[mm,v2] kasan: fix array-bounds warnings in tests

Commit Message

andrey.konovalov@linux.dev Sept. 24, 2022, 8:23 p.m. UTC

From: Andrey Konovalov <andreyknvl@google.com>

GCC's -Warray-bounds option detects out-of-bounds accesses to
statically-sized allocations in krealloc out-of-bounds tests.

Use OPTIMIZER_HIDE_VAR to suppress the warning.

Also change kmalloc_memmove_invalid_size to use OPTIMIZER_HIDE_VAR
instead of a volatile variable.

Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>

---

Changes v1->v2:
- Hide ptr2 instead of size1 and size2 to be consistent with other
  uses of OPTIMIZER_HIDE_VAR in KASAN tests.
---
 mm/kasan/kasan_test.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

Comments

Andrew Morton Sept. 25, 2022, 5:03 p.m. UTC | #1

On Sat, 24 Sep 2022 22:23:21 +0200 andrey.konovalov@linux.dev wrote:

> From: Andrey Konovalov <andreyknvl@google.com>
> 
> GCC's -Warray-bounds option detects out-of-bounds accesses to
> statically-sized allocations in krealloc out-of-bounds tests.
> 
> Use OPTIMIZER_HIDE_VAR to suppress the warning.
> 
> Also change kmalloc_memmove_invalid_size to use OPTIMIZER_HIDE_VAR
> instead of a volatile variable.
> 
> ...
>
> --- a/mm/kasan/kasan_test.c
> +++ b/mm/kasan/kasan_test.c
> @@ -333,6 +333,8 @@ static void krealloc_more_oob_helper(struct kunit *test,
>  	ptr2 = krealloc(ptr1, size2, GFP_KERNEL);
>  	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2);
>  
> +	OPTIMIZER_HIDE_VAR(ptr2);
> +
>  	/* All offsets up to size2 must be accessible. */
>  	ptr2[size1 - 1] = 'x';
>  	ptr2[size1] = 'x';
> @@ -365,6 +367,8 @@ static void krealloc_less_oob_helper(struct kunit *test,
>  	ptr2 = krealloc(ptr1, size2, GFP_KERNEL);
>  	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2);
>  
> +	OPTIMIZER_HIDE_VAR(ptr2);

What chance does a reader have of working out why this is here?  If
"little" then a code comment would be a nice way of saving that poor
person for having to dive into the git history.


>  	/* Must be accessible for all modes. */
>  	ptr2[size2 - 1] = 'x';
>  
> @@ -578,13 +582,14 @@ static void kmalloc_memmove_invalid_size(struct kunit *test)
>  {
>  	char *ptr;
>  	size_t size = 64;
> -	volatile size_t invalid_size = size;
> +	size_t invalid_size = size;
>  
>  	ptr = kmalloc(size, GFP_KERNEL);
>  	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
>  
>  	memset((char *)ptr, 0, 64);
>  	OPTIMIZER_HIDE_VAR(ptr);
> +	OPTIMIZER_HIDE_VAR(invalid_size);
>  	KUNIT_EXPECT_KASAN_FAIL(test,
>  		memmove((char *)ptr, (char *)ptr + 4, invalid_size));
>  	kfree(ptr);
> -- 
> 2.25.1

Andrey Konovalov Sept. 26, 2022, 6:07 p.m. UTC | #2

On Sun, Sep 25, 2022 at 7:03 PM Andrew Morton <akpm@linux-foundation.org> wrote:
>
> > --- a/mm/kasan/kasan_test.c
> > +++ b/mm/kasan/kasan_test.c
> > @@ -333,6 +333,8 @@ static void krealloc_more_oob_helper(struct kunit *test,
> >       ptr2 = krealloc(ptr1, size2, GFP_KERNEL);
> >       KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2);
> >
> > +     OPTIMIZER_HIDE_VAR(ptr2);
> > +
> >       /* All offsets up to size2 must be accessible. */
> >       ptr2[size1 - 1] = 'x';
> >       ptr2[size1] = 'x';
> > @@ -365,6 +367,8 @@ static void krealloc_less_oob_helper(struct kunit *test,
> >       ptr2 = krealloc(ptr1, size2, GFP_KERNEL);
> >       KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2);
> >
> > +     OPTIMIZER_HIDE_VAR(ptr2);
>
> What chance does a reader have of working out why this is here?  If
> "little" then a code comment would be a nice way of saving that poor
> person for having to dive into the git history.

Will add in v3. Thank you, Andrew!

Patch

diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c
index 71cb402c404f..dbb0a672380f 100644
--- a/mm/kasan/kasan_test.c
+++ b/mm/kasan/kasan_test.c
@@ -333,6 +333,8 @@  static void krealloc_more_oob_helper(struct kunit *test,
 	ptr2 = krealloc(ptr1, size2, GFP_KERNEL);
 	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2);
 
+	OPTIMIZER_HIDE_VAR(ptr2);
+
 	/* All offsets up to size2 must be accessible. */
 	ptr2[size1 - 1] = 'x';
 	ptr2[size1] = 'x';
@@ -365,6 +367,8 @@  static void krealloc_less_oob_helper(struct kunit *test,
 	ptr2 = krealloc(ptr1, size2, GFP_KERNEL);
 	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2);
 
+	OPTIMIZER_HIDE_VAR(ptr2);
+
 	/* Must be accessible for all modes. */
 	ptr2[size2 - 1] = 'x';
 
@@ -578,13 +582,14 @@  static void kmalloc_memmove_invalid_size(struct kunit *test)
 {
 	char *ptr;
 	size_t size = 64;
-	volatile size_t invalid_size = size;
+	size_t invalid_size = size;
 
 	ptr = kmalloc(size, GFP_KERNEL);
 	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
 
 	memset((char *)ptr, 0, 64);
 	OPTIMIZER_HIDE_VAR(ptr);
+	OPTIMIZER_HIDE_VAR(invalid_size);
 	KUNIT_EXPECT_KASAN_FAIL(test,
 		memmove((char *)ptr, (char *)ptr + 4, invalid_size));
 	kfree(ptr);