From: Michael Ellerman <mpe@ellerman.id.au>
To: Bagas Sanjaya <bagasdotme@gmail.com>, linuxppc-dev@lists.ozlabs.org
Cc: linux-kernel@vger.kernel.org,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
Nicholas Piggin <npiggin@gmail.com>,
Christophe Leroy <christophe.leroy@csgroup.eu>,
Anders Roxell <anders.roxell@linaro.org>,
Arnd Bergmann <arnd@arndb.de>,
Yang Li <yang.lee@linux.alibaba.com>
Subject: Re: outside array bounds error on ppc64_defconfig, GCC 12.1.0
Date: Tue, 07 Jun 2022 12:05:18 +1000 [thread overview]
Message-ID: <87mtepns81.fsf@mpe.ellerman.id.au> (raw)
In-Reply-To: <YpbUcPrm61RLIiZF@debian.me>
Bagas Sanjaya <bagasdotme@gmail.com> writes:
> Hi,
>
> I'm trying to verify Drop ppc_inst_as_str() patch on [1] by performing
> ppc64_defconfig build with powerpc64-unknown-linux-gnu-gcc (GCC 12.1.0).
> The patch is applied on top of powerpc tree, next branch.
Yeah I see it too.
> I got outside array bounds error:
>
> CC arch/powerpc/kernel/dbell.o
> In function 'do_byte_reverse',
> inlined from 'do_vec_store' at arch/powerpc/lib/sstep.c:722:3,
> inlined from 'emulate_loadstore' at arch/powerpc/lib/sstep.c:3509:9:
> arch/powerpc/lib/sstep.c:286:25: error: array subscript [3, 4] is outside array bounds of 'union <anonymous>[1]' [-Werror=array-bounds]
> 286 | up[0] = byterev_8(up[3]);
> | ^~~~~~~~~~~~~~~~
>
> arch/owerpc/lib/sstep.c: In function 'emulate_loadstore':
> arch/powerpc/lib/sstep.c:708:11: note: at offset [24, 39] into object 'u' of size 16
> 708 | } u;
> | ^
> In function 'do_byte_reverse',
> inlined from 'do_vec_store' at arch/powerpc/lib/sstep.c:722:3,
> inlined from 'emulate_loadstore' at arch/powerpc/lib/sstep.c:3509:9:
> arch/powerpc/lib/sstep.c:287:23: error: array subscript [3, 4] is outside array bounds of 'union <anonymous>[1]' [-Werror=array-bounds]
> 287 | up[3] = tmp;
> | ~~~~~~^~~~~
This happens because we have a generic byte reverse function
(do_byte_reverse()), that takes a size as a parameter. So it will
reverse 8, 16, 32 bytes etc.
In some cases the compiler can see that we're passing a pointer to
storage that is smaller than 32 bytes, but it isn't convinced that the
size parameter is also smaller than 32 bytes.
Which I think is reasonable, the code that sets the size is separate
from this code, so the compiler can't really deduce that it's safe.
I don't see a really simple fix. I tried clamping the size parameter to
do_byte_reverse() with max(), but that didn't work :/
cheers
next prev parent reply other threads:[~2022-06-07 2:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-01 2:52 outside array bounds error on ppc64_defconfig, GCC 12.1.0 Bagas Sanjaya
2022-06-07 2:05 ` Michael Ellerman [this message]
2022-06-07 14:23 ` David Laight
2022-06-07 15:15 ` Segher Boessenkool
2022-06-07 15:04 ` Segher Boessenkool
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87mtepns81.fsf@mpe.ellerman.id.au \
--to=mpe@ellerman.id.au \
--cc=anders.roxell@linaro.org \
--cc=arnd@arndb.de \
--cc=bagasdotme@gmail.com \
--cc=benh@kernel.crashing.org \
--cc=christophe.leroy@csgroup.eu \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=npiggin@gmail.com \
--cc=paulus@samba.org \
--cc=yang.lee@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox