Commit c37495d6254c ("slab: add __alloc_size attributes for better
bounds checking") added __alloc_size attributes to a bunch of kmalloc
function prototypes. Unfortunately the change to __kmalloc_track_caller
seems to cause clang to generate broken code and the first time this is
called when booting, the box will crash.
While the compiler problems are being reworked and attempted to be
solved, let's just drop the attribute to solve the issue now. Once it
is resolved it can be added back.
Fixes: c37495d6254c ("slab: add __alloc_size attributes for better bounds checking")
Cc: stable <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Daniel Micay <[email protected]>
Cc: Nick Desaulniers <[email protected]>
Cc: Christoph Lameter <[email protected]>
Cc: Pekka Enberg <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: Joonsoo Kim <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Vlastimil Babka <[email protected]>
Cc: Nathan Chancellor <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
include/linux/slab.h | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/include/linux/slab.h b/include/linux/slab.h
index 37bde99b74af..5b6193fd8bd9 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -660,8 +660,7 @@ static inline __alloc_size(1, 2) void *kcalloc(size_t n, size_t size, gfp_t flag
* allocator where we care about the real place the memory allocation
* request comes from.
*/
-extern void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller)
- __alloc_size(1);
+extern void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller);
#define kmalloc_track_caller(size, flags) \
__kmalloc_track_caller(size, flags, _RET_IP_)
--
2.35.1
On Fri, Feb 18, 2022 at 5:14 AM Greg Kroah-Hartman
<[email protected]> wrote:
>
> Commit c37495d6254c ("slab: add __alloc_size attributes for better
> bounds checking") added __alloc_size attributes to a bunch of kmalloc
> function prototypes. Unfortunately the change to __kmalloc_track_caller
> seems to cause clang to generate broken code and the first time this is
> called when booting, the box will crash.
>
> While the compiler problems are being reworked and attempted to be
> solved, let's just drop the attribute to solve the issue now. Once it
> is resolved it can be added back.
Sorry about the mess; we'll get it cleaned up!
Acked-by: Nick Desaulniers <[email protected]>
Link: https://github.com/ClangBuiltLinux/linux/issues/1599
>
> Fixes: c37495d6254c ("slab: add __alloc_size attributes for better bounds checking")
> Cc: stable <[email protected]>
> Cc: Kees Cook <[email protected]>
> Cc: Daniel Micay <[email protected]>
> Cc: Nick Desaulniers <[email protected]>
> Cc: Christoph Lameter <[email protected]>
> Cc: Pekka Enberg <[email protected]>
> Cc: David Rientjes <[email protected]>
> Cc: Joonsoo Kim <[email protected]>
> Cc: Andrew Morton <[email protected]>
> Cc: Vlastimil Babka <[email protected]>
> Cc: Nathan Chancellor <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
> ---
> include/linux/slab.h | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 37bde99b74af..5b6193fd8bd9 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -660,8 +660,7 @@ static inline __alloc_size(1, 2) void *kcalloc(size_t n, size_t size, gfp_t flag
> * allocator where we care about the real place the memory allocation
> * request comes from.
> */
> -extern void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller)
> - __alloc_size(1);
> +extern void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller);
> #define kmalloc_track_caller(size, flags) \
> __kmalloc_track_caller(size, flags, _RET_IP_)
>
> --
> 2.35.1
>
--
Thanks,
~Nick Desaulniers
On 2/18/22 14:13, Greg Kroah-Hartman wrote:
> Commit c37495d6254c ("slab: add __alloc_size attributes for better
> bounds checking") added __alloc_size attributes to a bunch of kmalloc
> function prototypes. Unfortunately the change to __kmalloc_track_caller
> seems to cause clang to generate broken code and the first time this is
> called when booting, the box will crash.
>
> While the compiler problems are being reworked and attempted to be
> solved, let's just drop the attribute to solve the issue now. Once it
> is resolved it can be added back.
Could we instead wrap it in some #ifdef that' only true for clang build?
That would make the workaround more precise and self-documented. Even
better if it can trigger using clang version range and once a fixed
clang version is here, it can be updated to stay true for older clangs.
> Fixes: c37495d6254c ("slab: add __alloc_size attributes for better bounds checking")
> Cc: stable <[email protected]>
> Cc: Kees Cook <[email protected]>
> Cc: Daniel Micay <[email protected]>
> Cc: Nick Desaulniers <[email protected]>
> Cc: Christoph Lameter <[email protected]>
> Cc: Pekka Enberg <[email protected]>
> Cc: David Rientjes <[email protected]>
> Cc: Joonsoo Kim <[email protected]>
> Cc: Andrew Morton <[email protected]>
> Cc: Vlastimil Babka <[email protected]>
> Cc: Nathan Chancellor <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
> ---
> include/linux/slab.h | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 37bde99b74af..5b6193fd8bd9 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -660,8 +660,7 @@ static inline __alloc_size(1, 2) void *kcalloc(size_t n, size_t size, gfp_t flag
> * allocator where we care about the real place the memory allocation
> * request comes from.
> */
> -extern void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller)
> - __alloc_size(1);
> +extern void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller);
> #define kmalloc_track_caller(size, flags) \
> __kmalloc_track_caller(size, flags, _RET_IP_)
>
On 2/18/22 18:57, Greg Kroah-Hartman wrote:
> On Fri, Feb 18, 2022 at 06:14:55PM +0100, Vlastimil Babka wrote:
>> On 2/18/22 14:13, Greg Kroah-Hartman wrote:
>> > Commit c37495d6254c ("slab: add __alloc_size attributes for better
>> > bounds checking") added __alloc_size attributes to a bunch of kmalloc
>> > function prototypes. Unfortunately the change to __kmalloc_track_caller
>> > seems to cause clang to generate broken code and the first time this is
>> > called when booting, the box will crash.
