From: Alexander Lobakin <aleksander.lobakin@intel.com>
To: Alexander Potapenko <glider@google.com>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Yury Norov <yury.norov@gmail.com>,
Syed Nayyar Waris <syednwaris@gmail.com>,
"kernel test robot" <lkp@intel.com>,
<oe-kbuild-all@lists.linux.dev>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [alobakin:pfcp 11/19] include/linux/bitmap.h:642:17: warning: array subscript [1, 1024] is outside array bounds of 'long unsigned int[1]'
Date: Mon, 6 Nov 2023 17:31:34 +0100 [thread overview]
Message-ID: <bd7fe929-c6fc-42be-9d2f-3f53ec21fd10@intel.com> (raw)
In-Reply-To: <202310170708.fJzLlgDM-lkp@intel.com>
BTW, I have this in my inbox:
From: Kernel Test Robot <lkp@intel.com>
Date: Tue, 17 Oct 2023 08:14:51 +0800
> tree: https://github.com/alobakin/linux pfcp
> head: 9183a3eb639912169a3d3e2be4f25556b465919b
> commit: c8a652cdcc0964510f108726b3da0784d1bc0cd2 [11/19] bitmap: make bitmap_{get,set}_value8() use bitmap_{read,write}()
So it happened after I converted bitmap_{get,set}_value8() so that they
use bitmap_{read,write}().
> config: x86_64-randconfig-004-20231017 (https://download.01.org/0day-ci/archive/20231017/202310170708.fJzLlgDM-lkp@intel.com/config)
> compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231017/202310170708.fJzLlgDM-lkp@intel.com/reproduce)
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@intel.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202310170708.fJzLlgDM-lkp@intel.com/
>
> All warnings (new ones prefixed by >>):
>
> In file included from include/linux/cpumask.h:12,
> from arch/x86/include/asm/cpumask.h:5,
> from arch/x86/include/asm/msr.h:11,
> from arch/x86/include/asm/processor.h:23,
> from arch/x86/include/asm/cpufeature.h:5,
> from arch/x86/include/asm/thread_info.h:53,
> from include/linux/thread_info.h:60,
> from arch/x86/include/asm/preempt.h:9,
> from include/linux/preempt.h:79,
> from include/linux/spinlock.h:56,
> from include/linux/mmzone.h:8,
> from include/linux/gfp.h:7,
> from include/linux/slab.h:16,
> from include/linux/resource_ext.h:11,
> from include/linux/acpi.h:13,
> from drivers/gpio/gpio-pca953x.c:11:
> drivers/gpio/gpio-pca953x.c: In function 'pca953x_probe':
>>> include/linux/bitmap.h:642:17: warning: array subscript [1, 1024] is outside array bounds of 'long unsigned int[1]' [-Warray-bounds]
> 642 | map[index + 1] &= BITMAP_FIRST_WORD_MASK(start + nbits);
> | ^~
> In file included from include/linux/kasan-checks.h:5,
> from include/asm-generic/rwonce.h:26,
> from ./arch/x86/include/generated/asm/rwonce.h:1,
> from include/linux/compiler.h:246,
> from include/linux/build_bug.h:5,
> from include/linux/bits.h:21,
> from include/linux/ioport.h:13,
> from include/linux/acpi.h:12,
> from drivers/gpio/gpio-pca953x.c:11:
> drivers/gpio/gpio-pca953x.c:1032:17: note: while referencing 'val'
> 1032 | DECLARE_BITMAP(val, MAX_LINE);
> | ^~~
> include/linux/types.h:11:16: note: in definition of macro 'DECLARE_BITMAP'
> 11 | unsigned long name[BITS_TO_LONGS(bits)]
> | ^~~~
> In file included from include/linux/cpumask.h:12,
> from arch/x86/include/asm/cpumask.h:5,
> from arch/x86/include/asm/msr.h:11,
> from arch/x86/include/asm/processor.h:23,
> from arch/x86/include/asm/cpufeature.h:5,
> from arch/x86/include/asm/thread_info.h:53,
> from include/linux/thread_info.h:60,
> from arch/x86/include/asm/preempt.h:9,
> from include/linux/preempt.h:79,
> from include/linux/spinlock.h:56,
> from include/linux/mmzone.h:8,
> from include/linux/gfp.h:7,
> from include/linux/slab.h:16,
> from include/linux/resource_ext.h:11,
> from include/linux/acpi.h:13,
> from drivers/gpio/gpio-pca953x.c:11:
>>> include/linux/bitmap.h:642:17: warning: array subscript [1, 1024] is outside array bounds of 'long unsigned int[1]' [-Warray-bounds]
> 642 | map[index + 1] &= BITMAP_FIRST_WORD_MASK(start + nbits);
> | ^~
> In file included from include/linux/kasan-checks.h:5,
> from include/asm-generic/rwonce.h:26,
> from ./arch/x86/include/generated/asm/rwonce.h:1,
