commit fad7cd3310db ("nbd: add the check to prevent overflow in
__nbd_ioctl()")
raised an issue from the fallback helpers added in
commit f0907827a8a9 ("compiler.h: enable builtin overflow checkers and add fallback code")
Specifically, the helpers for checking whether the results of a
multiplication overflowed (__unsigned_mul_overflow,
__signed_add_overflow) use the division operator when
!COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW. This is problematic for 64b
operands on 32b hosts.
Also, because the macro is type agnostic, it is very difficult to write
a similarly type generic macro that dispatches to one of:
* div64_s64
* div64_u64
* div_s64
* div_u64
Raising the minimum supported versions allows us to remove all of the
fallback helpers for !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW, instead
dispatching the compiler builtins.
arm64 has already raised the minimum supported GCC version to 5.1, do
this for all targets now. See the link below for the previous
discussion.
Link: https://lore.kernel.org/all/[email protected]/
Link: https://lore.kernel.org/lkml/CAK7LNASs6dvU6D3jL2GG3jW58fXfaj6VNOe55NJnTB8UPuk2pA@mail.gmail.com/
Link: https://github.com/ClangBuiltLinux/linux/issues/1438
Reported-by: Stephen Rothwell <[email protected]>
Reported-by: Nathan Chancellor <[email protected]>
Suggested-by: Rasmus Villemoes <[email protected]>
Signed-off-by: Nick Desaulniers <[email protected]>
---
Documentation/process/changes.rst | 2 +-
scripts/min-tool-version.sh | 8 +-------
2 files changed, 2 insertions(+), 8 deletions(-)
diff --git a/Documentation/process/changes.rst b/Documentation/process/changes.rst
index d3a8557b66a1..e35ab74a0f80 100644
--- a/Documentation/process/changes.rst
+++ b/Documentation/process/changes.rst
@@ -29,7 +29,7 @@ you probably needn't concern yourself with pcmciautils.
====================== =============== ========================================
Program Minimal version Command to check the version
====================== =============== ========================================
-GNU C 4.9 gcc --version
+GNU C 5.1 gcc --version
Clang/LLVM (optional) 10.0.1 clang --version
GNU make 3.81 make --version
binutils 2.23 ld -v
diff --git a/scripts/min-tool-version.sh b/scripts/min-tool-version.sh
index 319f92104f56..4edc708baa63 100755
--- a/scripts/min-tool-version.sh
+++ b/scripts/min-tool-version.sh
@@ -17,13 +17,7 @@ binutils)
echo 2.23.0
;;
gcc)
- # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63293
- # https://lore.kernel.org/r/[email protected]
- if [ "$SRCARCH" = arm64 ]; then
- echo 5.1.0
- else
- echo 4.9.0
- fi
+ echo 5.1.0
;;
icc)
# temporary
--
2.33.0.309.g3052b89438-goog
On 9/10/2021 4:40 PM, Nick Desaulniers wrote:
> commit fad7cd3310db ("nbd: add the check to prevent overflow in
> __nbd_ioctl()")
>
> raised an issue from the fallback helpers added in
>
> commit f0907827a8a9 ("compiler.h: enable builtin overflow checkers and add fallback code")
>
> Specifically, the helpers for checking whether the results of a
> multiplication overflowed (__unsigned_mul_overflow,
> __signed_add_overflow) use the division operator when
> !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW. This is problematic for 64b
> operands on 32b hosts.
"hosts" -> "targets" or "architectures"?
It might be worth putting the error that Stephen found here?
> Also, because the macro is type agnostic, it is very difficult to write
> a similarly type generic macro that dispatches to one of:
> * div64_s64
> * div64_u64
> * div_s64
> * div_u64
>
> Raising the minimum supported versions allows us to remove all of the
> fallback helpers for !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW, instead
> dispatching the compiler builtins.
>
> arm64 has already raised the minimum supported GCC version to 5.1, do
> this for all targets now. See the link below for the previous
> discussion.
>
> Link: https://lore.kernel.org/all/[email protected]/
> Link: https://lore.kernel.org/lkml/CAK7LNASs6dvU6D3jL2GG3jW58fXfaj6VNOe55NJnTB8UPuk2pA@mail.gmail.com/
> Link: https://github.com/ClangBuiltLinux/linux/issues/1438
> Reported-by: Stephen Rothwell <[email protected]>
> Reported-by: Nathan Chancellor <[email protected]>
> Suggested-by: Rasmus Villemoes <[email protected]>
> Signed-off-by: Nick Desaulniers <[email protected]>
Reviewed-by: Nathan Chancellor <[email protected]>
> ---
> Documentation/process/changes.rst | 2 +-
> scripts/min-tool-version.sh | 8 +-------
> 2 files changed, 2 insertions(+), 8 deletions(-)
>
> diff --git a/Documentation/process/changes.rst b/Documentation/process/changes.rst
> index d3a8557b66a1..e35ab74a0f80 100644
> --- a/Documentation/process/changes.rst
> +++ b/Documentation/process/changes.rst
> @@ -29,7 +29,7 @@ you probably needn't concern yourself with pcmciautils.
> ====================== =============== ========================================
> Program Minimal version Command to check the version
> ====================== =============== ========================================
> -GNU C 4.9 gcc --version
> +GNU C 5.1 gcc --version
> Clang/LLVM (optional) 10.0.1 clang --version
> GNU make 3.81 make --version
> binutils 2.23 ld -v
> diff --git a/scripts/min-tool-version.sh b/scripts/min-tool-version.sh
> index 319f92104f56..4edc708baa63 100755
> --- a/scripts/min-tool-version.sh
> +++ b/scripts/min-tool-version.sh
> @@ -17,13 +17,7 @@ binutils)
> echo 2.23.0
> ;;
> gcc)
> - # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63293
> - # https://lore.kernel.org/r/[email protected]
> - if [ "$SRCARCH" = arm64 ]; then
> - echo 5.1.0
> - else
> - echo 4.9.0
> - fi
> + echo 5.1.0
> ;;
> icc)
> # temporary
>
On Fri, Sep 10, 2021 at 4:56 PM Nathan Chancellor <[email protected]> wrote:
>
> On 9/10/2021 4:40 PM, Nick Desaulniers wrote:
> > commit fad7cd3310db ("nbd: add the check to prevent overflow in
> > __nbd_ioctl()")
> >
> > raised an issue from the fallback helpers added in
> >
> > commit f0907827a8a9 ("compiler.h: enable builtin overflow checkers and add fallback code")
> >
> > Specifically, the helpers for checking whether the results of a
> > multiplication overflowed (__unsigned_mul_overflow,
> > __signed_add_overflow) use the division operator when
> > !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW. This is problematic for 64b
> > operands on 32b hosts.
>
> "hosts" -> "targets" or "architectures"?
Yes, will revise to "targets."
>
> It might be worth putting the error that Stephen found here?
Doh! Yes, in v2, I'll include the following additional context:
```
The following error is observed when building for 32b powerpc:
> ERROR: modpost: "__divdi3" [drivers/block/nbd.ko] undefined!
As Stephen Rothwell notes:
> The added check_mul_overflow() call is being passed 64 bit values.
> COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW is not set for this build (see
> include/linux/overflow.h).
```
>
> > Also, because the macro is type agnostic, it is very difficult to write
> > a similarly type generic macro that dispatches to one of:
> > * div64_s64
> > * div64_u64
> > * div_s64
> > * div_u64
> >
> > Raising the minimum supported versions allows us to remove all of the
> > fallback helpers for !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW, instead
> > dispatching the compiler builtins.
> >
> > arm64 has already raised the minimum supported GCC version to 5.1, do
> > this for all targets now. See the link below for the previous
> > discussion.
