2022-12-27 08:43:39

by Geert Uytterhoeven

[permalink] [raw]
Subject: Re: Build regressions/improvements in v6.2-rc1

On Tue, 27 Dec 2022, Geert Uytterhoeven wrote:
> Below is the list of build error/warning regressions/improvements in
> v6.2-rc1[1] compared to v6.1[2].
>
> Summarized:
> - build errors: +11/-13

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

+ /kisskb/src/drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn31/display_mode_vba_31.c: error: the frame size of 2224 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]: => 7082:1
+ /kisskb/src/drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn314/display_mode_vba_314.c: error: the frame size of 2208 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]: => 7127:1

arm64-gcc5/arm64-allmodconfig

+ /kisskb/src/drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c: error: array subscript 2 is above array bounds of 'u32[2]' {aka 'unsigned int[2]'} [-Werror=array-bounds]: => 641:28
+ /kisskb/src/drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c: error: array subscript 3 is above array bounds of 'u32[2]' {aka 'unsigned int[2]'} [-Werror=array-bounds]: => 641:28

m68k-gcc8/m68k-allmodconfig
See also https://lore.kernel.org/all/[email protected]om

+ /kisskb/src/include/linux/bitfield.h: error: call to '__field_overflow' declared with attribute error: value doesn't fit into mask: => 151:3

In function 'u32_encode_bits',
inlined from 'ieee80211_mlo_multicast_tx' at /kisskb/src/net/mac80211/tx.c:4435:17,
inlined from 'ieee80211_subif_start_xmit' at /kisskb/src/net/mac80211/tx.c:4483:3:

mipsel-gcc5/mips-allmodconfig

+ /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_262' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
+ /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_263' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45

In function 'follow_pmd_mask',
inlined from 'follow_pud_mask' at /kisskb/src/mm/gup.c:735:9,
inlined from 'follow_p4d_mask' at /kisskb/src/mm/gup.c:752:9,
inlined from 'follow_page_mask' at /kisskb/src/mm/gup.c:809:9:

sh4-gcc11/sh-defconfig (G?nter wondered if pmd_t should use union)

+ /kisskb/src/include/linux/fortify-string.h: error: '__builtin_memcpy' offset [0, 127] is out of the bounds [0, 0] [-Werror=array-bounds]: => 57:33

/kisskb/src/arch/s390/kernel/setup.c: In function 'setup_lowcore_dat_on':
s390x-gcc11/s390-all{mod,yes}config

+ /kisskb/src/include/linux/fortify-string.h: error: '__builtin_memset' pointer overflow between offset [28, 898293814] and size [-898293787, -1] [-Werror=array-bounds]: => 59:33

/kisskb/src/fs/f2fs/inline.c: In function 'f2fs_move_inline_dirents':

powerpc-gcc11/ppc64_book3e_allmodconfig
powerpc-gcc11/powerpc-all{mod,yes}config

+ /kisskb/src/kernel/kcsan/kcsan_test.c: error: the frame size of 1680 bytes is larger than 1536 bytes [-Werror=frame-larger-than=]: => 257:1

xtensa-gcc11/xtensa-allmodconfig (patch available)

+ {standard input}: Error: unknown pseudo-op: `.cfi_def_c': => 1718

sh4-gcc11/sh-allmodconfig (ICE = internal compiler error)

> [1] http://kisskb.ellerman.id.au/kisskb/branch/linus/head/1b929c02afd37871d5afb9d498426f83432e71c2/ (all 152 configs)
> [2] http://kisskb.ellerman.id.au/kisskb/branch/linus/head/830b3c68c1fb1e9176028d02ef86f3cf76aa2476/ (all 152 configs)

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds


Subject: Re: Build regressions/improvements in v6.2-rc1

Hi Geert!

On 12/27/22 09:35, Geert Uytterhoeven wrote:
> + /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_262' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
> + /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_263' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
>
> In function 'follow_pmd_mask',
> inlined from 'follow_pud_mask' at /kisskb/src/mm/gup.c:735:9,
> inlined from 'follow_p4d_mask' at /kisskb/src/mm/gup.c:752:9,
> inlined from 'follow_page_mask' at /kisskb/src/mm/gup.c:809:9:
>
> sh4-gcc11/sh-defconfig (Günter wondered if pmd_t should use union)

I'm seeing this, too. Also for sh7785lcr_defconfig.

