From: Kees Cook <kees@kernel.org>
To: Nathan Chancellor <nathan@kernel.org>
Cc: Naresh Kamboju <naresh.kamboju@linaro.org>,
clang-built-linux <llvm@lists.linux.dev>,
kunit-dev@googlegroups.com,
open list <linux-kernel@vger.kernel.org>,
David Gow <davidgow@google.com>, Arnd Bergmann <arnd@arndb.de>,
Anders Roxell <anders.roxell@linaro.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Brendan Higgins <brendan.higgins@linux.dev>,
Rae Moar <rmoar@google.com>
Subject: Re: DEFINE_FLEX_test: EXPECTATION FAILED at lib/overflow_kunit.c:1200:
Date: Tue, 19 Nov 2024 09:38:40 -0800 [thread overview]
Message-ID: <202411190932.DB9B746B8@keescook> (raw)
In-Reply-To: <20241119150516.GB2196859@thelio-3990X>
On Tue, Nov 19, 2024 at 08:05:16AM -0700, Nathan Chancellor wrote:
> Hi Naresh,
>
> + Kees (it does not look like you own lib/overflow_kunit.c, should that
> be updated?)
Yeah, though I thought the selftest tree was moving a bunch of these
into a subdirectory? Maybe that didn't happen for v6.12?
> On Tue, Nov 19, 2024 at 04:17:41PM +0530, Naresh Kamboju wrote:
> > The overflow_DEFINE_FLEX_test KUnit test case. This test consistently
> > passes when built with GCC-13 but fails when using Clang-19 or
> > Clang-nightly.
> >
> > Test Case: overflow_DEFINE_FLEX_test
> > Compilers: Passing: GCC-13
> > Failing: Clang-19, Clang-nightly
> > Observed Behavior: The test failure is reproducible with Clang builds,
> > while GCC builds produce consistent success.
> >
> > This inconsistency suggests a potential issue either in the Clang toolchain
> > or in the test implementation that is exposed by Clang's compilation behavior.
> >
> > Test log:
> > ----------
> > <6>[ 92.471692] # castable_to_type_test: 103 castable_to_type()
> > tests finished
> > <6>[ 92.474933] ok 21 castable_to_type_test
> > <3>[ 92.476715] # DEFINE_FLEX_test: EXPECTATION FAILED at
> > lib/overflow_kunit.c:1200
> > <3>[ 92.476715] Expected
> > __builtin_dynamic_object_size(two_but_zero, 0) == expected_raw_size,
> > but
> > <3>[ 92.476715] __builtin_dynamic_object_size(two_but_zero,
> > 0) == 12 (0xc)
> > <3>[ 92.476715] expected_raw_size == 8 (0x8)
> > <6>[ 92.480178] not ok 22 DEFINE_FLEX_test
> > <6>[ 92.483020] # overflow: pass:21 fail:1 skip:0 total:22
>
> I can reproduce this with Clang 19.1.3 on 6.12, so it does not appear to
> be a recent problem.
>
> $ printf 'CONFIG_%s=y\n' KUNIT OVERFLOW_KUNIT_TEST >kernel/configs/overflow_kunit.config
>
> $ make -skj"$(nproc)" ARCH=arm64 LLVM=1 mrproper {def,hardening.,overflow_kunit.}config Image.gz
>
> $ boot-qemu.py ...
> [ 0.000000] Linux version 6.12.0 (nathan@thelio-3990X) (ClangBuiltLinux clang version 19.1.3 (https://github.com/llvm/llvm-project.git ab51eccf88f5321e7c60591c5546b254b6afab99), ClangBuiltLinux LLD 19.1.3 (https://github.com/llvm/llvm-project.git ab51eccf88f5321e7c60591c5546b254b6afab99)) #1 SMP PREEMPT Tue Nov 19 07:28:39 MST 2024
> ...
> [ 4.184764] # DEFINE_FLEX_test: EXPECTATION FAILED at lib/overflow_kunit.c:1200
> [ 4.184764] Expected __builtin_dynamic_object_size(two_but_zero, 0) == expected_raw_size, but
> [ 4.184764] __builtin_dynamic_object_size(two_but_zero, 0) == 12 (0xc)
> [ 4.184764] expected_raw_size == 8 (0x8)
> [ 4.190023] not ok 22 DEFINE_FLEX_test
> [ 4.206181] # overflow: pass:21 fail:1 skip:0 total:22
> [ 4.208635] # Totals: pass:21 fail:1 skip:0 total:22
> [ 4.212218] not ok 1 overflow
> ...
>
> I do not really understand how __builtin_dynamic_object_size() can
> return 12 for two_but_zero with __counted_by() because DEFINE_RAW_FLEX()
> does not initialize the counter so it should be zero... Kees? I guess
> maybe something changed on the LLVM side, I will see if I can bisect
> later (all the boxes are tied up with other compilations at the moment).
Hmm. I assume this is related to recent bdos vs counted_by changes in
Clang 19.1.2 (or .3?) But I'm going to have to track down which is
causing it.
The test is supposed to check this...
if counted_by is supported, DEFINE_RAW_FLEX will init counted_by to 0,
so the object is expected to be seen as sizeof(int) + sizeof(u32) (8).
if counted_by is NOT supported, then bdos will return the on-stack size
of the object (8 + sizeof(s16) * 2) == 12.
If LLVM switch to "max of counted_by or bos", then returning 12 would
make sense again.
I will check behaviors and compare it to GCC 15...
--
Kees Cook
next prev parent reply other threads:[~2024-11-19 17:38 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-19 10:47 DEFINE_FLEX_test: EXPECTATION FAILED at lib/overflow_kunit.c:1200: Naresh Kamboju
2024-11-19 15:05 ` Nathan Chancellor
2024-11-19 17:38 ` Kees Cook [this message]
2024-11-20 6:28 ` David Gow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202411190932.DB9B746B8@keescook \
--to=kees@kernel.org \
--cc=anders.roxell@linaro.org \
--cc=arnd@arndb.de \
--cc=brendan.higgins@linux.dev \
--cc=davidgow@google.com \
--cc=kunit-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=naresh.kamboju@linaro.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=rmoar@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.