Hi All,
The latest mainline kernel branch fails to build with clang (version 16.0.1), and the errors are like:
drivers/scsi/aacraid/commsup.c:1170:17: error: array index 1 is past the end of the array (that has type 'u8[1]' (aka 'unsigned char[1]'), cast to '__le32 *' (aka 'unsigned int *')) [-Werror,-Warray-bounds]
(((__le32 *)aifcmd->data)[1] == cpu_to_le32(3));
^ ~
drivers/scsi/aacraid/aacraid.h:2621:2: note: array 'data' declared here
u8 data[1]; /* Undefined length (from kernel viewpoint) */
^
drivers/scsi/aacraid/commsup.c:1290:20: error: array index 3 is past the end of the array (that has type 'u8[1]' (aka 'unsigned char[1]'), cast to '__le32 *' (aka 'unsigned int *')) [-Werror,-Warray-bounds]
((((__le32 *)aifcmd->data)[3]
^
_______________________________________________________________________
drivers/staging/ks7010/ks_wlan_net.c:1600:34: error: array index 16 is past the end of the array (that has type '__u8[0]' (aka 'unsigned char[0]')) [-Werror,-Warray-bounds]
memcpy(&key->tx_mic_key[0], &enc->key[16], 8);
^ ~~
./include/linux/fortify-string.h:694:35: note: expanded from macro 'memcpy'
__struct_size(p), __struct_size(q), \
^
./include/linux/fortify-string.h:96:56: note: expanded from macro '__struct_size'
#define __struct_size(p) __builtin_dynamic_object_size(p, 0)
^
./include/linux/fortify-string.h:638:27: note: expanded from macro '__fortify_memcpy_chk'
const size_t __q_size = (q_size); \
^~~~~~
./include/uapi/linux/wireless.h:838:2: note: array 'key' declared here
__u8 key[0];
^
_______________________________________________________________________
git bisect pointed to df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3").
Reverting the commit has fixed the build failure.
I will be happy to test any patch or provide any extra log if needed.
#regzbot introduced: df8fc4e934c12b906d08050d7779f292b9c5c6b5
--
Regards
Sudip
Hi,
Thanks for the report. See my comments below.
On 6/29/23 07:53, Sudip Mukherjee (Codethink) wrote:
> Hi All,
>
> The latest mainline kernel branch fails to build with clang (version 16.0.1), and the errors are like:
>
>
> drivers/scsi/aacraid/commsup.c:1170:17: error: array index 1 is past the end of the array (that has type 'u8[1]' (aka 'unsigned char[1]'), cast to '__le32 *' (aka 'unsigned int *')) [-Werror,-Warray-bounds]
> (((__le32 *)aifcmd->data)[1] == cpu_to_le32(3));
> ^ ~
> drivers/scsi/aacraid/aacraid.h:2621:2: note: array 'data' declared here
> u8 data[1]; /* Undefined length (from kernel viewpoint) */
> ^
> drivers/scsi/aacraid/commsup.c:1290:20: error: array index 3 is past the end of the array (that has type 'u8[1]' (aka 'unsigned char[1]'), cast to '__le32 *' (aka 'unsigned int *')) [-Werror,-Warray-bounds]
> ((((__le32 *)aifcmd->data)[3]
These are addressed by this patch:
https://lore.kernel.org/linux-hardening/65907ee4083de62fbaadc5c2e6512e3828912d1b.1687974498.git.gustavoars@kernel.org/
in this series (for which I'll send v2 shortly):
https://lore.kernel.org/linux-hardening/[email protected]/T/
> drivers/staging/ks7010/ks_wlan_net.c:1600:34: error: array index 16 is past the end of the array (that has type '__u8[0]' (aka 'unsigned char[0]')) [-Werror,-Warray-bounds]
> memcpy(&key->tx_mic_key[0], &enc->key[16], 8);
> ^ ~~
> ./include/linux/fortify-string.h:694:35: note: expanded from macro 'memcpy'
> __struct_size(p), __struct_size(q), \
> ^
> ./include/linux/fortify-string.h:96:56: note: expanded from macro '__struct_size'
> #define __struct_size(p) __builtin_dynamic_object_size(p, 0)
> ^
> ./include/linux/fortify-string.h:638:27: note: expanded from macro '__fortify_memcpy_chk'
> const size_t __q_size = (q_size); \
> ^~~~~~
> ./include/uapi/linux/wireless.h:838:2: note: array 'key' declared here
> __u8 key[0];
> ^
and these are addressed by this patch:
https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?h=for-next/kspp&id=40ca06d71d60677a8424798610c97a46e4140a21
in this pull-request:
https://lore.kernel.org/linux-hardening/ZJxZJDUDs1ry84Rc@work/
Thanks
--
Gustavo
>
> _______________________________________________________________________
>
>
> git bisect pointed to df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3").