> from include/linux/compiler.h:246,
> from include/linux/build_bug.h:5,
> from include/linux/bits.h:21,
> from include/linux/ioport.h:13,
> from include/linux/acpi.h:12,
> from drivers/gpio/gpio-pca953x.c:11:
> drivers/gpio/gpio-pca953x.c:1032:17: note: while referencing 'val'
> 1032 | DECLARE_BITMAP(val, MAX_LINE);
> | ^~~
> include/linux/types.h:11:16: note: in definition of macro 'DECLARE_BITMAP'
> 11 | unsigned long name[BITS_TO_LONGS(bits)]
> | ^~~~
> In file included from include/linux/cpumask.h:12,
> from arch/x86/include/asm/cpumask.h:5,
> from arch/x86/include/asm/msr.h:11,
> from arch/x86/include/asm/processor.h:23,
> from arch/x86/include/asm/cpufeature.h:5,
> from arch/x86/include/asm/thread_info.h:53,
> from include/linux/thread_info.h:60,
> from arch/x86/include/asm/preempt.h:9,
> from include/linux/preempt.h:79,
> from include/linux/spinlock.h:56,
> from include/linux/mmzone.h:8,
> from include/linux/gfp.h:7,
> from include/linux/slab.h:16,
> from include/linux/resource_ext.h:11,
> from include/linux/acpi.h:13,
> from drivers/gpio/gpio-pca953x.c:11:
> include/linux/bitmap.h:643:17: warning: array subscript [1, 1024] is outside array bounds of 'long unsigned int[1]' [-Warray-bounds]
> 643 | map[index + 1] |= (value >> space);
> | ^~
> In file included from include/linux/kasan-checks.h:5,
> from include/asm-generic/rwonce.h:26,
> from ./arch/x86/include/generated/asm/rwonce.h:1,
> from include/linux/compiler.h:246,
> from include/linux/build_bug.h:5,
> from include/linux/bits.h:21,
> from include/linux/ioport.h:13,
> from include/linux/acpi.h:12,
> from drivers/gpio/gpio-pca953x.c:11:
> drivers/gpio/gpio-pca953x.c:1032:17: note: while referencing 'val'
> 1032 | DECLARE_BITMAP(val, MAX_LINE);
> | ^~~
> include/linux/types.h:11:16: note: in definition of macro 'DECLARE_BITMAP'
> 11 | unsigned long name[BITS_TO_LONGS(bits)]
> | ^~~~
> In file included from include/linux/cpumask.h:12,
> from arch/x86/include/asm/cpumask.h:5,
> from arch/x86/include/asm/msr.h:11,
> from arch/x86/include/asm/processor.h:23,
> from arch/x86/include/asm/cpufeature.h:5,
> from arch/x86/include/asm/thread_info.h:53,
> from include/linux/thread_info.h:60,
> from arch/x86/include/asm/preempt.h:9,
> from include/linux/preempt.h:79,
> from include/linux/spinlock.h:56,
> from include/linux/mmzone.h:8,
> from include/linux/gfp.h:7,
> from include/linux/slab.h:16,
> from include/linux/resource_ext.h:11,
> from include/linux/acpi.h:13,
> from drivers/gpio/gpio-pca953x.c:11:
> include/linux/bitmap.h:643:17: warning: array subscript [1, 1024] is outside array bounds of 'long unsigned int[1]' [-Warray-bounds]
> 643 | map[index + 1] |= (value >> space);
> | ^~
> In file included from include/linux/kasan-checks.h:5,
> from include/asm-generic/rwonce.h:26,
> from ./arch/x86/include/generated/asm/rwonce.h:1,
> from include/linux/compiler.h:246,
> from include/linux/build_bug.h:5,
> from include/linux/bits.h:21,
> from include/linux/ioport.h:13,
> from include/linux/acpi.h:12,
> from drivers/gpio/gpio-pca953x.c:11:
> drivers/gpio/gpio-pca953x.c:1032:17: note: while referencing 'val'
> 1032 | DECLARE_BITMAP(val, MAX_LINE);
> | ^~~
> include/linux/types.h:11:16: note: in definition of macro 'DECLARE_BITMAP'
> 11 | unsigned long name[BITS_TO_LONGS(bits)]
> | ^~~~
>
>
> vim +642 include/linux/bitmap.h
>
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 603
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 604 /**
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 605 * bitmap_write - write n-bit value within a memory region
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 606 * @map: address to the bitmap memory region
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 607 * @value: value to write, clamped to nbits
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 608 * @start: bit offset of the n-bit value
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 609 * @nbits: size of value in bits, nonzero, up to BITS_PER_LONG.
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 610 *
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 611 * bitmap_write() behaves as-if implemented as @nbits calls of __assign_bit(),
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 612 * i.e. bits beyond @nbits are ignored:
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 613 *
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 614 * for (bit = 0; bit < nbits; bit++)
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 615 * __assign_bit(start + bit, bitmap, val & BIT(bit));
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 616 */
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 617 static inline void bitmap_write(unsigned long *map,
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 618 unsigned long value,
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 619 unsigned long start, unsigned long nbits)
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 620 {
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 621 size_t index;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 622 unsigned long offset;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 623 unsigned long space;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 624 unsigned long mask;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 625 bool fit;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 626
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 627 if (unlikely(!nbits))
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 628 return;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 629
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 630 mask = BITMAP_LAST_WORD_MASK(nbits);
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 631 value &= mask;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 632 offset = start % BITS_PER_LONG;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 633 space = BITS_PER_LONG - offset;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 634 fit = space >= nbits;
For that particular case, @offset is not a compile-time constant, thus
the compiler can't assume anything. @space and @fit are as well due to that.
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 635 index = BIT_WORD(start);
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 636
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 637 map[index] &= (fit ? (~(mask << offset)) : ~BITMAP_FIRST_WORD_MASK(start));
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 638 map[index] |= value << offset;
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 639 if (fit)
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 640 return;
...which means the compiler doesn't know whether this condition will
return from the function or not.
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 641
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 @642 map[index + 1] &= BITMAP_FIRST_WORD_MASK(start + nbits);
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 643 map[index + 1] |= (value >> space);
However, it knows that the bitmap has only 1 long and indexes above 0
are not valid.
Not sure how to approach this :z It was also captured on the version you
sent 2 weeks ago, so this could've been resolved already.
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 644 }
> c8ac468adba7fe Syed Nayyar Waris 2023-10-11 645
>
> :::::: The code at line 642 was first introduced by commit
> :::::: c8ac468adba7fe930ec22f392d5f127b768deccc lib/bitmap: add bitmap_{read,write}()
>
> :::::: TO: Syed Nayyar Waris <syednwaris@gmail.com>
> :::::: CC: Alexander Lobakin <aleksander.lobakin@intel.com>
>
Thanks,
Olek
next parent reply other threads:[~2023-11-06 16:33 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <202310170708.fJzLlgDM-lkp@intel.com>
2023-11-06 16:31 ` Alexander Lobakin [this message]
2023-11-06 18:23 ` [alobakin:pfcp 11/19] include/linux/bitmap.h:642:17: warning: array subscript [1, 1024] is outside array bounds of 'long unsigned int[1]' Andy Shevchenko
2023-11-07 13:21 ` Alexander Lobakin
2023-11-07 16:33 ` Alexander Potapenko
2023-11-07 16:44 ` Alexander Lobakin
2023-11-07 17:24 ` Alexander Lobakin
2023-11-07 18:32 ` Yury Norov
2023-11-07 18:52 ` Alexander Lobakin
2023-11-07 19:24 ` Yury Norov
2023-11-08 10:07 ` Alexander Potapenko
2023-11-08 12:28 ` Alexander Lobakin
2023-11-07 23:25 ` Kees Cook
2023-11-08 0:48 ` Yury Norov
2023-11-07 13:22 ` Yury Norov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bd7fe929-c6fc-42be-9d2f-3f53ec21fd10@intel.com \
--to=aleksander.lobakin@intel.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=glider@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=oe-kbuild-all@lists.linux.dev \
--cc=syednwaris@gmail.com \
--cc=yury.norov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox