From: Arend Van Spriel <arend.vanspriel@broadcom.com>
To: Arnd Bergmann <arnd@arndb.de>
Cc: kasan-dev <kasan-dev@googlegroups.com>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Alexander Potapenko <glider@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Networking <netdev@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
linux-media@vger.kernel.org,
linux-wireless <linux-wireless@vger.kernel.org>,
kernel-build-reports@lists.linaro.org,
"David S . Miller" <davem@davemloft.net>
Subject: Re: [PATCH 07/26] brcmsmac: reduce stack size with KASAN
Date: Mon, 6 Mar 2017 12:02:19 +0100 [thread overview]
Message-ID: <2dd6ce84-0285-b4c1-97d4-bb41a6ffec04@broadcom.com> (raw)
In-Reply-To: <CAK8P3a30Ge5gyKco4HKCdKWiJk9ee1PU3_P6THjOQgHm3EQcJw@mail.gmail.com>
On 6-3-2017 11:38, Arnd Bergmann wrote:
> On Mon, Mar 6, 2017 at 10:16 AM, Arend Van Spriel
> <arend.vanspriel@broadcom.com> wrote:
>> On 2-3-2017 17:38, Arnd Bergmann wrote:
>>> The wlc_phy_table_write_nphy/wlc_phy_table_read_nphy functions always put an object
>>> on the stack, which will each require a redzone with KASAN and lead to possible
>>> stack overflow:
>>>
>>> drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c: In function 'wlc_phy_workarounds_nphy':
>>> drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c:17135:1: warning: the frame size of 6312 bytes is larger than 1000 bytes [-Wframe-larger-than=]
>>
>> Looks like this warning text ended up in the wrong commit message. Got
>> me confused for a sec :-p
>
> What's wrong about the warning?
The warning is about the function 'wlc_phy_workarounds_nphy' (see PATCH
9/26) and not about wlc_phy_table_write_nphy/wlc_phy_table_read_nphy
functions.
>>> This marks the two functions as noinline_for_kasan, avoiding the problem entirely.
>>
>> Frankly I seriously dislike annotating code for the sake of some
>> (dynamic) memory analyzer. To me the whole thing seems rather
>> unnecessary. If the code passes the 2048 stack limit without KASAN it
>> would seem the limit with KASAN should be such that no warning is given.
>> I suspect that it is rather difficult to predict the additional size of
>> the instrumentation code and on some systems there might be a real issue
>> with increased stack usage.
>
> The frame sizes don't normally change that much. There are a couple of
> drivers like brcmsmac that repeatedly call an inline function which has
> a local variable that it passes by reference to an extern function.
>
> While normally those variables share a stack location, KASAN forces
> each instance to its own location and adds (in this case) 80 bytes of
> redzone around it to detect out-of-bounds access.
>
> While most drivers are fine with a 1500 byte warning limit, increasing
> the limit to 7kb would silence brcmsmac (unless more registers
> are accessed from wlc_phy_workarounds_nphy) but also risk a
> stack overflow to go unnoticed.
Given the amount of local variables maybe just tag the functions with
noinline instead.
Regards,
Arend
next prev parent reply other threads:[~2017-03-06 11:11 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-02 16:38 [PATCH 00/26] bring back stack frame warning with KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 01/26] compiler: introduce noinline_for_kasan annotation Arnd Bergmann
2017-03-03 13:50 ` Andrey Ryabinin
2017-03-03 13:55 ` Alexander Potapenko
2017-03-03 14:30 ` Arnd Bergmann
2017-03-03 14:33 ` Alexander Potapenko
2017-03-03 14:51 ` Arnd Bergmann
2017-03-03 16:34 ` David Laight
2017-03-02 16:38 ` [PATCH 02/26] rewrite READ_ONCE/WRITE_ONCE Arnd Bergmann
2017-03-02 16:51 ` Christian Borntraeger
2017-03-02 17:55 ` Arnd Bergmann
2017-03-02 19:00 ` Christian Borntraeger
2017-03-02 21:45 ` Arnd Bergmann