> sh4-gcc11/sh-allmodconfig (ICE = internal compiler error)

I'm not seeing this one, but I am getting this one instead:

In file included from ./arch/sh/include/asm/hw_irq.h:6,
from ./include/linux/irq.h:596,
from ./include/asm-generic/hardirq.h:17,
from ./arch/sh/include/asm/hardirq.h:9,
from ./include/linux/hardirq.h:11,
from ./include/linux/interrupt.h:11,
from ./include/linux/serial_core.h:13,
from ./include/linux/serial_sci.h:6,
from arch/sh/kernel/cpu/sh2/setup-sh7619.c:11:
./include/linux/sh_intc.h:100:63: error: division 'sizeof (void *) / sizeof (void)' does not compute the number of array elements [-Werror=sizeof-pointer-div]
100 | #define _INTC_ARRAY(a) a, __same_type(a, NULL) ? 0 : sizeof(a)/sizeof(*a)
| ^
./include/linux/sh_intc.h:105:31: note: in expansion of macro '_INTC_ARRAY'
105 | _INTC_ARRAY(vectors), _INTC_ARRAY(groups), \
| ^~~~~~~~~~~

Adrian

--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913

2023-01-06 15:23:01

by Geert Uytterhoeven

[permalink] [raw]
Subject: Re: Build regressions/improvements in v6.2-rc1

Hi John,

On Fri, Jan 6, 2023 at 4:10 PM John Paul Adrian Glaubitz
<[email protected]> wrote:
> On 12/27/22 09:35, Geert Uytterhoeven wrote:
> > + /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_262' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
> > + /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_263' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
> >
> > In function 'follow_pmd_mask',
> > inlined from 'follow_pud_mask' at /kisskb/src/mm/gup.c:735:9,
> > inlined from 'follow_p4d_mask' at /kisskb/src/mm/gup.c:752:9,
> > inlined from 'follow_page_mask' at /kisskb/src/mm/gup.c:809:9:
> >
> > sh4-gcc11/sh-defconfig (Günter wondered if pmd_t should use union)
>
> I'm seeing this, too. Also for sh7785lcr_defconfig.
>
> > sh4-gcc11/sh-allmodconfig (ICE = internal compiler error)
>
> I'm not seeing this one, but I am getting this one instead:
>
> In file included from ./arch/sh/include/asm/hw_irq.h:6,
> from ./include/linux/irq.h:596,
> from ./include/asm-generic/hardirq.h:17,
> from ./arch/sh/include/asm/hardirq.h:9,
> from ./include/linux/hardirq.h:11,
> from ./include/linux/interrupt.h:11,
> from ./include/linux/serial_core.h:13,
> from ./include/linux/serial_sci.h:6,
> from arch/sh/kernel/cpu/sh2/setup-sh7619.c:11:
> ./include/linux/sh_intc.h:100:63: error: division 'sizeof (void *) / sizeof (void)' does not compute the number of array elements [-Werror=sizeof-pointer-div]
> 100 | #define _INTC_ARRAY(a) a, __same_type(a, NULL) ? 0 : sizeof(a)/sizeof(*a)
> | ^
> ./include/linux/sh_intc.h:105:31: note: in expansion of macro '_INTC_ARRAY'
> 105 | _INTC_ARRAY(vectors), _INTC_ARRAY(groups), \
> | ^~~~~~~~~~~

The easiest fix for the latter is to disable CONFIG_WERROR.
Unfortunately I don't know a simple solution to get rid of the warning.

