events.h:10:
>> In file included from include/linux/perf_event.h:49:
>> include/linux/ftrace.h:843:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
>> addr = CALLER_ADDR1;
>> ^~~~~~~~~~~~
>> include/linux/ftrace.h:830:38: note: expanded from macro 'CALLER_ADDR1'
>> #define CALLER_ADDR1 ((unsigned long)ftrace_return_address(1))
>> ^~~~~~~~~~~~~~~~~~~~~~~~
>> include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
>> # define ftrace_return_address(n) __builtin_return_address(n)
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>> include/linux/ftrace.h:846:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
>> return CALLER_ADDR2;
>> ^~~~~~~~~~~~
>> include/linux/ftrace.h:831:38: note: expanded from macro 'CALLER_ADDR2'
>> #define CALLER_ADDR2 ((unsigned long)ftrace_return_address(2))
>> ^~~~~~~~~~~~~~~~~~~~~~~~
>> include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
>> # define ftrace_return_address(n) __builtin_return_address(n)
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>> fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 [-Wfortify-source]
>> memcpy(&buf, st, sizeof(*st));
>> ^
>> arch/x86/include/asm/string_32.h:182:25: note: expanded from macro 'memcpy'
>> #define memcpy(t, f, n) __builtin_memcpy(t, f, n)
>> ^
>> 5 warnings and 1 error generated.
>>
>>
>> vim +/memcpy +131 fs/statfs.c
>>
>> c8b91accfa1059 Al Viro 2011-03-12 125
>> c8b91accfa1059 Al Viro 2011-03-12 126 static int do_statfs_native(struct kstatfs *st, struct statfs __user *p)
>> c8b91accfa1059 Al Viro 2011-03-12 127 {
>> c8b91accfa1059 Al Viro 2011-03-12 128 struct statfs buf;
>> 7ed1ee6118ae77 Al Viro 2010-03-23 129
>> c8b91accfa1059 Al Viro 2011-03-12 130 if (sizeof(buf) == sizeof(*st))
>> c8b91accfa1059 Al Viro 2011-03-12 @131 memcpy(&buf, st, sizeof(*st));
>
> Wat. Statement above this makes that assertion impossible.
>
WARNING: multiple messages have this Message-ID (diff)
From: Nathan Chancellor <nathan@kernel.org>
To: kbuild-all@lists.01.org
Subject: Re: [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84
Date: Tue, 24 Aug 2021 19:41:50 -0700 [thread overview]
Message-ID: <2751fd54-f28e-6318-2fc1-3fa5d4a98b2d@kernel.org> (raw)
In-Reply-To: <202108241916.7EFB8D5E1C@keescook>
[-- Attachment #1: Type: text/plain, Size: 6107 bytes --]
On 8/24/2021 7:17 PM, Kees Cook wrote:
> On Wed, Aug 25, 2021 at 05:59:01AM +0800, kernel test robot wrote:
>> tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
>> head: 372b2891c15acbf7b90d948b08ac174bde77102c
>> commit: 185e297653a7e0431db813764d2efb9ffd09160c [8858/10077] fortify: Explicitly disable Clang support
>> config: i386-randconfig-a016-20210824 (attached as .config)
>> compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
>> reproduce (this is a W=1 build):
>> wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
>> chmod +x ~/bin/make.cross
>> # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=185e297653a7e0431db813764d2efb9ffd09160c
>> git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
>> git fetch --no-tags linux-next master
>> git checkout 185e297653a7e0431db813764d2efb9ffd09160c
>> # save the attached .config to linux build tree
>> COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386
>>
>> If you fix the issue, kindly add following tag as appropriate
>> Reported-by: kernel test robot <lkp@intel.com>
>>
>> All warnings (new ones prefixed by >>):
>>
>> clang-14: warning: optimization flag '-falign-jumps=0' is not supported [-Wignored-optimization-argument]
>> In file included from fs/statfs.c:2:
>> In file included from include/linux/syscalls.h:76:
>> In file included from include/uapi/linux/aio_abi.h:31:
>> In file included from include/linux/fs.h:6:
>> In file included from include/linux/wait_bit.h:8:
>> In file included from include/linux/wait.h:9:
>> In file included from include/linux/spinlock.h:51:
>> In file included from include/linux/preempt.h:78:
>> In file included from arch/x86/include/asm/preempt.h:7:
>> In file included from include/linux/thread_info.h:60:
>> arch/x86/include/asm/thread_info.h:172:13: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
>> oldframe = __builtin_frame_address(1);
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~
>> arch/x86/include/asm/thread_info.h:174:11: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
>> frame = __builtin_frame_address(2);
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~
>> In file included from fs/statfs.c:2:
>> In file included from include/linux/syscalls.h:87:
>> In file included from include/trace/syscall.h:7:
>> In file included from include/linux/trace_events.h:10:
>> In file included from include/linux/perf_event.h:49:
>> In file included from include/linux/ftrace.h:22:
>> arch/x86/include/asm/ftrace.h:7:3: error: Compiler does not support fentry?