>> >
>> > While the compiler problems are being reworked and attempted to be
>> > solved, let's just drop the attribute to solve the issue now. Once it
>> > is resolved it can be added back.
>>
>> Could we instead wrap it in some #ifdef that' only true for clang build?
>> That would make the workaround more precise and self-documented. Even
>> better if it can trigger using clang version range and once a fixed
>> clang version is here, it can be updated to stay true for older clangs.
>
> It's not doing all that much good like this, let's just remove it for
> now until it does actually provide a benifit and not just crash the box :)
>
> This is only 1 function, that is used in only a very small number of
> callers. I do not think it will be missed.
Fair enough, added to the slab tree:
https://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab.git/log/?h=for-5.17/fixup5
> thanks,
>
> greg k-h
>
On Fri, Feb 18, 2022 at 06:14:55PM +0100, Vlastimil Babka wrote:
> On 2/18/22 14:13, Greg Kroah-Hartman wrote:
> > Commit c37495d6254c ("slab: add __alloc_size attributes for better
> > bounds checking") added __alloc_size attributes to a bunch of kmalloc
> > function prototypes. Unfortunately the change to __kmalloc_track_caller
> > seems to cause clang to generate broken code and the first time this is
> > called when booting, the box will crash.
> >
> > While the compiler problems are being reworked and attempted to be
> > solved, let's just drop the attribute to solve the issue now. Once it
> > is resolved it can be added back.
>
> Could we instead wrap it in some #ifdef that' only true for clang build?
> That would make the workaround more precise and self-documented. Even
> better if it can trigger using clang version range and once a fixed
> clang version is here, it can be updated to stay true for older clangs.
It's not doing all that much good like this, let's just remove it for
now until it does actually provide a benifit and not just crash the box :)
This is only 1 function, that is used in only a very small number of
callers. I do not think it will be missed.
thanks,
greg k-h
On Fri, Feb 18, 2022 at 07:54:14PM +0100, Vlastimil Babka wrote:
> On 2/18/22 18:57, Greg Kroah-Hartman wrote:
> > On Fri, Feb 18, 2022 at 06:14:55PM +0100, Vlastimil Babka wrote:
> >> On 2/18/22 14:13, Greg Kroah-Hartman wrote:
> >> > Commit c37495d6254c ("slab: add __alloc_size attributes for better
> >> > bounds checking") added __alloc_size attributes to a bunch of kmalloc
> >> > function prototypes. Unfortunately the change to __kmalloc_track_caller
> >> > seems to cause clang to generate broken code and the first time this is
> >> > called when booting, the box will crash.
> >> >
> >> > While the compiler problems are being reworked and attempted to be
> >> > solved, let's just drop the attribute to solve the issue now. Once it
> >> > is resolved it can be added back.
> >>
> >> Could we instead wrap it in some #ifdef that' only true for clang build?
> >> That would make the workaround more precise and self-documented. Even
> >> better if it can trigger using clang version range and once a fixed
> >> clang version is here, it can be updated to stay true for older clangs.
> >
> > It's not doing all that much good like this, let's just remove it for
> > now until it does actually provide a benifit and not just crash the box :)
> >
> > This is only 1 function, that is used in only a very small number of
> > callers. I do not think it will be missed.
>
> Fair enough, added to the slab tree:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab.git/log/?h=for-5.17/fixup5
>
Thanks!
On Fri, 18 Feb 2022, Greg Kroah-Hartman wrote:
> Commit c37495d6254c ("slab: add __alloc_size attributes for better
> bounds checking") added __alloc_size attributes to a bunch of kmalloc
> function prototypes. Unfortunately the change to __kmalloc_track_caller
> seems to cause clang to generate broken code and the first time this is
> called when booting, the box will crash.
>
> While the compiler problems are being reworked and attempted to be
> solved, let's just drop the attribute to solve the issue now. Once it
> is resolved it can be added back.
>
> Fixes: c37495d6254c ("slab: add __alloc_size attributes for better bounds checking")
> Cc: stable <[email protected]>
> Cc: Kees Cook <[email protected]>
> Cc: Daniel Micay <[email protected]>
> Cc: Nick Desaulniers <[email protected]>
> Cc: Christoph Lameter <[email protected]>
> Cc: Pekka Enberg <[email protected]>
> Cc: David Rientjes <[email protected]>
> Cc: Joonsoo Kim <[email protected]>
> Cc: Andrew Morton <[email protected]>
> Cc: Vlastimil Babka <[email protected]>
> Cc: Nathan Chancellor <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
Acked-by: David Rientjes <[email protected]>
On Fri, Feb 18, 2022 at 09:19:51AM -0800, Nick Desaulniers wrote:
> On Fri, Feb 18, 2022 at 5:14 AM Greg Kroah-Hartman
> <[email protected]> wrote:
> >
> > Commit c37495d6254c ("slab: add __alloc_size attributes for better
> > bounds checking") added __alloc_size attributes to a bunch of kmalloc
> > function prototypes. Unfortunately the change to __kmalloc_track_caller
> > seems to cause clang to generate broken code and the first time this is
> > called when booting, the box will crash.
> >
> > While the compiler problems are being reworked and attempted to be
> > solved, let's just drop the attribute to solve the issue now. Once it
> > is resolved it can be added back.
>
> Sorry about the mess; we'll get it cleaned up!
> Acked-by: Nick Desaulniers <[email protected]>
> Link: https://github.com/ClangBuiltLinux/linux/issues/1599
Thanks for the issue link!
Acked-by: Kees Cook <[email protected]>
--
Kees Cook