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

2023-01-06 15:24:10

by Geert Uytterhoeven

[permalink] [raw]
Subject: Re: Build regressions/improvements in v6.2-rc1

On Fri, Jan 6, 2023 at 4:17 PM Geert Uytterhoeven <[email protected]> wrote:
>
> Hi John,

Bummer, "Hi Adrian", ofc ;-)

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

2023-01-06 15:43:11

by Alex Deucher

[permalink] [raw]
Subject: Re: Build regressions/improvements in v6.2-rc1

On Tue, Dec 27, 2022 at 10:34 AM Geert Uytterhoeven
<[email protected]> wrote:
>
> On Tue, 27 Dec 2022, Geert Uytterhoeven wrote:
> > Below is the list of build error/warning regressions/improvements in
> > v6.2-rc1[1] compared to v6.1[2].
> >
> > Summarized:
> > - build errors: +11/-13
>
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> [email protected]
>
> + /kisskb/src/drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn31/display_mode_vba_31.c: error: the frame size of 2224 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]: => 7082:1
> + /kisskb/src/drivers/gpu/drm/amd/amdgpu/../display/dc/dml/dcn314/display_mode_vba_314.c: error: the frame size of 2208 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]: => 7127:1
>

@Siqueira, Rodrigo @Mahfooz, Hamza

Can you take a look at fixing the DML stack size here up?

Alex


> arm64-gcc5/arm64-allmodconfig
>
> + /kisskb/src/drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c: error: array subscript 2 is above array bounds of 'u32[2]' {aka 'unsigned int[2]'} [-Werror=array-bounds]: => 641:28
> + /kisskb/src/drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c: error: array subscript 3 is above array bounds of 'u32[2]' {aka 'unsigned int[2]'} [-Werror=array-bounds]: => 641:28
>
> m68k-gcc8/m68k-allmodconfig
> See also https://lore.kernel.org/all/[email protected]om
>
> + /kisskb/src/include/linux/bitfield.h: error: call to '__field_overflow' declared with attribute error: value doesn't fit into mask: => 151:3
>
> In function 'u32_encode_bits',
> inlined from 'ieee80211_mlo_multicast_tx' at /kisskb/src/net/mac80211/tx.c:4435:17,
> inlined from 'ieee80211_subif_start_xmit' at /kisskb/src/net/mac80211/tx.c:4483:3:
>
> mipsel-gcc5/mips-allmodconfig
>
> + /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_262' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
> + /kisskb/src/include/linux/compiler_types.h: error: call to '__compiletime_assert_263' declared with attribute error: Unsupported access size for {READ,WRITE}_ONCE().: => 358:45
>
> In function 'follow_pmd_mask',
> inlined from 'follow_pud_mask' at /kisskb/src/mm/gup.c:735:9,
> inlined from 'follow_p4d_mask' at /kisskb/src/mm/gup.c:752:9,
> inlined from 'follow_page_mask' at /kisskb/src/mm/gup.c:809:9:
>
> sh4-gcc11/sh-defconfig (Günter wondered if pmd_t should use union)
>
> + /kisskb/src/include/linux/fortify-string.h: error: '__builtin_memcpy' offset [0, 127] is out of the bounds [0, 0] [-Werror=array-bounds]: => 57:33
>
> /kisskb/src/arch/s390/kernel/setup.c: In function 'setup_lowcore_dat_on':
> s390x-gcc11/s390-all{mod,yes}config
>
> + /kisskb/src/include/linux/fortify-string.h: error: '__builtin_memset' pointer overflow between offset [28, 898293814] and size [-898293787, -1] [-Werror=array-bounds]: => 59:33
>
> /kisskb/src/fs/f2fs/inline.c: In function 'f2fs_move_inline_dirents':
>
> powerpc-gcc11/ppc64_book3e_allmodconfig
> powerpc-gcc11/powerpc-all{mod,yes}config
>
> + /kisskb/src/kernel/kcsan/kcsan_test.c: error: the frame size of 1680 bytes is larger than 1536 bytes [-Werror=frame-larger-than=]: => 257:1
>
> xtensa-gcc11/xtensa-allmodconfig (patch available)
>
> + {standard input}: Error: unknown pseudo-op: `.cfi_def_c': => 1718
>
> sh4-gcc11/sh-allmodconfig (ICE = internal compiler error)
>
> > [1] http://kisskb.ellerman.id.au/kisskb/branch/linus/head/1b929c02afd37871d5afb9d498426f83432e71c2/ (all 152 configs)
> > [2] http://kisskb.ellerman.id.au/kisskb/branch/linus/head/830b3c68c1fb1e9176028d02ef86f3cf76aa2476/ (all 152 configs)
>
> Gr{oetje,eeting}s,
>
> Geert
>
> --
> Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]
>
> In personal conversations with technical people, I call myself a hacker. But
> when I'm talking to journalists I just say "programmer" or something like that.
> -- Linus Torvalds

Subject: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi Geert!

On 1/6/23 16:17, Geert Uytterhoeven wrote:
>> I'm not seeing this one, but I am getting this one instead:
>>
>> In file included from ./arch/sh/include/asm/hw_irq.h:6,
>> from ./include/linux/irq.h:596,
>> from ./include/asm-generic/hardirq.h:17,
>> from ./arch/sh/include/asm/hardirq.h:9,
>> from ./include/linux/hardirq.h:11,
>> from ./include/linux/interrupt.h:11,
>> from ./include/linux/serial_core.h:13,
>> from ./include/linux/serial_sci.h:6,
>> from arch/sh/kernel/cpu/sh2/setup-sh7619.c:11:
>> ./include/linux/sh_intc.h:100:63: error: division 'sizeof (void *) / sizeof (void)' does not compute the number of array elements [-Werror=sizeof-pointer-div]
>> 100 | #define _INTC_ARRAY(a) a, __same_type(a, NULL) ? 0 : sizeof(a)/sizeof(*a)
>> | ^
>> ./include/linux/sh_intc.h:105:31: note: in expansion of macro '_INTC_ARRAY'
>> 105 | _INTC_ARRAY(vectors), _INTC_ARRAY(groups), \
>> | ^~~~~~~~~~~
>
> The easiest fix for the latter is to disable CONFIG_WERROR.
> Unfortunately I don't know a simple solution to get rid of the warning.

I did some research and it seems that what the macro _INT_ARRAY() does with "sizeof(a)/sizeof(*a)"
is a commonly used way to calculate array sizes and the kernel has even its own macro for that
called ARRAY_SIZE() which Linus asks people to use here [1].

So, I replaced _INTC_ARRAY() with ARRAY_SIZE() (see below), however the kernel's own ARRAY_SIZE()
macro triggers the same compiler warning. I'm CC'ing Michael Karcher who has more knowledge on
writing proper C code than me and maybe an idea how to fix this warning.

Thanks,
Adrian

> [1] https://lkml.org/lkml/2015/9/3/428

diff --git a/include/linux/sh_intc.h b/include/linux/sh_intc.h
index c255273b0281..07a187686a84 100644
--- a/include/linux/sh_intc.h
+++ b/include/linux/sh_intc.h
@@ -97,14 +97,12 @@ struct intc_hw_desc {
unsigned int nr_subgroups;
};

-#define _INTC_ARRAY(a) a, __same_type(a, NULL) ? 0 : sizeof(a)/sizeof(*a)
-
#define INTC_HW_DESC(vectors, groups, mask_regs, \
prio_regs, sense_regs, ack_regs) \
{ \
- _INTC_ARRAY(vectors), _INTC_ARRAY(groups), \
- _INTC_ARRAY(mask_regs), _INTC_ARRAY(prio_regs), \
- _INTC_ARRAY(sense_regs), _INTC_ARRAY(ack_regs), \
+ ARRAY_SIZE(vectors), ARRAY_SIZE(groups), \
+ ARRAY_SIZE(mask_regs), ARRAY_SIZE(prio_regs), \
+ ARRAY_SIZE(sense_regs), ARRAY_SIZE(ack_regs), \
}

