From: kernel test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84
Date: Wed, 25 Aug 2021 05:59:01 +0800 [thread overview]
Message-ID: <202108250548.HB9OXC36-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 7985 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head: 372b2891c15acbf7b90d948b08ac174bde77102c
commit: 185e297653a7e0431db813764d2efb9ffd09160c [8858/10077] fortify: Explicitly disable Clang support
config: i386-randconfig-a016-20210824 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=185e297653a7e0431db813764d2efb9ffd09160c
git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
git fetch --no-tags linux-next master
git checkout 185e297653a7e0431db813764d2efb9ffd09160c
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
clang-14: warning: optimization flag '-falign-jumps=0' is not supported [-Wignored-optimization-argument]
In file included from fs/statfs.c:2:
In file included from include/linux/syscalls.h:76:
In file included from include/uapi/linux/aio_abi.h:31:
In file included from include/linux/fs.h:6:
In file included from include/linux/wait_bit.h:8:
In file included from include/linux/wait.h:9:
In file included from include/linux/spinlock.h:51:
In file included from include/linux/preempt.h:78:
In file included from arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:60:
arch/x86/include/asm/thread_info.h:172:13: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
oldframe = __builtin_frame_address(1);
^~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/include/asm/thread_info.h:174:11: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
frame = __builtin_frame_address(2);
^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from fs/statfs.c:2:
In file included from include/linux/syscalls.h:87:
In file included from include/trace/syscall.h:7:
In file included from include/linux/trace_events.h:10:
In file included from include/linux/perf_event.h:49:
In file included from include/linux/ftrace.h:22:
arch/x86/include/asm/ftrace.h:7:3: error: Compiler does not support fentry?
# error Compiler does not support fentry?
^
In file included from fs/statfs.c:2:
In file included from include/linux/syscalls.h:87:
In file included from include/trace/syscall.h:7:
In file included from include/linux/trace_events.h:10:
In file included from include/linux/perf_event.h:49:
include/linux/ftrace.h:843:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
addr = CALLER_ADDR1;
^~~~~~~~~~~~
include/linux/ftrace.h:830:38: note: expanded from macro 'CALLER_ADDR1'
#define CALLER_ADDR1 ((unsigned long)ftrace_return_address(1))
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
# define ftrace_return_address(n) __builtin_return_address(n)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/ftrace.h:846:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
return CALLER_ADDR2;
^~~~~~~~~~~~
include/linux/ftrace.h:831:38: note: expanded from macro 'CALLER_ADDR2'
#define CALLER_ADDR2 ((unsigned long)ftrace_return_address(2))
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
# define ftrace_return_address(n) __builtin_return_address(n)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
>> fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 [-Wfortify-source]
memcpy(&buf, st, sizeof(*st));
^
arch/x86/include/asm/string_32.h:182:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^
5 warnings and 1 error generated.