> >
> > Link: https://lore.kernel.org/all/[email protected]/
> > Link: https://lore.kernel.org/lkml/CAK7LNASs6dvU6D3jL2GG3jW58fXfaj6VNOe55NJnTB8UPuk2pA@mail.gmail.com/
> > Link: https://github.com/ClangBuiltLinux/linux/issues/1438
> > Reported-by: Stephen Rothwell <[email protected]>
> > Reported-by: Nathan Chancellor <[email protected]>
> > Suggested-by: Rasmus Villemoes <[email protected]>
> > Signed-off-by: Nick Desaulniers <[email protected]>
>
> Reviewed-by: Nathan Chancellor <[email protected]>
>
> > ---
> > Documentation/process/changes.rst | 2 +-
> > scripts/min-tool-version.sh | 8 +-------
> > 2 files changed, 2 insertions(+), 8 deletions(-)
> >
> > diff --git a/Documentation/process/changes.rst b/Documentation/process/changes.rst
> > index d3a8557b66a1..e35ab74a0f80 100644
> > --- a/Documentation/process/changes.rst
> > +++ b/Documentation/process/changes.rst
> > @@ -29,7 +29,7 @@ you probably needn't concern yourself with pcmciautils.
> > ====================== =============== ========================================
> > Program Minimal version Command to check the version
> > ====================== =============== ========================================
> > -GNU C 4.9 gcc --version
> > +GNU C 5.1 gcc --version
> > Clang/LLVM (optional) 10.0.1 clang --version
> > GNU make 3.81 make --version
> > binutils 2.23 ld -v
> > diff --git a/scripts/min-tool-version.sh b/scripts/min-tool-version.sh
> > index 319f92104f56..4edc708baa63 100755
> > --- a/scripts/min-tool-version.sh
> > +++ b/scripts/min-tool-version.sh
> > @@ -17,13 +17,7 @@ binutils)
> > echo 2.23.0
> > ;;
> > gcc)
> > - # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63293
> > - # https://lore.kernel.org/r/[email protected]
> > - if [ "$SRCARCH" = arm64 ]; then
> > - echo 5.1.0
> > - else
> > - echo 4.9.0
> > - fi
> > + echo 5.1.0
> > ;;
> > icc)
> > # temporary
> >
--
Thanks,
~Nick Desaulniers
On Fri, Sep 10, 2021 at 04:40:38PM -0700, Nick Desaulniers wrote:
> commit fad7cd3310db ("nbd: add the check to prevent overflow in
> __nbd_ioctl()")
>
> raised an issue from the fallback helpers added in
>
> commit f0907827a8a9 ("compiler.h: enable builtin overflow checkers and add fallback code")
>
> Specifically, the helpers for checking whether the results of a
> multiplication overflowed (__unsigned_mul_overflow,
> __signed_add_overflow) use the division operator when
> !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW. This is problematic for 64b
> operands on 32b hosts.
>
> Also, because the macro is type agnostic, it is very difficult to write
> a similarly type generic macro that dispatches to one of:
> * div64_s64
> * div64_u64
> * div_s64
> * div_u64
>
> Raising the minimum supported versions allows us to remove all of the
> fallback helpers for !COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW, instead
> dispatching the compiler builtins.
>
> arm64 has already raised the minimum supported GCC version to 5.1, do
> this for all targets now. See the link below for the previous
> discussion.
>
> Link: https://lore.kernel.org/all/[email protected]/
> Link: https://lore.kernel.org/lkml/CAK7LNASs6dvU6D3jL2GG3jW58fXfaj6VNOe55NJnTB8UPuk2pA@mail.gmail.com/
> Link: https://github.com/ClangBuiltLinux/linux/issues/1438
> Reported-by: Stephen Rothwell <[email protected]>
> Reported-by: Nathan Chancellor <[email protected]>
> Suggested-by: Rasmus Villemoes <[email protected]>
> Signed-off-by: Nick Desaulniers <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
--
Kees Cook