From: Kees Cook <keescook@chromium.org>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>,
Yury Norov <yury.norov@gmail.com>,
linux-m68k <linux-m68k@lists.linux-m68k.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: kisskb: FAILED linux-next/m68k-allmodconfig/m68k-gcc8 Tue Jan 25, 18:24
Date: Wed, 26 Jan 2022 08:42:49 -0800 [thread overview]
Message-ID: <202201260841.6C449DD63@keescook> (raw)
In-Reply-To: <CAK8P3a0bLTWc-UG4eX14CQ=hiXms+wHx2VvaovXA-ZUQYAA1fA@mail.gmail.com>
On Wed, Jan 26, 2022 at 01:25:45PM +0100, Arnd Bergmann wrote:
> On Wed, Jan 26, 2022 at 10:16 AM Geert Uytterhoeven
> <geert@linux-m68k.org> wrote:
> > On Wed, Jan 26, 2022 at 9:54 AM Kees Cook <keescook@chromium.org> wrote:
> > > >>
> > > >> The code that causes this is drivers/net/ipa/ipa_mem.c:ipa_mem_valid():
> > > >>
> > > >> DECLARE_BITMAP(regions, IPA_MEM_COUNT) = { };
> > > >> ...
> > > >> for_each_clear_bit(mem_id, regions, IPA_MEM_COUNT) {
> > > >> if (ipa_mem_id_required(ipa, mem_id))
> > > >> dev_err(dev, "required memory region %u missing\n",
> > > >> mem_id);
> > > >> }
> > > >>
> > > >> This only happens with gcc-8, not with gcc-9, so it might be a
> > > >> compiler bug. I don't see anything wrong with c:ipa_mem_valid()
> > > >> nor with m68k's find_first_zero_bit().
> > > >
> > > >I don't see any problems about how this code uses bitmap API.
> > > >The m68k version of find_first_zero_bit() looks correct as well.
> > >
> > > The trouble is with "enum ipa_mem_id mem_id;" which is an int, and the bitmap API requires unsigned long. I tried to fix this[1] at the source, but the maintainers want each[2] call site to fix it instead. :(
> >
> > Sorry, I don't get it. "mem_id" is not used as the bitmap, "regions" is,
> > and the latter has the correct type?
Oops, sorry, this looked so much like the other bitops stuff I thought
that was the problem. You are right -- something else is going on.
> I think you are right here, and even if it was an array of 'unsigned
> int' instead
> of 'unsigned long', this should not change the size of the object on
> a 32-bit architecture.
>
> I ran the preprocessed code through cvise[1], bisecting for a reduced
> test case that fails on gcc-8 but succeeds on gcc-9. The reduced
> case is still fairly complex, and it appears to only happen in the
> presence of an inline asm. Narrowing down the compiler versions shows
> that anything after gcc-9.2 does not warn, but 9.1 and earlier versions do,
> which is further indication that it was probably a false-positive that got
> fixed in gcc.
Eek. Can we work around it in this code, or should -Warray-bounds have a
gcc version check?
--
Kees Cook
prev parent reply other threads:[~2022-01-26 16:42 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20220125073137.1.83124@7e6451f583e7>
2022-01-25 8:47 ` kisskb: FAILED linux-next/m68k-allmodconfig/m68k-gcc8 Tue Jan 25, 18:24 Geert Uytterhoeven
2022-01-25 12:49 ` Arnd Bergmann
2022-01-25 12:55 ` Geert Uytterhoeven
2022-01-25 18:02 ` Yury Norov
2022-01-26 8:53 ` Kees Cook
2022-01-26 9:16 ` Geert Uytterhoeven
2022-01-26 12:25 ` Arnd Bergmann
2022-01-26 12:37 ` Geert Uytterhoeven
2022-01-26 15:25 ` Arnd Bergmann
2022-01-26 16:42 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202201260841.6C449DD63@keescook \
--to=keescook@chromium.org \
--cc=arnd@arndb.de \
--cc=geert@linux-m68k.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
--cc=yury.norov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.