vim +/memcpy +131 fs/statfs.c
c8b91accfa1059 Al Viro 2011-03-12 125
c8b91accfa1059 Al Viro 2011-03-12 126 static int do_statfs_native(struct kstatfs *st, struct statfs __user *p)
c8b91accfa1059 Al Viro 2011-03-12 127 {
c8b91accfa1059 Al Viro 2011-03-12 128 struct statfs buf;
7ed1ee6118ae77 Al Viro 2010-03-23 129
c8b91accfa1059 Al Viro 2011-03-12 130 if (sizeof(buf) == sizeof(*st))
c8b91accfa1059 Al Viro 2011-03-12 @131 memcpy(&buf, st, sizeof(*st));
7ed1ee6118ae77 Al Viro 2010-03-23 132 else {
c8b91accfa1059 Al Viro 2011-03-12 133 if (sizeof buf.f_blocks == 4) {
c8b91accfa1059 Al Viro 2011-03-12 134 if ((st->f_blocks | st->f_bfree | st->f_bavail |
c8b91accfa1059 Al Viro 2011-03-12 135 st->f_bsize | st->f_frsize) &
7ed1ee6118ae77 Al Viro 2010-03-23 136 0xffffffff00000000ULL)
7ed1ee6118ae77 Al Viro 2010-03-23 137 return -EOVERFLOW;
7ed1ee6118ae77 Al Viro 2010-03-23 138 /*
7ed1ee6118ae77 Al Viro 2010-03-23 139 * f_files and f_ffree may be -1; it's okay to stuff
7ed1ee6118ae77 Al Viro 2010-03-23 140 * that into 32 bits
7ed1ee6118ae77 Al Viro 2010-03-23 141 */
c8b91accfa1059 Al Viro 2011-03-12 142 if (st->f_files != -1 &&
c8b91accfa1059 Al Viro 2011-03-12 143 (st->f_files & 0xffffffff00000000ULL))
7ed1ee6118ae77 Al Viro 2010-03-23 144 return -EOVERFLOW;
c8b91accfa1059 Al Viro 2011-03-12 145 if (st->f_ffree != -1 &&
c8b91accfa1059 Al Viro 2011-03-12 146 (st->f_ffree & 0xffffffff00000000ULL))
7ed1ee6118ae77 Al Viro 2010-03-23 147 return -EOVERFLOW;
7ed1ee6118ae77 Al Viro 2010-03-23 148 }
7ed1ee6118ae77 Al Viro 2010-03-23 149
c8b91accfa1059 Al Viro 2011-03-12 150 buf.f_type = st->f_type;
c8b91accfa1059 Al Viro 2011-03-12 151 buf.f_bsize = st->f_bsize;
c8b91accfa1059 Al Viro 2011-03-12 152 buf.f_blocks = st->f_blocks;
c8b91accfa1059 Al Viro 2011-03-12 153 buf.f_bfree = st->f_bfree;
c8b91accfa1059 Al Viro 2011-03-12 154 buf.f_bavail = st->f_bavail;
c8b91accfa1059 Al Viro 2011-03-12 155 buf.f_files = st->f_files;
c8b91accfa1059 Al Viro 2011-03-12 156 buf.f_ffree = st->f_ffree;
c8b91accfa1059 Al Viro 2011-03-12 157 buf.f_fsid = st->f_fsid;
c8b91accfa1059 Al Viro 2011-03-12 158 buf.f_namelen = st->f_namelen;
c8b91accfa1059 Al Viro 2011-03-12 159 buf.f_frsize = st->f_frsize;
c8b91accfa1059 Al Viro 2011-03-12 160 buf.f_flags = st->f_flags;
c8b91accfa1059 Al Viro 2011-03-12 161 memset(buf.f_spare, 0, sizeof(buf.f_spare));
c8b91accfa1059 Al Viro 2011-03-12 162 }
c8b91accfa1059 Al Viro 2011-03-12 163 if (copy_to_user(p, &buf, sizeof(buf)))
c8b91accfa1059 Al Viro 2011-03-12 164 return -EFAULT;
7ed1ee6118ae77 Al Viro 2010-03-23 165 return 0;
7ed1ee6118ae77 Al Viro 2010-03-23 166 }
7ed1ee6118ae77 Al Viro 2010-03-23 167
:::::: The code at line 131 was first introduced by commit
:::::: c8b91accfa1059d5565443193d89572eca2f5dd6 clean statfs-like syscalls up
:::::: TO: Al Viro <viro@zeniv.linux.org.uk>
:::::: CC: Al Viro <viro@zeniv.linux.org.uk>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 31883 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: kernel test robot <lkp@intel.com>
To: Kees Cook <keescook@chromium.org>
Cc: clang-built-linux@googlegroups.com, kbuild-all@lists.01.org,
Linux Memory Management List <linux-mm@kvack.org>
Subject: [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84
Date: Wed, 25 Aug 2021 05:59:01 +0800 [thread overview]