>
> Reverting the commit has fixed the build failure.
>
> I will be happy to test any patch or provide any extra log if needed.
>
> #regzbot introduced: df8fc4e934c12b906d08050d7779f292b9c5c6b5
>
>
On 29.06.23 16:09, Gustavo A. R. Silva wrote:
>
> Thanks for the report. See my comments below.
Thx for your reply.
> On 6/29/23 07:53, Sudip Mukherjee (Codethink) wrote:
>>
>> The latest mainline kernel branch fails to build with clang (version
>> 16.0.1), and the errors are like:
>>
>> drivers/scsi/aacraid/commsup.c:1170:17: error: array index 1 is past
>> the end of the array (that has type 'u8[1]' (aka 'unsigned char[1]'),
>> cast to '__le32 *' (aka 'unsigned int *')) [-Werror,-Warray-bounds]
>> (((__le32 *)aifcmd->data)[1] ==
>> cpu_to_le32(3));
>> ^ ~
> [...]
> These are addressed by this patch:
> https://lore.kernel.org/linux-hardening/65907ee4083de62fbaadc5c2e6512e3828912d1b.1687974498.git.gustavoars@kernel.org/
>
> in this series (for which I'll send v2 shortly):
> https://lore.kernel.org/linux-hardening/[email protected]/T/
Are those fixes still on track? Looks like there was not much progress
since then, so I suspect this won't be fixed before -rc1? Or did miss
something?
Ciao, Thorsten
> [...]
>>
>> git bisect pointed to df8fc4e934c1 ("kbuild: Enable
>> -fstrict-flex-arrays=3").
>>
>> Reverting the commit has fixed the build failure.
>>
>> I will be happy to test any patch or provide any extra log if needed.
>>
>> #regzbot introduced: df8fc4e934c12b906d08050d7779f292b9c5c6b5
>>
>>
>
>
On 7/7/23 06:52, Linux regression tracking (Thorsten Leemhuis) wrote:
> Are those fixes still on track? Looks like there was not much progress
> since then, so I suspect this won't be fixed before -rc1? Or did miss
> something?
The change is already in SCSI for them to send it to mainline when they
see fit:
https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=6.5/scsi-staging&id=47699a2b63caaa0de4841d4402627c2fdf3452a6
--
Gustavo
On 07.07.23 18:17, Gustavo A. R. Silva wrote:
> On 7/7/23 06:52, Linux regression tracking (Thorsten Leemhuis) wrote:
>
>> Are those fixes still on track? Looks like there was not much progress
>> since then, so I suspect this won't be fixed before -rc1? Or did miss
>> something?
>
> The change is already in SCSI for them to send it to mainline when they
> see fit:
> https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=6.5/scsi-staging&id=47699a2b63caaa0de4841d4402627c2fdf3452a6
Ahh, great. I had checked -next before writing my mail, but somehow
missed this one. Sorry. And thanks for your help.
This afaics was the last remaining issue of those reported in the
initial mail of this thread, hence telling regzbot to mark this as
resolved by that commit.
#regzbot fix: scsi: aacraid: Avoid -Warray-bounds warning
Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)
--
Everything you wanna know about Linux kernel regression tracking:
https://linux-regtracking.leemhuis.info/about/#tldr
If I did something stupid, please tell me, as explained on that page.