2017-03-03 8:26 ` Christian Borntraeger
2017-03-03 9:54 ` Arnd Bergmann
2017-03-03 14:49 ` Peter Zijlstra
2017-03-03 14:57 ` Peter Zijlstra
2017-03-02 16:38 ` [PATCH 03/26] typecheck.h: avoid local variables in typecheck() macro Arnd Bergmann
2017-03-02 16:38 ` [PATCH 04/26] tty: kbd: reduce stack size with KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 05/26] netlink: mark nla_put_{u8,u16,u32} noinline_for_kasan Arnd Bergmann
2017-03-02 16:38 ` [PATCH 06/26] rocker: mark rocker_tlv_put_* functions as noinline_for_kasan Arnd Bergmann
2017-03-02 16:38 ` [PATCH 07/26] brcmsmac: reduce stack size with KASAN Arnd Bergmann
2017-03-06 9:16 ` Arend Van Spriel
2017-03-06 10:38 ` Arnd Bergmann
2017-03-06 11:02 ` Arend Van Spriel [this message]
2017-03-06 11:16 ` Arnd Bergmann
2017-03-06 11:18 ` Arnd Bergmann
2017-03-02 16:38 ` [PATCH 08/26] brcmsmac: make some local variables 'static const' to reduce stack size Arnd Bergmann
2017-03-06 9:30 ` Arend Van Spriel
2017-03-06 16:19 ` Kalle Valo
2017-03-06 21:34 ` Arnd Bergmann
2017-03-07 9:44 ` Kalle Valo
2017-03-07 9:55 ` Arend Van Spriel
2017-03-02 16:38 ` [PATCH 09/26] brcmsmac: split up wlc_phy_workarounds_nphy Arnd Bergmann
2017-03-06 9:31 ` Arend Van Spriel
2017-03-02 16:38 ` [PATCH 10/26] brcmsmac: reindent split functions Arnd Bergmann
2017-03-06 9:33 ` Arend Van Spriel
2017-03-06 16:24 ` Kalle Valo
2017-03-02 16:38 ` [PATCH 11/26] rtlwifi: reduce stack usage for KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 12/26] wl3501_cs: reduce stack size " Arnd Bergmann
2017-03-02 16:38 ` [PATCH 13/26] rtl8180: " Arnd Bergmann
2017-03-02 16:38 ` [PATCH 14/26] [media] dvb-frontends: reduce stack size in i2c access Arnd Bergmann
2017-03-02 16:38 ` [PATCH 15/26] [media] tuners: i2c: reduce stack usage for tuner_i2c_xfer_* Arnd Bergmann
2017-03-02 16:38 ` [PATCH 16/26] [media] i2c: adv7604: mark register access as noinline_for_kasan Arnd Bergmann
2017-03-02 16:38 ` [PATCH 17/26] [media] i2c: ks0127: reduce stack frame size for KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 18/26] [media] i2c: cx25840: avoid stack overflow with KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 19/26] [media] r820t: mark register functions as noinline_for_kasan Arnd Bergmann
2017-03-02 16:38 ` [PATCH 20/26] [media] em28xx: split up em28xx_dvb_init to reduce stack size Arnd Bergmann
2017-03-02 16:38 ` [PATCH 21/26] drm/bridge: ps8622: reduce stack size for KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 22/26] drm/i915/gvt: don't overflow the kernel stack with KASAN Arnd Bergmann
2017-03-02 16:38 ` [PATCH 23/26] mtd: cfi: reduce stack size " Arnd Bergmann
2017-03-02 16:38 ` [PATCH 24/26] ocfs2: " Arnd Bergmann
2017-03-02 17:46 ` Joe Perches
2017-03-02 22:22 ` Arnd Bergmann
2017-03-02 22:40 ` Joe Perches
2017-03-02 22:59 ` Arnd Bergmann
2017-03-02 23:58 ` Joe Perches
2017-03-02 16:38 ` [PATCH 25/26] isdn: eicon: mark divascapi incompatible with kasan Arnd Bergmann
2017-03-03 14:20 ` Andrey Ryabinin
2017-03-03 14:54 ` Arnd Bergmann
2017-03-03 15:22 ` Andrey Ryabinin
2017-03-03 15:37 ` Arnd Bergmann
2017-03-02 16:38 ` [PATCH 26/26] kasan: rework Kconfig settings Arnd Bergmann
2017-03-03 14:51 ` Andrey Ryabinin
2017-03-03 15:03 ` Arnd Bergmann
2017-03-03 12:25 ` [PATCH 00/26] bring back stack frame warning with KASAN Alexander Potapenko
2017-03-03 12:54 ` Arnd Bergmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2dd6ce84-0285-b4c1-97d4-bb41a6ffec04@broadcom.com \
--to=arend.vanspriel@broadcom.com \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=davem@davemloft.net \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kernel-build-reports@lists.linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).