Message-ID: <202108250548.HB9OXC36-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 7850 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head: 372b2891c15acbf7b90d948b08ac174bde77102c
commit: 185e297653a7e0431db813764d2efb9ffd09160c [8858/10077] fortify: Explicitly disable Clang support
config: i386-randconfig-a016-20210824 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=185e297653a7e0431db813764d2efb9ffd09160c
git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
git fetch --no-tags linux-next master
git checkout 185e297653a7e0431db813764d2efb9ffd09160c
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
clang-14: warning: optimization flag '-falign-jumps=0' is not supported [-Wignored-optimization-argument]
In file included from fs/statfs.c:2:
In file included from include/linux/syscalls.h:76:
In file included from include/uapi/linux/aio_abi.h:31:
In file included from include/linux/fs.h:6:
In file included from include/linux/wait_bit.h:8:
In file included from include/linux/wait.h:9:
In file included from include/linux/spinlock.h:51:
In file included from include/linux/preempt.h:78:
In file included from arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:60:
arch/x86/include/asm/thread_info.h:172:13: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
oldframe = __builtin_frame_address(1);
^~~~~~~~~~~~~~~~~~~~~~~~~~
arch/x86/include/asm/thread_info.h:174:11: warning: calling '__builtin_frame_address' with a nonzero argument is unsafe [-Wframe-address]
frame = __builtin_frame_address(2);
^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from fs/statfs.c:2:
In file included from include/linux/syscalls.h:87:
In file included from include/trace/syscall.h:7:
In file included from include/linux/trace_events.h:10:
In file included from include/linux/perf_event.h:49:
In file included from include/linux/ftrace.h:22:
arch/x86/include/asm/ftrace.h:7:3: error: Compiler does not support fentry?
# error Compiler does not support fentry?
^
In file included from fs/statfs.c:2:
In file included from include/linux/syscalls.h:87:
In file included from include/trace/syscall.h:7:
In file included from include/linux/trace_events.h:10:
In file included from include/linux/perf_event.h:49:
include/linux/ftrace.h:843:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
addr = CALLER_ADDR1;
^~~~~~~~~~~~
include/linux/ftrace.h:830:38: note: expanded from macro 'CALLER_ADDR1'
#define CALLER_ADDR1 ((unsigned long)ftrace_return_address(1))
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
# define ftrace_return_address(n) __builtin_return_address(n)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/ftrace.h:846:9: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address]
return CALLER_ADDR2;
^~~~~~~~~~~~
include/linux/ftrace.h:831:38: note: expanded from macro 'CALLER_ADDR2'
#define CALLER_ADDR2 ((unsigned long)ftrace_return_address(2))
^~~~~~~~~~~~~~~~~~~~~~~~
include/linux/ftrace.h:823:36: note: expanded from macro 'ftrace_return_address'
# define ftrace_return_address(n) __builtin_return_address(n)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
>> fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 [-Wfortify-source]
memcpy(&buf, st, sizeof(*st));
^
arch/x86/include/asm/string_32.h:182:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^
5 warnings and 1 error generated.