>> # error Compiler does not support fentry?
>> ^
I think that this error is why there is a fortify warning below (no idea
how) but applying my patch [1] which came out of [2] fixes this error
and I do not see any warning in this file with that config.
[1]: https://lore.kernel.org/r/20210824022640.2170859-1-nathan(a)kernel.org
[2]: https://lore.kernel.org/r/YSQE2f5teuvKLkON(a)Ryzen-9-3900X.localdomain/
Cheers,
Nathan
>> In file included from fs/statfs.c:2:
>> In file included from include/linux/syscalls.h:87:
>> In file included from include/trace/syscall.h:7:
>> In file included from include/linux/trace_events.h:10:
>> In file included from include/linux/perf_event.h:49:
>> include/linux/ftrace.h:843:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
>> addr = CALLER_ADDR1;
>> ^~~~~~~~~~~~
>> include/linux/ftrace.h:830:38: note: expanded from macro 'CALLER_ADDR1'
>> #define CALLER_ADDR1 ((unsigned long)ftrace_return_address(1))
>> ^~~~~~~~~~~~~~~~~~~~~~~~
>> include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
>> # define ftrace_return_address(n) __builtin_return_address(n)
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>> include/linux/ftrace.h:846:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
>> return CALLER_ADDR2;
>> ^~~~~~~~~~~~
>> include/linux/ftrace.h:831:38: note: expanded from macro 'CALLER_ADDR2'
>> #define CALLER_ADDR2 ((unsigned long)ftrace_return_address(2))
>> ^~~~~~~~~~~~~~~~~~~~~~~~
>> include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
>> # define ftrace_return_address(n) __builtin_return_address(n)
>> ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>> fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 [-Wfortify-source]
>> memcpy(&buf, st, sizeof(*st));
>> ^
>> arch/x86/include/asm/string_32.h:182:25: note: expanded from macro 'memcpy'
>> #define memcpy(t, f, n) __builtin_memcpy(t, f, n)
>> ^
>> 5 warnings and 1 error generated.
>>
>>
>> vim +/memcpy +131 fs/statfs.c
>>
>> c8b91accfa1059 Al Viro 2011-03-12 125
>> c8b91accfa1059 Al Viro 2011-03-12 126 static int do_statfs_native(struct kstatfs *st, struct statfs __user *p)
>> c8b91accfa1059 Al Viro 2011-03-12 127 {
>> c8b91accfa1059 Al Viro 2011-03-12 128 struct statfs buf;
>> 7ed1ee6118ae77 Al Viro 2010-03-23 129
>> c8b91accfa1059 Al Viro 2011-03-12 130 if (sizeof(buf) == sizeof(*st))
>> c8b91accfa1059 Al Viro 2011-03-12 @131 memcpy(&buf, st, sizeof(*st));
>
> Wat. Statement above this makes that assertion impossible.
>
next prev parent reply other threads:[~2021-08-25 2:41 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-24 21:59 [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 kernel test robot
2021-08-24 21:59 ` kernel test robot
2021-08-25 2:17 ` Kees Cook
2021-08-25 2:17 ` Kees Cook
2021-08-25 2:41 ` Nathan Chancellor [this message]
2021-08-25 2:41 ` Nathan Chancellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2751fd54-f28e-6318-2fc1-3fa5d4a98b2d@kernel.org \
--to=nathan@kernel.org \
--cc=clang-built-linux@googlegroups.com \
--cc=kbuild-all@lists.01.org \
--cc=keescook@chromium.org \
--cc=linux-mm@kvack.org \
--cc=lkp@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.