struct intc_desc {

--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913

2023-01-17 17:11:36

by Geert Uytterhoeven

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi Adrian,

On Tue, Jan 17, 2023 at 5:42 PM John Paul Adrian Glaubitz
<[email protected]> wrote:
> On 1/6/23 16:17, Geert Uytterhoeven wrote:
> >> I'm not seeing this one, but I am getting this one instead:
> >>
> >> In file included from ./arch/sh/include/asm/hw_irq.h:6,
> >> from ./include/linux/irq.h:596,
> >> from ./include/asm-generic/hardirq.h:17,
> >> from ./arch/sh/include/asm/hardirq.h:9,
> >> from ./include/linux/hardirq.h:11,
> >> from ./include/linux/interrupt.h:11,
> >> from ./include/linux/serial_core.h:13,
> >> from ./include/linux/serial_sci.h:6,
> >> from arch/sh/kernel/cpu/sh2/setup-sh7619.c:11:
> >> ./include/linux/sh_intc.h:100:63: error: division 'sizeof (void *) / sizeof (void)' does not compute the number of array elements [-Werror=sizeof-pointer-div]
> >> 100 | #define _INTC_ARRAY(a) a, __same_type(a, NULL) ? 0 : sizeof(a)/sizeof(*a)
> >> | ^
> >> ./include/linux/sh_intc.h:105:31: note: in expansion of macro '_INTC_ARRAY'
> >> 105 | _INTC_ARRAY(vectors), _INTC_ARRAY(groups), \
> >> | ^~~~~~~~~~~
> >
> > The easiest fix for the latter is to disable CONFIG_WERROR.
> > Unfortunately I don't know a simple solution to get rid of the warning.
>
> I did some research and it seems that what the macro _INT_ARRAY() does with "sizeof(a)/sizeof(*a)"
> is a commonly used way to calculate array sizes and the kernel has even its own macro for that
> called ARRAY_SIZE() which Linus asks people to use here [1].
>
> So, I replaced _INTC_ARRAY() with ARRAY_SIZE() (see below), however the kernel's own ARRAY_SIZE()
> macro triggers the same compiler warning. I'm CC'ing Michael Karcher who has more knowledge on
> writing proper C code than me and maybe an idea how to fix this warning.
>
> Thanks,
> Adrian
>
> > [1] https://lkml.org/lkml/2015/9/3/428
>
> diff --git a/include/linux/sh_intc.h b/include/linux/sh_intc.h
> index c255273b0281..07a187686a84 100644
> --- a/include/linux/sh_intc.h
> +++ b/include/linux/sh_intc.h
> @@ -97,14 +97,12 @@ struct intc_hw_desc {
> unsigned int nr_subgroups;
> };
>
> -#define _INTC_ARRAY(a) a, __same_type(a, NULL) ? 0 : sizeof(a)/sizeof(*a)
> -
> #define INTC_HW_DESC(vectors, groups, mask_regs, \
> prio_regs, sense_regs, ack_regs) \
> { \
> - _INTC_ARRAY(vectors), _INTC_ARRAY(groups), \
> - _INTC_ARRAY(mask_regs), _INTC_ARRAY(prio_regs), \
> - _INTC_ARRAY(sense_regs), _INTC_ARRAY(ack_regs), \
> + ARRAY_SIZE(vectors), ARRAY_SIZE(groups), \
> + ARRAY_SIZE(mask_regs), ARRAY_SIZE(prio_regs), \
> + ARRAY_SIZE(sense_regs), ARRAY_SIZE(ack_regs), \
> }

The issue is that some of the parameters are not arrays, but
NULL. E.g.:

arch/sh/kernel/cpu/sh2/setup-sh7619.c:static
DECLARE_INTC_DESC(intc_desc, "sh7619", vectors, NULL,
arch/sh/kernel/cpu/sh2/setup-sh7619.c- NULL,
prio_registers, NULL);
--

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi!

On 1/17/23 18:01, Geert Uytterhoeven wrote:
> The issue is that some of the parameters are not arrays, but
> NULL. E.g.:
>
> arch/sh/kernel/cpu/sh2/setup-sh7619.c:static
> DECLARE_INTC_DESC(intc_desc, "sh7619", vectors, NULL,
> arch/sh/kernel/cpu/sh2/setup-sh7619.c- NULL,
> prio_registers, NULL);

Isn't this supposed to be caught by this check:

a, __same_type(a, NULL)

?

Adrian

--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913

2023-01-17 21:42:49

by Geert Uytterhoeven

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi Adrian,

On Tue, Jan 17, 2023 at 6:06 PM John Paul Adrian Glaubitz
<[email protected]> wrote:
> On 1/17/23 18:01, Geert Uytterhoeven wrote:
> > The issue is that some of the parameters are not arrays, but
> > NULL. E.g.:
> >
> > arch/sh/kernel/cpu/sh2/setup-sh7619.c:static
> > DECLARE_INTC_DESC(intc_desc, "sh7619", vectors, NULL,
> > arch/sh/kernel/cpu/sh2/setup-sh7619.c- NULL,
> > prio_registers, NULL);
>
> Isn't this supposed to be caught by this check:
>
> a, __same_type(a, NULL)
>
> ?

Yeah, but gcc thinks it is smarter than us...
Probably it drops the test, assuming UB cannot happen.

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi!

On 1/17/23 21:05, Geert Uytterhoeven wrote:
>> Isn't this supposed to be caught by this check:
>>
>> a, __same_type(a, NULL)
>>
>> ?
>
> Yeah, but gcc thinks it is smarter than us...
> Probably it drops the test, assuming UB cannot happen.

Hmm, sounds like a GGC bug to me then. Not sure how to fix this then.

Adrian

--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913

2023-01-19 22:30:17

by Michael.Karcher

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Isn't this supposed to be caught by this check:
>>>
>>>          a, __same_type(a, NULL)
>>>
>>> ?
>>
>> Yeah, but gcc thinks it is smarter than us...
>> Probably it drops the test, assuming UB cannot happen.
> Hmm, sounds like a GGC bug to me then. Not sure how to fix this then.


I don't see a clear bug at this point. We are talking about the C expression

  __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))

This expression is valid (assuming __same_type works, which is a GCC
extension), and should return 0. As of now, I have no indication that
this expression does not return 0. Also, it is true that this expression
contains the suspicious pattern "sizeof(void*)/sizeof(void)", which is
does not calculate the size of any array. GCC is free to emit as much
warnings is it wants for any kind of expressions. From a C standard
point of view, it's just a "quality of implementation" issue, and an
implementation that emits useless warnings is of low quality, but not
non-conforming.

In this case, we requested that gcc refuses to compile if it emits any
kind of warning, which instructs gcc to reject programs that would be
valid according to the C standard, but are deemed to be "likely incorrect".

I suggest to file a bug against gcc complaining about a "spurious
warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
adapted to not emit the warning about the pointer division if the result
is not used.


Regards,
  Michael Karcher

2023-01-20 03:27:32

by Rob Landley

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1



On 1/19/23 16:11, Michael.Karcher wrote:
> Isn't this supposed to be caught by this check:
>>>>
>>>>          a, __same_type(a, NULL)
>>>>
>>>> ?
>>>
>>> Yeah, but gcc thinks it is smarter than us...
>>> Probably it drops the test, assuming UB cannot happen.
>> Hmm, sounds like a GGC bug to me then. Not sure how to fix this then.
>
>
> I don't see a clear bug at this point. We are talking about the C expression
>
>   __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))

*(void*) is type "void" which does not have a size.

The problem is gcc "optimizing out" an earlier type check, the same way it
"optimizes out" checks for signed integer math overflowing, or "optimizes out" a
comparison to pointers from two different local variables from different
function calls trying to calculate the amount of stack used, or "optimizes out"
using char *x = (char *)1; as a flag value and then doing "if (!(x-1)) because
it can "never happen"...
> I suggest to file a bug against gcc complaining about a "spurious
> warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
> adapted to not emit the warning about the pointer division if the result
> is not used.

Remember when gcc got rewritten in c++ starting in 2007?

Historically the main marketing push of C++ was that it contains the whole of C
and therefore MUST be just as good a language, the same way a mud pie contains
an entire glass of water and therefore MUST be just as good a beverage. Anything
C can do that C++ _can't_ do is seen as an existential threat by C++ developers.
They've worked dilligently to "fix" C not being a giant pile of "undefined
behavior" the way C++ is for 15 years now.

I have... opinions on this.

> Regards,
>   Michael Karcher

Rob

Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi Michael!

On 1/19/23 23:11, Michael.Karcher wrote:
> I suggest to file a bug against gcc complaining about a "spurious warning",
> and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is adapted to
> not emit the warning about the pointer division if the result is not used.

Could you post a kernel patch for that? I would be happy to test it on my
SH-7785CLR board. Also, I'm going to file a bug report against GCC.

Adrian

--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913

2023-01-20 11:06:46

by Segher Boessenkool

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

On Thu, Jan 19, 2023 at 09:31:21PM -0600, Rob Landley wrote:
> On 1/19/23 16:11, Michael.Karcher wrote:
> > I don't see a clear bug at this point. We are talking about the C expression
> >
> > ? __same_type((void*)0, (void*)0)? 0 : sizeof((void*)0)/sizeof(*((void*0))

(__same_type is a kernel macro, it expands to something with
__builtin_compatible_type()).

> *(void*) is type "void" which does not have a size.

It has size 1, in GCC, so that you can do arithmetic on pointers to
void. This is a long-standing and very widely used GCC extension.

"""
6.24 Arithmetic on 'void'- and Function-Pointers
================================================

In GNU C, addition and subtraction operations are supported on pointers
to 'void' and on pointers to functions. This is done by treating the
size of a 'void' or of a function as 1.

A consequence of this is that 'sizeof' is also allowed on 'void' and on
function types, and returns 1.

The option '-Wpointer-arith' requests a warning if these extensions are
used.
"""

> The problem is gcc "optimizing out" an earlier type check, the same way it
> "optimizes out" checks for signed integer math overflowing, or "optimizes out" a
> comparison to pointers from two different local variables from different
> function calls trying to calculate the amount of stack used, or "optimizes out"

Are you saying something in the kernel code here is invalid code?
Because your other examples are.

> using char *x = (char *)1; as a flag value and then doing "if (!(x-1)) because
> it can "never happen"...

Like here. And no, this is not allowed by -fno-strict-aliasing.

> > I suggest to file a bug against gcc complaining about a "spurious
> > warning", and using "-Werror -Wno-error-sizeof-pointer-div" until gcc is
> > adapted to not emit the warning about the pointer division if the result
> > is not used.

Yeah. If the first operand of a conditional operator is non-zero, the
second operand is not evaluated, and if the first is zero, the third
operand is not evaluated. It is better if we do not warn about
something we do not evaluate. In cases like here where it is clear at
compile time which branch is taken, that shouldn't be too hard.

Can someone please file a GCC PR? With reduced testcase preferably.


Segher

2023-01-20 18:38:13

by Michael.Karcher

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hello!
> Can someone please file a GCC PR? With reduced testcase preferably.

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108483

There you are.

Kind regars,
  Michael Karcher

2023-01-20 19:44:51

by Michael Karcher

[permalink] [raw]
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hello Adrian,
> Could you post a kernel patch for that? I would be happy to test it on my
> SH-7785CLR board. Also, I'm going to file a bug report against GCC.

I filed the bug already. It's
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108483.

The diff is attached. It's published as CC0 in case anyone considers
this trivial change copyrightable. This patch prevents this one specific
warning from being upgraded to "error" even if you configure the kernel
to use "-Werror". It still keeps it active as warning, though.

Kind regards,
  Michael Karcher


Attachments:
werror.diff (469.00 B)
Subject: Re: Calculating array sizes in C - was: Re: Build regressions/improvements in v6.2-rc1

Hi!

On 1/20/23 20:29, Michael Karcher wrote:
> Hello Adrian,
>> Could you post a kernel patch for that? I would be happy to test it on my
>> SH-7785CLR board. Also, I'm going to file a bug report against GCC.
>
> I filed the bug already. It's https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108483.
>
> The diff is attached. It's published as CC0 in case anyone considers this trivial change copyrightable. This patch prevents this one specific warning from being upgraded to "error" even if you configure the kernel to use "-Werror". It still keeps it active as warning, though.

I used the following variant and it fixes the issue for me:

diff --git a/arch/sh/Makefile b/arch/sh/Makefile
index 5c8776482530..11b22f7167d2 100644
--- a/arch/sh/Makefile
+++ b/arch/sh/Makefile
@@ -167,7 +167,7 @@ drivers-y += arch/sh/drivers/
cflags-y += $(foreach d, $(cpuincdir-y), -I $(srctree)/arch/sh/include/$(d)) \
$(foreach d, $(machdir-y), -I $(srctree)/arch/sh/include/$(d))

-KBUILD_CFLAGS += -pipe $(cflags-y)
+KBUILD_CFLAGS += -pipe -Wno-error=sizeof-pointer-div $(cflags-y)
KBUILD_CPPFLAGS += $(cflags-y)
KBUILD_AFLAGS += $(cflags-y)

If you agree, can you post a patch to LKML so we can unbreak the SH build for CONFIG_WERROR?

Thanks,
Adrian

--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913