vim +/memcpy +131 fs/statfs.c
c8b91accfa1059 Al Viro 2011-03-12 125
c8b91accfa1059 Al Viro 2011-03-12 126 static int do_statfs_native(struct kstatfs *st, struct statfs __user *p)
c8b91accfa1059 Al Viro 2011-03-12 127 {
c8b91accfa1059 Al Viro 2011-03-12 128 struct statfs buf;
7ed1ee6118ae77 Al Viro 2010-03-23 129
c8b91accfa1059 Al Viro 2011-03-12 130 if (sizeof(buf) == sizeof(*st))
c8b91accfa1059 Al Viro 2011-03-12 @131 memcpy(&buf, st, sizeof(*st));
7ed1ee6118ae77 Al Viro 2010-03-23 132 else {
c8b91accfa1059 Al Viro 2011-03-12 133 if (sizeof buf.f_blocks == 4) {
c8b91accfa1059 Al Viro 2011-03-12 134 if ((st->f_blocks | st->f_bfree | st->f_bavail |
c8b91accfa1059 Al Viro 2011-03-12 135 st->f_bsize | st->f_frsize) &
7ed1ee6118ae77 Al Viro 2010-03-23 136 0xffffffff00000000ULL)
7ed1ee6118ae77 Al Viro 2010-03-23 137 return -EOVERFLOW;
7ed1ee6118ae77 Al Viro 2010-03-23 138 /*
7ed1ee6118ae77 Al Viro 2010-03-23 139 * f_files and f_ffree may be -1; it's okay to stuff
7ed1ee6118ae77 Al Viro 2010-03-23 140 * that into 32 bits
7ed1ee6118ae77 Al Viro 2010-03-23 141 */
c8b91accfa1059 Al Viro 2011-03-12 142 if (st->f_files != -1 &&
c8b91accfa1059 Al Viro 2011-03-12 143 (st->f_files & 0xffffffff00000000ULL))
7ed1ee6118ae77 Al Viro 2010-03-23 144 return -EOVERFLOW;
c8b91accfa1059 Al Viro 2011-03-12 145 if (st->f_ffree != -1 &&
c8b91accfa1059 Al Viro 2011-03-12 146 (st->f_ffree & 0xffffffff00000000ULL))
7ed1ee6118ae77 Al Viro 2010-03-23 147 return -EOVERFLOW;
7ed1ee6118ae77 Al Viro 2010-03-23 148 }
7ed1ee6118ae77 Al Viro 2010-03-23 149
c8b91accfa1059 Al Viro 2011-03-12 150 buf.f_type = st->f_type;
c8b91accfa1059 Al Viro 2011-03-12 151 buf.f_bsize = st->f_bsize;
c8b91accfa1059 Al Viro 2011-03-12 152 buf.f_blocks = st->f_blocks;
c8b91accfa1059 Al Viro 2011-03-12 153 buf.f_bfree = st->f_bfree;
c8b91accfa1059 Al Viro 2011-03-12 154 buf.f_bavail = st->f_bavail;
c8b91accfa1059 Al Viro 2011-03-12 155 buf.f_files = st->f_files;
c8b91accfa1059 Al Viro 2011-03-12 156 buf.f_ffree = st->f_ffree;
c8b91accfa1059 Al Viro 2011-03-12 157 buf.f_fsid = st->f_fsid;
c8b91accfa1059 Al Viro 2011-03-12 158 buf.f_namelen = st->f_namelen;
c8b91accfa1059 Al Viro 2011-03-12 159 buf.f_frsize = st->f_frsize;
c8b91accfa1059 Al Viro 2011-03-12 160 buf.f_flags = st->f_flags;
c8b91accfa1059 Al Viro 2011-03-12 161 memset(buf.f_spare, 0, sizeof(buf.f_spare));
c8b91accfa1059 Al Viro 2011-03-12 162 }
c8b91accfa1059 Al Viro 2011-03-12 163 if (copy_to_user(p, &buf, sizeof(buf)))
c8b91accfa1059 Al Viro 2011-03-12 164 return -EFAULT;
7ed1ee6118ae77 Al Viro 2010-03-23 165 return 0;
7ed1ee6118ae77 Al Viro 2010-03-23 166 }
7ed1ee6118ae77 Al Viro 2010-03-23 167
:::::: The code at line 131 was first introduced by commit
:::::: c8b91accfa1059d5565443193d89572eca2f5dd6 clean statfs-like syscalls up
:::::: TO: Al Viro <viro@zeniv.linux.org.uk>
:::::: CC: Al Viro <viro@zeniv.linux.org.uk>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 31883 bytes --]
next reply other threads:[~2021-08-24 21:59 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-24 21:59 kernel test robot [this message]
2021-08-24 21:59 ` [linux-next:master 8858/10077] fs/statfs.c:131:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 84 kernel test robot
2021-08-25 2:17 ` Kees Cook
2021-08-25 2:17 ` Kees Cook
2021-08-25 2:41 ` Nathan Chancellor
2021-08-25 2:41 ` Nathan Chancellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202108250548.HB9OXC36-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.